Unable to add AD-Integrated DNS Zone
Afternoon Experts,
When trying to add an AD-Integrated DNS Zone to a domain controller we are receiving an error about the required application directory partition not existing. We are also unable to create this partition manually.
running dcdiag showed that both the forest and domain DNS Zones were boiled down to SID's, and an ADSI Edit showed the name was a server that no longer exists in Active Directory.
We have 3 domain controllers currently, the oldest being Server 2012 R2 that is about to be decommissioned. We are currently running DHCP and DNS via a non domain joined server, which is also something we may want to resolve.
My question is, can I just delete these 2 old SID entries in ADSI Edit and have them auto recreate? I attempted to manually change the current ones to the recommended ForestDnsZones.domain.com and DomainDnsZones.domain.com but it pitched a fit.
If I'm missing a step I'm happy to be wrong. Thanks so much guys.
When trying to add an AD-Integrated DNS Zone to a domain controller we are receiving an error about the required application directory partition not existing. We are also unable to create this partition manually.
running dcdiag showed that both the forest and domain DNS Zones were boiled down to SID's, and an ADSI Edit showed the name was a server that no longer exists in Active Directory.
We have 3 domain controllers currently, the oldest being Server 2012 R2 that is about to be decommissioned. We are currently running DHCP and DNS via a non domain joined server, which is also something we may want to resolve.
My question is, can I just delete these 2 old SID entries in ADSI Edit and have them auto recreate? I attempted to manually change the current ones to the recommended ForestDnsZones.domain.com and DomainDnsZones.domain.com but it pitched a fit.
If I'm missing a step I'm happy to be wrong. Thanks so much guys.
Hayes Jupe
Can you please post some screenshots of what you are seeing - your description isnt really clear and this is something you wouldnt want to give advice on unless you were sure.
ASKER
Of course,
I apologize for being too vague. I was trying to create an AD-Integrated forward zone on a new DNS server. Here is the error I receive:
Doing a bit of research suggested I use the dcdiag command. Everything passed except this piece:
And here is the ADSI Partitions Output
Can I just edit the properties of the top 2 to match the CN and dnsRoot to match what dcdiag wants? Or should I delete those 2, reboot, and they be auto created?
Again we currently aren't using any AD-Integrated DNS servers because of this issue.
Thanks for helping me remember to flesh it out a bit.
I apologize for being too vague. I was trying to create an AD-Integrated forward zone on a new DNS server. Here is the error I receive:
Doing a bit of research suggested I use the dcdiag command. Everything passed except this piece:
And here is the ADSI Partitions Output
Can I just edit the properties of the top 2 to match the CN and dnsRoot to match what dcdiag wants? Or should I delete those 2, reboot, and they be auto created?
Again we currently aren't using any AD-Integrated DNS servers because of this issue.
Thanks for helping me remember to flesh it out a bit.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
This worked like a champ. Thanks so much.
Kevin
Kevin