Solved

DNS zone 'dissappeared'

Posted on 2013-05-17
4
375 Views
Last Modified: 2013-07-22
Hi,

I had an issue where the DNS zone 'disappeared' from the network DNS and that change was replicated to all AD DNS servers.

I want to know if the two changes I made with regards to DNS would have done that.

BACKGROUND;

HQDC01 & DC02 = Win2012
BRANCHDC01 = Win08R2

A branch DC/ DNS server was not replicating the netlogon folder, on HQDC01 I discovered that the branch DC was not replying to NetBIOS / FQDN pings but IP pings was fine. On the branch DC (connected to HQ via a firewall VPN)  the DC could not ping itself either.

TROUBLESHOOTING;
I check the DNS resource A record. That was fine. THE DC was in the Name server tabs. I added in a second IP on the server and added in an A record and that pinged okay, I removed the second IP and the  record. IT had to be the A Record, So I deleted the A record of the Branch server and manually added it again. I pinged itself the NetBIOS replied okay but the FQDN replied with the wan IP of the site.
On the HQ servers the branch server now also replied with WAN IP on bother NETBIOS and FQDN names.
In the DNS manager on HQDC01 on the zone. I reloaded it, then went through the setting and saw that in the zone transfer tab it was unticked. I ticked it and selected to all in the named server tabs. I checked the other HQDC02 DNS server but when I clicked on the zone it would not expand and after a refresh of the console it was gone, then they same back on HQDC01. the branch server was fine. I stopped the DNS server and tried to copy the ..\\system32\dns folder in the fear that the missing zone with replicate to this server. IT did when I started the service again.

On the branch server the dns zone's .dns file was in the \dns folder but on the two HQ servers it was not. I copied the .dns folder to both their their \dns folder and recreated the zone and clicked on reload, but it did not repopulate. I then had to recreated some A host record of member servers and eventually it started to repopulate as Machines started to communicate with them.


QUESTION: Can the Removal of a DNS server's A host record do this or changing the Transfer Zone settings or both?

Thanks,

GNS
0
Comment
Question by:ggntt
  • 2
  • 2
4 Comments
 
LVL 39

Assisted Solution

by:footech
footech earned 500 total points
ID: 39175320
No.  Changing the Transfer Zone settings could affect a secondary zone but not a primary.
Are the zones set up as AD-integrated on all servers?
You may want to run dcdiag /v /test:dns and repadmin /showrepl on each of the machines.
Also, you might want to check out the article.  Duplicate zones could be a cause for the zones disappearing.
http://msmvps.com/blogs/acefekay/archive/2009/09/02/using-adsi-edit-to-resolve-conflicting-or-duplicate-ad-integrated-dns-zones.aspx
0
 

Author Comment

by:ggntt
ID: 39185921
Hi footech

The two tests run fine now as I created a new zone.

Looking at the duplicate zones link. The zones that we 'had' where there for years. The 2012 Servers where live for about three weeks. Just trying to fine out what happened.

I have noticed that some of the member servers even though they detect the network location is a domain, it does not recognise it has internet, yet IE shows otherwise!


-Thanks

GNS
0
 
LVL 39

Accepted Solution

by:
footech earned 500 total points
ID: 39186194
See here for a good explanation of how the Network Connectivity Status Indicator works.
http://blog.superuser.com/2011/05/16/windows-7-network-awareness/

In case the link ever changes, here's the most relevant content.
Windows does indeed check a Microsoft site for connectivity, using the Network Connectivity Status Indicator site. There are a few variations of the connection checking process:
1.NCSI performs a DNS lookup on www.msftncsi.com, then requests http://www.msftncsi.com/ncsi.txt. This file is a plain-text file and contains only the text Microsoft NCSI.
2.NCSI sends a DNS lookup request for dns.msftncsi.com. This DNS address should resolve to 131.107.255.255. If the address does not match, then it is assumed that the internet connection is not functioning correctly.

The exact sequence of when which test is run is not documented; however, a little bit of digging around with a packet sniffing tool like Wireshark reveals some info. It appears that on any connection, the first thing NCSI does is requests the text file (step 1 above). NCSI expects a 200 OK response header with the proper text returned. If the response is never received, or if there is a redirect, then a DNS request for dns.msftncsi.com is made. If DNS resolves properly but the page is inaccessible, then it is assumed that there is a working internet connection, but an in-browser authentication page is blocking access to the file. This results in the pop-up balloon above. If DNS resolution fails or returns the wrong address, then it is assumed that the internet connection is completely unsuccessful, and the “no internet access” error is shown.

The order of events appears to be slightly different depending on whether the wireless network is saved, has been connected to before even if it is not in the saved connections list, and possibly depending on the encryption type. The DNS and HTTP requests and responses showing up in Wireshark were not always consistent, even connecting to the same network, so it’s not entirely clear what causes different methods of detection under different scenarios.
0
 

Author Comment

by:ggntt
ID: 39344145
I have given up on this. Not because of lack of answers, but because the customers has not pushed for an answer.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Some time ago I faced the need to use a uniform folder structure that spanned across numerous sites of an enterprise to be used as a common repository for the Software packages of the Configuration Manager 2007 infrastructure. Because the procedu…
BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now