slhbsm
asked on
Broken AD Integrated DNS Zone
I have an existing active directory integrated DNS zone - let's call it company.com
I was trying to create a subdomain A record using dnscmd, and used the following commands
dnscmd /zoneadd sub.company.com /DsPrimary /DP /domain
dnscmd /recordadd sub.company.com webserver A 192.168.50.150
I realize now that this is incorrect syntax, however, I cannot delete this single subdomain. When I try to delete sub.company.com in the DNS GUI, it appears to delete, but the AD DNS servers still answer queries for the webserver.sub.company.com A record - even though it doesn't exist. I've tried a zone reload, server reboot, to no avail.
The only information I've seen about cleaning up bad records in an AD integrated zone is this from Microsoft:
https://support.microsoft.com/en-us/kb/305967
This involves deleting the zone and adding it back in. As this zone is critical to a number of applications, and we have 7 domain controllers in 5 locations, it's a scary proposition.
Does anyone know how I can clean up the sub.company.com zone without deleting and recreating the entire company.com zone?
I was trying to create a subdomain A record using dnscmd, and used the following commands
dnscmd /zoneadd sub.company.com /DsPrimary /DP /domain
dnscmd /recordadd sub.company.com webserver A 192.168.50.150
I realize now that this is incorrect syntax, however, I cannot delete this single subdomain. When I try to delete sub.company.com in the DNS GUI, it appears to delete, but the AD DNS servers still answer queries for the webserver.sub.company.com A record - even though it doesn't exist. I've tried a zone reload, server reboot, to no avail.
The only information I've seen about cleaning up bad records in an AD integrated zone is this from Microsoft:
https://support.microsoft.com/en-us/kb/305967
This involves deleting the zone and adding it back in. As this zone is critical to a number of applications, and we have 7 domain controllers in 5 locations, it's a scary proposition.
Does anyone know how I can clean up the sub.company.com zone without deleting and recreating the entire company.com zone?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Have you checked all of your DNS servers - the changes should be replicating. But you may want to verify. Run a Dcdiag and post the sanitized results
Thanks for posting back what worked for you.
ASKER
Worked
I've done the exact steps you described above, and after deleting the zone, queries for the record come back with none found.