DNS zone 'dissappeared'


I had an issue where the DNS zone 'disappeared' from the network DNS and that change was replicated to all AD DNS servers.

I want to know if the two changes I made with regards to DNS would have done that.


HQDC01 & DC02 = Win2012
BRANCHDC01 = Win08R2

A branch DC/ DNS server was not replicating the netlogon folder, on HQDC01 I discovered that the branch DC was not replying to NetBIOS / FQDN pings but IP pings was fine. On the branch DC (connected to HQ via a firewall VPN)  the DC could not ping itself either.

I check the DNS resource A record. That was fine. THE DC was in the Name server tabs. I added in a second IP on the server and added in an A record and that pinged okay, I removed the second IP and the  record. IT had to be the A Record, So I deleted the A record of the Branch server and manually added it again. I pinged itself the NetBIOS replied okay but the FQDN replied with the wan IP of the site.
On the HQ servers the branch server now also replied with WAN IP on bother NETBIOS and FQDN names.
In the DNS manager on HQDC01 on the zone. I reloaded it, then went through the setting and saw that in the zone transfer tab it was unticked. I ticked it and selected to all in the named server tabs. I checked the other HQDC02 DNS server but when I clicked on the zone it would not expand and after a refresh of the console it was gone, then they same back on HQDC01. the branch server was fine. I stopped the DNS server and tried to copy the ..\\system32\dns folder in the fear that the missing zone with replicate to this server. IT did when I started the service again.

On the branch server the dns zone's .dns file was in the \dns folder but on the two HQ servers it was not. I copied the .dns folder to both their their \dns folder and recreated the zone and clicked on reload, but it did not repopulate. I then had to recreated some A host record of member servers and eventually it started to repopulate as Machines started to communicate with them.

QUESTION: Can the Removal of a DNS server's A host record do this or changing the Transfer Zone settings or both?


Who is Participating?
See here for a good explanation of how the Network Connectivity Status Indicator works.

In case the link ever changes, here's the most relevant content.
Windows does indeed check a Microsoft site for connectivity, using the Network Connectivity Status Indicator site. There are a few variations of the connection checking process:
1.NCSI performs a DNS lookup on www.msftncsi.com, then requests http://www.msftncsi.com/ncsi.txt. This file is a plain-text file and contains only the text Microsoft NCSI.
2.NCSI sends a DNS lookup request for dns.msftncsi.com. This DNS address should resolve to If the address does not match, then it is assumed that the internet connection is not functioning correctly.

The exact sequence of when which test is run is not documented; however, a little bit of digging around with a packet sniffing tool like Wireshark reveals some info. It appears that on any connection, the first thing NCSI does is requests the text file (step 1 above). NCSI expects a 200 OK response header with the proper text returned. If the response is never received, or if there is a redirect, then a DNS request for dns.msftncsi.com is made. If DNS resolves properly but the page is inaccessible, then it is assumed that there is a working internet connection, but an in-browser authentication page is blocking access to the file. This results in the pop-up balloon above. If DNS resolution fails or returns the wrong address, then it is assumed that the internet connection is completely unsuccessful, and the “no internet access” error is shown.

The order of events appears to be slightly different depending on whether the wireless network is saved, has been connected to before even if it is not in the saved connections list, and possibly depending on the encryption type. The DNS and HTTP requests and responses showing up in Wireshark were not always consistent, even connecting to the same network, so it’s not entirely clear what causes different methods of detection under different scenarios.
No.  Changing the Transfer Zone settings could affect a secondary zone but not a primary.
Are the zones set up as AD-integrated on all servers?
You may want to run dcdiag /v /test:dns and repadmin /showrepl on each of the machines.
Also, you might want to check out the article.  Duplicate zones could be a cause for the zones disappearing.
ggnttAuthor Commented:
Hi footech

The two tests run fine now as I created a new zone.

Looking at the duplicate zones link. The zones that we 'had' where there for years. The 2012 Servers where live for about three weeks. Just trying to fine out what happened.

I have noticed that some of the member servers even though they detect the network location is a domain, it does not recognise it has internet, yet IE shows otherwise!


ggnttAuthor Commented:
I have given up on this. Not because of lack of answers, but because the customers has not pushed for an answer.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.