none
Missing _msdcs zone in one of the 2 dns servers RRS feed

  • Question

  • Hi,

    I am checking domain setup prior to doing some work on the domain. I have a single 2008 Server R2 DC running DNS, and a member 2012 Server running a 2nd DNS server.

    I ran dcdiag, and saw a lot of errors in the dns test section, where the Server 2012 dns server had various missing records under_msdcs zone. I checked on the dns server running on the Server 2012 member server, and indeed it did not have a forward zone _msdcs.ad. abc.com, whereas the dns server on the DC did.  

    Warning: 
                         Missing CNAME record at DNS server 192.168.252.7: 
                         5c68fdec-a768-4fe6-902f-fa26c329244b._msdcs.ad.abc.com
                        [Error details: 9003 (Type: Win32 - Description: DNS name does not exist.)]

    Error: 
                         Missing SRV record at DNS server 192.168.252.7:
                         _ldap._tcp.f789653b-f22e-4dab-8e3f-b835c96cdc58.domains._msdcs.ad.abc.com
                         [Error details: 9003 (Type: Win32 - Description: DNS name does not exist.)]

    Is this a genuine error ? If so how do I fix it ?

    Thanks

    Tony

    Wednesday, March 28, 2018 5:00 PM

Answers

All replies

  • Hi Tony,

    Have a nice day! Thanks for your question.

    This issue can be caused by incorrect Netlogon settings in Group Policy or in the registry. It can also be caused by a failure in the DNS registration process. So that other member servers and domain controllers in the domain or forest can locate this domain controller as a writeable domain controller in the domain and forest, the correct set of DNS service (SRV) resource records must be registered by the domain controller Locator (DC Locator).

    Please try the following link and resolve the issue as mentioned steps. Be sure you have a system state backup of the server before starting the process!

    https://community.spiceworks.com/topic/2026314-how-do-i-resolve-missing-srv-record-at-dns-server-issues-on-my-network

    Please Note: Since the web site is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.

    AD DS: This domain controller must register a DNS SRV resource record, which is required for replication to function correctly

    https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/dd378970(v=ws.10)

    When troubleshooting the issue involving the _msdcs zone, if all other steps fail to resolve the problem, it may be necessary to delete and recreate the zone.

    Please refer to the following article, This article provides the procedure for doing so.

    How to Delete and Recreate the _msdcs DNS zone on a Windows DNS Server

    http://www.dell.com/support/article/sg/en/sgdhs1/sln155826/how-to-delete-and-recreate-the-_msdcs-dns-zone-on-a-windows-dns-server?lang=en

    Hope above information can help you. I look forward hearing your good news.

    Highly appreciate your effort and time. If you have any questions and concerns, please feel free to let me know.

    Best regards, 

    Michael


    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    • Marked as answer by tonyb2014 Thursday, March 29, 2018 3:11 PM
    Thursday, March 29, 2018 8:55 AM
  • Hi Michael,

    Thanks for the pointers.

    I added the _msdcs zone to the dns server that was not a DC, and changed the actual ip address from their actual addresses to 127.0.0.1 on the network adaptors advanced DNS settings for the DC and secondary DNS server, and the records now seem to work fine.

    Thanks for your help.

    Tony

    Thursday, March 29, 2018 3:11 PM
  • Hi Tony,

    I am very glad to hear that your issue was successfully resolved!

    Thanks for your posting here and sharing the resolution in the forum as it would be helpful to anyone who encounters similar issues. 

    Highly appreciate your successive effort and time. If there is anything else we can do for you, please feel free to post in the forum.

    Wish you have a wonderful day!

    Best regards,

    Michael


    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Friday, March 30, 2018 1:26 AM