Windows 2019 RemoveDnsServerZoneDelegation RRS feed

  • Question

  • I asked this over on the windows forums, but I think here is more appropriate.

    Many years ago I set up my test domain with a Windows 2008 R2 domain controller, and I named the DC "toph". At some point I decided to start naming my servers with characters from GI Joe, so I renamed the DC to "duke". Fast forward to this month. I've drug my feet (a lot) in upgrading my domain controller, so I decided to go from 2008 R2 right to 2019. I set up a 2019 server (cleverly named duke2), added it as a DC, transferred the fsmo roles, and then shut down the old domain controller (duke, formerly toph) for a week or so to make sure all the other computers in the lab were using the new DC properly. I used the approach found here:

    Satisfied things looked good, today I started the old DC back up, ran dcpromo, and things went fine except it told me it wasn't able to Delete the Zone Delegation, and I'd have to do that manually. Not a problem. DCPROMO completed and the old 2008 R2 server was no longer a DC. I checked Get-ADForest and Get-ADDomain and all looked well, so I went ahead and raised the forest level to 2016.

    I then decided to attempt to manually remove the zone delegation as was instructed by the DCPROMO command. I found the powershell command Remove-DnsServerZoneDelegation, which I figured would probably be involved, but first I decided to run the related command Get-DnsServerZoneDelegation, and that's when I got this error.

    Get-DnsServerZoneDelegation : There is no glue record associated with the name server toph.<mydomain>.net. in zone <mydomain>.net hosted on server DUKE2.
    At line:1 char:1
    + Get-DnsServerZoneDelegation
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~
        + CategoryInfo          : ObjectNotFound: (DUKE2:root/Microsoft/...rZoneDelegation) [Get-DnsServerZoneDelegation], CimException
        + FullyQualifiedErrorId : WIN32 9714,Get-DnsServerZoneDelegation

    Somehow the original name for the 2008 R2 DC has gotten stuck somewhere it shouldn't be. Can anyone help me get this worked out? Everything in the domain seems to be working, but clearly there's more cleanup to do.

    Saturday, February 15, 2020 3:14 AM


  • the following might help


    • Marked as answer by Alex3117 Saturday, February 15, 2020 4:46 PM
    Saturday, February 15, 2020 4:02 AM

All replies

  • the following might help


    • Marked as answer by Alex3117 Saturday, February 15, 2020 4:46 PM
    Saturday, February 15, 2020 4:02 AM
  • That link was helpful and indeed I did find "toph.<mydomain>.net" under the grayed out _mscds folder. Should I remove it or rename it to the old DC?
    Saturday, February 15, 2020 2:42 PM
  • You need to remove all references to the old DC

    You might want to also step through


    Saturday, February 15, 2020 4:09 PM
  • I think I solved that problem.

    PS C:\Windows\system32> Get-DnsServerZoneDelegation

    cmdlet Get-DnsServerZoneDelegation at command pipeline position 1
    Supply values for the following parameters:

    ZoneName     ChildZoneName        NameServer          IPAddress
    --------     -------------        ----------          ---------
    <mydomain>.net _msdcs.<mydomain>.net. duke2.<mydomain>.net.

    Now I'll need to go through and clean up the other references as you suggested.


    Saturday, February 15, 2020 4:47 PM
  • Hello,

    Thank you for posting in our TechNet forum.

    So glad to hear that we have solved the problem. Please feel free to contact us if you would like other assistance.

    Best regards,
    Hannah Xiong

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact

    Monday, February 17, 2020 2:08 AM