Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

While promoting 2012 STD server to DC; "Delegation for this DNS server cannot be created..."

Posted on 2014-10-08
4
365 Views
Last Modified: 2014-10-20
I had a 2003 (sbs) Domain.  I added a 2012-R2-STD DC.  Moved the FSMO roles to the 2012R2 server.  Demoted and removed the 2003 SBS server.

I'm adding a second (2012Std) DC.  I added "Active DIrectory Name Services" Role.  When Promoting this server to as a Domain Controller I received the following Warning

"A delegation for this DNS server cannot be created because the authoritative parent zone  cannot be found or it does not run Windows DNS server.  If you are integrating with an existing DNS infrastructure, you should manually create a delegation to this DNS server in the parent zone to to ensure reliable name resolution from outside the domain "erateoffice.net".  Otherwise, no action is required."

What does this mean?  In general, DNS looks ok on the new DC.

Thank you in advance.
0
Comment
Question by:howmad2
  • 2
4 Comments
 
LVL 1

Expert Comment

by:elchermans
ID: 40369465
How many domains do you have in the Forest? How is DNS configured?

To understand Delegation: lets say you have ABC.com Domain and as a child domain you have 123.ABC.com

Basically, on the ABC.com DCs, in the DNS  console,  you will have a zone called 123.ABC.com and under the properties of that you will add the IPs of the DNS servers ( of 123.ABC.com) as Name Servers (under the name servers tab).

So by pointing computers and servers that are in 123.abc.com to a DNS server in ABC.COM ...  when theres a DNS query , it will go to ABC.COM DNS servers  (instead of just asking its own DNS servers in its own domain) and these will use the name servers configured for 123.ABC.com zone and "delegate" down to them . So you will eventually get to the DNS server in 123.ABC.com which is where the machines and server are in.

This is done to have a central point of redirection for DNS. It gets complicated to manage all the zones  in a multi domain forest, not to mention having trusts with other forests that have multiple domains. The goal is for a computer to point to a DNS server that "knows it all" about every other domain.

So in this case.. its failing to update that delegation for you. If your DNS is not configured with a delegation model, then it will always give that error.
0
 
LVL 9

Accepted Solution

by:
bas2754 earned 250 total points
ID: 40369551
I have done quite a few upgrades from SBS 2003 and I always get this error.  I continue on and have not had any problems.
0
 
LVL 40

Expert Comment

by:footech
ID: 40369614
I'm afraid I don't quite agree with elchermans.  You would continue to point clients in the child domain at the DNS servers for that domain.
To use his example, the delegation would be on the ABC.com domain.  In the ABC.com zone, you would create a delegation for 123.ABC.com, and in the properties of this delegation you would have the name servers for the 123.ABC.com domain.

In a single domain environment, what you will usually see is a zone for your domain, and a zone for _msdcs.yourdomain.com.  The _msdcs zone should have a replication scope of "all DNS servers in the forest".  Inside the zone yourdomain.com will be the delegation for _msdcs.  In the properties of that delegation just update it to include all your DNS servers.
0
 
LVL 1

Assisted Solution

by:elchermans
elchermans earned 250 total points
ID: 40370717
Footech,  I wasnt telling him to change his DNS model or to change where hes pointing his DNS... I was explaining what DNS delegation means. I have no idea how his DNS environment is configured.

howmad2, you can ignore the error message, its fine. The point of my explanation was to prove why you can ignore it.

How is DNS configured in your environment? (how many domains, how many dns servers, how many zones, etc) ??
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This article will review the basic installation and configuration for Windows Software Update Services (WSUS) in a Windows 2012 R2 environment.  WSUS is a Microsoft tool that allows administrators to manage and control updates to be approved and ins…
The reason that corporations and businesses use Windows servers is because it supports custom modifications to adapt to the business and what it needs. Most individual users won’t need such powerful options. Here I’ll explain how you can enable Wind…
This tutorial will walk an individual through the process of configuring basic necessities in order to use the 2010 version of Data Protection Manager. These include storage, agents, and protection jobs. Launch Data Protection Manager from the deskt…
This tutorial will walk an individual through the process of installing of Data Protection Manager on a server running Windows Server 2012 R2, including the prerequisites. Microsoft .Net 3.5 is required. To install this feature, go to Server Manager…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question