Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Help with Windows DNS Event ID 4515

Posted on 2014-10-06
5
Medium Priority
?
728 Views
Last Modified: 2014-10-15
Hi. We've had event ID 4515 showing in the DNS Event Viewer for a while now and was wondering if someone could help me clear it.
The message is attached.
EventI'm not really fully comprehending what this is trying to tell me.
We have one domain and 3 subnets (1.xx, 2.xx and 3.xx).
The DNS snap-in is shown below.  I've expanded everything as much as possible to try and give you an idea of how its setup.
Please let me know how to proceed or if you need additional information.
I also see that the DOMAIN.local sites show NYC which is an old branch that no longer exists.
It's not shown under the DomainDnsZones or ForestDnsZones.  Can I safely delete that?
The MS website shows the following as one of the possible reasons we'd see this message:
The replication scope for Windows 2000 Active Directory integrated DNS zones are transitioned to domain DNS application partitions or to forest-wide DNS application partitions that are supported by Windows Server 2003 domain controllers.
Our domain used to be Windows 2000 throughout and we eventually migrated to Server 2003. Is this relevant?
Zones
0
Comment
Question by:homerslmpson
  • 2
  • 2
5 Comments
 
LVL 41

Expert Comment

by:footech
ID: 40363915
The event is telling you that you have multiple copies of the zone.  However only one can be loaded at a time.  With AD integrated zones, they can live in one of three places depending on the replication scope - the domain partition, DomainDnsZones, or ForestDnsZones.
See this link for a good explanation.
http://blogs.msmvps.com/acefekay/2009/09/02/using-adsi-edit-to-resolve-conflicting-or-duplicate-ad-integrated-dns-zones/

You'll want to examine each of the locations using ADSI Edit to see which one has the records you want, and delete the zone in any other location.  Once you have a single zone, you can change its replication scope as desired.
0
 
LVL 1

Author Comment

by:homerslmpson
ID: 40364257
I read the following:
"While in ADSI Edit, if you see the same exact named zone in multiple partitions, such as seeing the same zone name in the Domain NC (Name Container) Partition, in the DomainDnsZones App partition), and/or in the ForestDnsZones application partition, you have duplicate zones. If this is the case, then you must choose which zone you want to keep."

2 out of the 3 partitions have a DOMAIN.local folder.
They both have a lot of records.  How can I tell which one I should keep?
What happens if I delete the wrong one?
0
 
LVL 41

Accepted Solution

by:
footech earned 2000 total points
ID: 40364420
The one in the domain partition should be the current one, but you can look at the time on the record objects to confirm that.  Depending on which one you delete, the other one will be loaded.  I recommend you perform the delete after hours in case something goes wrong, but I've done this before and it's pretty safe to do even during business hours.
0
 
LVL 84

Expert Comment

by:David Johnson, CD, MVP
ID: 40364966
Microsoft KB article http://support.microsoft.com/kb/867464 and their suggestions on how to fix it.
0
 
LVL 1

Author Closing Comment

by:homerslmpson
ID: 40382599
I removed the extra copy and haven't seen event 4515 in the event viewer since.
Thanks!
0

Featured Post

NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.
Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

824 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question