domain.local dns forward lookup zone has a red x
Jamie
The dns server encountered a problem while attempting to load the zone. The
zone data may not be available in active directory, or the zone data is
corrupt.
If I right click on the domain.local zone and go to properties it shows
under the general tab as status expired. All other options with a right
click are greyed out.
If I try to delete the zone it says the zone cannot be deleted the active
directory service is not available.
under the dns events it is getting errors 4004 and 4015 and warning 4521.
I'm not sure what to try here. please help
Ace Fekay [MCT]
news:D235A862-FCA4-477D...@microsoft.com...
Hi Jamie,
It initially appears to be a DNS misconfiguration, however to absolutely
determine that, and not something more serious, we'll need additional
information and facts regarding the server's configuration to make a
specific diagnosis. Please post an unedited ipconfig /all of the domain
controller, please. If there is more than one DC, please post one for the
others, as well.
Common causes:
Using the ISP's DNS address in the DC's NIC.
Multiple NICs and or IPs.
RRAS installed on a DC.
IP Routing enabled on a DC.
Domain is a Single Label Name.
The DC has a Disjointed Namespace.
Your ipconfigs will help us determine where the problem lies.
Thank you,
--
Ace
This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.
Please reply back to the newsgroup or forum to benefit from collaboration
among responding engineers, and to help others benefit from your resolution.
Ace Fekay, MCT, MCTS Exchange, MCSE, MCSA 2003 & 2000, MCSA Messaging
Microsoft Certified Trainer
For urgent issues, please contact Microsoft PSS directly. Please check
http://support.microsoft.com for regional support phone numbers.
Jamie
NIC card as well. Here is the ipconfig /all.
Microsoft Windows [Version 6.0.6001]
Copyright (c) 2006 Microsoft Corporation. All rights reserved.
C:\Users\Administrator>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : sv-wmd
Primary Dns Suffix . . . . . . . : wmd.local
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : wmd.local
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom BCM5708C NetXtreme II GigE
(NDIS
VBD Client)
Physical Address. . . . . . . . . : 00-1E-C9-CC-42-98
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 192.168.0.3(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.0.1
DNS Servers . . . . . . . . . . . : 192.168.0.3
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter Local Area Connection* 8:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . :
isatap.{AF7D905F-40E0-4C91-BF36-CAAE4F3F7
C55}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
C:\Users\Administrator>
Ace Fekay [MCT]
Jamie,
Thanks for posting the ipconfig. It actually looks fine. It appears to be
Windows 2008. What errors are in the Event viewer? Post the eventID# and
Source name, please, if any exist.
Also, what replication scope is the zone set to (DNS, zone properties,
replication).
Thanks,
Ace
Jamie
4521, 4004, 4015 all from the dns-server-service.
Ace Fekay [MCT]
> 4521, 4004, 4015 all from the dns-server-service.
>
I apologize, you had already posted them.
Curious, what services have you disabled on the machine? Is the DHCP Client
service disabled? Any others you may or may have not disabled? How about the
AD services?
Also, see what automatic services are not running. You can click on the top
of the startup type column to organize the startup by automatic, manual,
etc.
Ace
Jamie
I have not disabled any. TPM Base Services is the only service with an
automatic that is not started. THe DHCP service is running. The Active
directory domain services is running.
Ace Fekay [MCT]
>I have not disabled any. TPM Base Services is the only service with an
> automatic that is not started. THe DHCP service is running. The Active
> directory domain services is running.
Ok. Good. I assume you mean the DHCP CLIENT service, not the DHCP Server
service. The Client service is what does registration into DNS.
Are you able to change the zone type to a Primary zone (remove it from AD)?
Also, did you demote the 2000 server? Or was it unplugged?
Are you seeing any replication errors in the other logs in Event viewer?
Ace
Jamie
I try to remove the zone from ad and it says "The data on teh primary zone
failed to set. The operation cannot be performed because theis zone is
shutdown."
The 2000 machine was crashed and is gone.
There are also a bunch of 5774 and 5781 source NETLOGON events that are
occurring.
Ace Fekay [MCT]
> Yes the DHCP Client service.
>
> I try to remove the zone from ad and it says "The data on teh primary zone
> failed to set. The operation cannot be performed because theis zone is
> shutdown."
>
> The 2000 machine was crashed and is gone.
>
> There are also a bunch of 5774 and 5781 source NETLOGON events that are
> occurring.
>
Ok, it appears the crashed, or missing DC, is what it's looking for.
Apparently it held a FSMO role, and because it crashed, the FSMOs were never
seized over to the existing server, as well as that the old server's
reference is still in the AD database, is what's causing all the problems.
You'll need to first seize the FSMO roles over to the existing DC. Then
perform a Metadata Cleanup to remove the machine's reference from AD, or
this will continue. Follow the procedure in the following articles, please.
Using Ntdsutil.exe to transfer or seize FSMO roles to a domain controller
(in this case Jamie, you want to seize the roles)
http://support.microsoft.com/kb/255504
Cleanup (Metadata Cleanup) the AD database from the crashed DC - How to
remove data in Active Directory after an unsuccessful domain controller
demotion
http://support.microsoft.com/kb/216498
After that, go into Active Directory Sites and Services, and delete the
servername.
Make sure this DC is a GC. That is also in Sites and Services, Sitename,
click on Server, to the right you will see NTDS, right click, choose
properties, check the box for it to be a GC.
Afer all is done, run the following to check for errors:
dcdiag /v /fix
netdiag /v /fix.
Ace
Jamie
created a new domain. There are only 5 computers so I just joined them all
to the new domain. There is no trace of the old server on the domain because
it was never there.
Ace Fekay [MCT]
> Well let me throw another loop at you. When I put the server in place I
> created a new domain. There are only 5 computers so I just joined them
> all
> to the new domain. There is no trace of the old server on the domain
> because
> it was never there.
Yep, that's a loop. But you're saying there was a 2000 DC, and it is no
longer there. How was it removed? Was it demoted with dcpromo, or
crashed/unplugged?
Ace