The Active Directory integrated DNS zone _msdcs.domainname was not found
-
Thursday, November 18, 2010 1:51 PM
Hello guys
Here is the problem what I have, We used to have 2 dc server one was server 2000 which was my secondary and other one is 2003 r2 which was my primary dc,
Then Recently we have bought another server and I have 2003 migrated to 2008 r2 (I fallowed the ms migration instructions) Then I removed server 2000 via dcpromo, However When I scan my DNS server via best Analyzer I am getting "The Active Directory integrated DNS zone _msdcs.domainname was not found" this error But I have msdcs zone is already on DNS server. Do you guys know how I can fix this problem, I have seen ms instruction it looks very complicated.
- Edited by ferhat Indi Thursday, November 18, 2010 1:51 PM k
All Replies
-
Thursday, November 18, 2010 1:55 PM
Since you have upgraded from Windows 2000, _msdcs should be under the main (parent) zone. Are you experiencing any DNS or AD related issues?
Santhosh Sivarajan | MCTS, MCSE (W2K3/W2K/NT4), MCSA (W2K3/W2K/MSG), CCNA, Network+ Houston, TX
Blogs - http://blogs.sivarajan.com/
Articles - http://www.sivarajan.com/publications.html
Twitter: @santhosh_sivara - http://twitter.com/santhosh_sivara
This posting is provided AS IS with no warranties, and confers no rights. -
Thursday, November 18, 2010 2:07 PM
Hello,
to get you correct, the Windows server 2008 R2 doesn't show the _msdcs.... zone but the Windows server 2003 does?
Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights. -
Thursday, November 18, 2010 2:14 PM
Since you have upgraded from Windows 2000, _msdcs should be under the main (parent) zone. Are you experiencing any DNS or AD related issues?
Santhosh Sivarajan | MCTS, MCSE (W2K3/W2K/NT4), MCSA (W2K3/W2K/MSG), CCNA, Network+ Houston, TX
Blogs - http://blogs.sivarajan.com/
Articles - http://www.sivarajan.com/publications.html
Twitter: @santhosh_sivara - http://twitter.com/santhosh_sivara
This posting is provided AS IS with no warranties, and confers no rights.
So far I had one AD issue which is I cannot see my remote locations( different ip blog) on my windows network, Actually I use dameware and I can see my local network pc but not remote locations , however I can ping and connect manually. -
Thursday, November 18, 2010 2:16 PMThey both show msdcs.. zone, I browsed the both zones and compared, everything is same
-
Thursday, November 18, 2010 2:22 PM
Hello,
so you followed this article after the upgrade to Windows server 2003: http://support.microsoft.com/kb/817470
Do you use the latest updates for BPA:
Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights. -
Thursday, November 18, 2010 7:18 PM
Articles did not worked out on my environment, Obviously my msdcs zone has been corrupted.
What if I remove the msdcs... and create a new one? But Is there a instruction ffrom ms for 2008r2?
-
Thursday, November 18, 2010 7:38 PM
Hello,
if you think about to rebuild DNS, please see: http://support.microsoft.com/kb/294328, still applies.
Don't forget to have a backup in case something fails.
Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights. -
Friday, November 19, 2010 9:02 PM
Did you try restarting the Netlogon service?
Santhosh Sivarajan | MCTS, MCSE (W2K3/W2K/NT4), MCSA (W2K3/W2K/MSG), CCNA, Network+ Houston, TX
Blogs - http://blogs.sivarajan.com/
Articles - http://www.sivarajan.com/publications.html
Twitter: @santhosh_sivara - http://twitter.com/santhosh_sivara
This posting is provided AS IS with no warranties, and confers no rights. -
Saturday, November 20, 2010 12:20 AMYes I did, But still giving me the same error. I have already removed windows 2000 from the system. So far I did not have any major issue, like I said I cant see remote pc on my network, however I am able to ping and connect them not big deal. Never rebulit dns before i am gonna have to test first on lab environment, see what happens.
-
Sunday, November 21, 2010 5:49 PM
What do you mean by “I can’t see remote pc on my network” ? Are these PCs part of your AD domain?
Santhosh Sivarajan | MCTS, MCSE (W2K3/W2K/NT4), MCSA (W2K3/W2K/MSG), CCNA, Network+ Houston, TX
Blogs - http://blogs.sivarajan.com/
Articles - http://www.sivarajan.com/publications.html
Twitter: @santhosh_sivara - http://twitter.com/santhosh_sivara
This posting is provided AS IS with no warranties, and confers no rights. -
Sunday, November 21, 2010 7:47 PM
When you go to my network and search computers I am able to only find the computers which they are located on local network, however I don`t see the computers which they are on remote location (point to point and mpls) However I can ping them and i can get the rdp, or \\remotelocationpc\c$ no problem on this.
-
Friday, January 20, 2012 5:51 PM
I have had this exact problem for months and I want everyone to know the real answer. Deleting your primary zone and recreating it will not fix this issue and is quite a long frustrating process in a large forest.
It seems our issue was really caused by the fact that our DNS zone was originally created in Win2000. These devices were eventually upgraded to Win2003, and most recently, migrated to 2008 R2.
Win2000 implemented _msdcs as a subfolder of the DNS zone. The recommended config for 2003 and 2008 AD-Integrated DNS zones, is that _msdcs be moved to a separate AD-integrated primary zone as _msdcs.ForestFQDN. However, the zones created in 2000 are not changed to this config when DNS is upgraded or migrated 2003 or 2008.
To fix this you need to manually create a new "separate"active directory integrated primary zone _msdcs.ForestFQDN and remove the old subfolder under the existing primary zone. (after successful config and replication). Then run your best practices analyzer in 2008R2 and see the problem is no longer...- Proposed As Answer by Tim Baldwin Friday, January 20, 2012 5:53 PM
-
Friday, February 10, 2012 6:02 PMThanks so much! I was looking at the exact same issue.
-
Sunday, February 26, 2012 5:41 PM
Thank you Tim. This has been a real hassle for quite some time and has been holding back my domain migration to 2008R2.
As Tim stated, manually create the _msdcs.ForestFQDN. I right-clicked the Forward Lookup Zones/New Zone.../Next/Select "Primary zone" radio button and the "Store the zone in Active Directory" check box (these are defaults)/Next/for replication scope I selected "To all DNS servers running on domain controllers in this domain" (I have a simple single forest, single domain config)/Next/Zone Name: _msdcs.ForectFQDN
Wait for replication and population of the zone. The population appears to happen automatically (DC,Domains,GC,PDC folders and NS, SOA, and Alias records), be patient and refresh your view on the other DNS servers where you expect this zone to replicate to.
I re-ran the Best Practices Analyzer and my server came up clean, no recommendations. Whew, I hope this helps. It has been days of Googling trying to get this sorted out. Again, Thank you Tim.
kg
-
Tuesday, March 06, 2012 9:47 PMI have Single Forest, Multiple Domains. Do I replicate "To all DNS servers running on the domain controllers in this forest" rather than just the domain?
Peterand
-
Wednesday, March 07, 2012 3:42 PM
This is an old thread. Please a new thread with your question.
Santhosh Sivarajan | Houston, TX
http://www.sivarajan.com/
This posting is provided AS IS with no warranties,and confers no rights. -
Friday, December 07, 2012 3:50 PM
Thank you guys it solved my problem withDNS+DHCP issues here
- Proposed As Answer by Thameur BourbitaMicrosoft Community Contributor Friday, December 07, 2012 8:19 PM
.png)
