none
The Active Directory integrated DNS zone _msdcs.domainname was not found RRS feed

  • Question

  • Hello guys

    Here is the problem what I have, We used to have  2 dc server one was server 2000 which was my secondary  and other one is 2003 r2 which was my primary  dc,

    Then Recently we have bought another server and I have  2003  migrated  to 2008 r2 (I fallowed the ms migration instructions) Then I removed server 2000 via dcpromo, However When I scan my DNS server via  best Analyzer   I am getting "The Active Directory integrated DNS zone _msdcs.domainname was not found" this error But I have msdcs zone is already on DNS server. Do you guys know how I can fix this problem, I have seen ms instruction it looks very complicated.

    • Edited by ferhat Indi Thursday, November 18, 2010 1:51 PM k
    Thursday, November 18, 2010 1:51 PM

All replies

  • Since you have upgraded from Windows 2000, _msdcs should be under the main (parent) zone.  Are you experiencing any DNS or AD related issues?


    Santhosh Sivarajan | MCTS, MCSE (W2K3/W2K/NT4), MCSA (W2K3/W2K/MSG), CCNA, Network+ Houston, TX

    Blogs - http://blogs.sivarajan.com/
    Articles - http://www.sivarajan.com/publications.html
    Twitter: @santhosh_sivara - http://twitter.com/santhosh_sivara

    This posting is provided AS IS with no warranties, and confers no rights.
    Thursday, November 18, 2010 1:55 PM
  • Hello,

    to get you correct, the Windows server 2008 R2 doesn't show the _msdcs.... zone but the Windows server 2003 does?


    Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.
    Thursday, November 18, 2010 2:07 PM
  • Since you have upgraded from Windows 2000, _msdcs should be under the main (parent) zone.  Are you experiencing any DNS or AD related issues?


    Santhosh Sivarajan | MCTS, MCSE (W2K3/W2K/NT4), MCSA (W2K3/W2K/MSG), CCNA, Network+ Houston, TX

    Blogs - http://blogs.sivarajan.com/
    Articles - http://www.sivarajan.com/publications.html
    Twitter: @santhosh_sivara - http://twitter.com/santhosh_sivara

    This posting is provided AS IS with no warranties, and confers no rights.

    So far I had one AD issue which is I cannot see my remote locations( different ip blog)  on my windows network, Actually I use dameware and I can see my local network pc  but  not remote locations , however I can ping and connect manually.
    Thursday, November 18, 2010 2:14 PM
  • They both show msdcs.. zone, I browsed the both  zones  and compared, everything is same 
    Thursday, November 18, 2010 2:16 PM
  • Hello,

    so you followed this article after the upgrade to Windows server 2003: http://support.microsoft.com/kb/817470

    Do you use the latest updates for BPA:

    http://www.microsoft.com/downloads/en/details.aspx?FamilyID=45a9c434-163f-47ed-a285-60e1c0b988b9&displaylang=en

    http://blogs.technet.com/b/askds/archive/2010/08/02/new-dns-and-ad-ds-bpa-s-released-or-the-most-accurate-list-of-dns-recommendations-you-will-ever-find-from-microsoft.aspx


    Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.
    Thursday, November 18, 2010 2:22 PM
  • Articles did not worked out on my environment, Obviously  my msdcs zone has been corrupted.

    What if I remove the msdcs... and create a new one? But Is there a instruction ffrom ms for 2008r2?

     

    Thursday, November 18, 2010 7:18 PM
  • Hello,

    if you think about to rebuild DNS, please see: http://support.microsoft.com/kb/294328, still applies.

    Don't forget to have a backup in case something fails.


    Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.
    Thursday, November 18, 2010 7:38 PM
  • Did you try restarting the Netlogon service? 


    Santhosh Sivarajan | MCTS, MCSE (W2K3/W2K/NT4), MCSA (W2K3/W2K/MSG), CCNA, Network+ Houston, TX

    Blogs - http://blogs.sivarajan.com/
    Articles - http://www.sivarajan.com/publications.html
    Twitter: @santhosh_sivara - http://twitter.com/santhosh_sivara

    This posting is provided AS IS with no warranties, and confers no rights.
    Friday, November 19, 2010 9:02 PM
  • Yes I did, But still giving me  the same error. I have already removed windows 2000 from the system. So far I did not have any major issue, like I said I  cant see remote pc on my network, however I am able to ping  and connect them not big deal. Never rebulit dns before i am gonna have to test first on lab environment, see what happens.
    Saturday, November 20, 2010 12:20 AM
  • What do you mean by “I  can’t see remote pc on my network” ?  Are these PCs part of your AD domain?


    Santhosh Sivarajan | MCTS, MCSE (W2K3/W2K/NT4), MCSA (W2K3/W2K/MSG), CCNA, Network+ Houston, TX

    Blogs - http://blogs.sivarajan.com/
    Articles - http://www.sivarajan.com/publications.html
    Twitter: @santhosh_sivara - http://twitter.com/santhosh_sivara

    This posting is provided AS IS with no warranties, and confers no rights.
    Sunday, November 21, 2010 5:49 PM
  • When you go to my network and search computers I am able to only find the computers which they are located on local network, however I don`t see the computers which they are on remote location (point to point and mpls) However I can ping them and i can get the rdp, or \\remotelocationpc\c$ no problem on this.

     

    Sunday, November 21, 2010 7:47 PM
  • I have had this exact problem for months and I want everyone to know the real answer. Deleting your primary zone and recreating it will not fix this issue and is quite a long frustrating process in a large forest.

    It seems our issue was really caused by the fact that our DNS zone was originally created in Win2000. These devices were eventually upgraded to Win2003, and most recently, migrated to 2008 R2.

    Win2000 implemented _msdcs as a subfolder of the DNS zone. The recommended config for 2003 and 2008 AD-Integrated DNS zones, is that _msdcs be moved to a separate AD-integrated primary zone as _msdcs.ForestFQDN. However, the zones created in 2000 are not changed to this config when DNS is upgraded or migrated 2003 or 2008.

    To fix this you need to manually create a new "separate"active directory integrated primary zone _msdcs.ForestFQDN  and remove the old subfolder under the existing primary zone. (after successful config and replication). Then run your best practices analyzer in 2008R2 and see the problem is no longer...

    • Proposed as answer by Tim Baldwin Friday, January 20, 2012 5:53 PM
    Friday, January 20, 2012 5:51 PM
  • Thanks so much! I was looking at the exact same issue.
    Friday, February 10, 2012 6:02 PM
  • Thank you Tim. This has been a real hassle for quite some time and has been holding back my domain migration to 2008R2.

    As Tim stated, manually create the _msdcs.ForestFQDN. I right-clicked the Forward Lookup Zones/New Zone.../Next/Select "Primary zone" radio button and the "Store the zone in Active Directory" check box (these are defaults)/Next/for replication scope I selected "To all DNS servers running on domain controllers in this domain" (I have a simple single forest, single domain config)/Next/Zone Name: _msdcs.ForectFQDN

    Wait for replication and population of the zone. The population appears to happen automatically (DC,Domains,GC,PDC folders and NS, SOA, and Alias records), be patient and refresh your view on the other DNS servers where you expect this zone to replicate to.

    I re-ran the Best Practices Analyzer and my server came up clean, no recommendations. Whew, I hope this helps. It has been days of Googling trying to get this sorted out. Again, Thank you Tim.

    kg

     

    • Proposed as answer by BriGy86 Wednesday, July 16, 2014 8:36 PM
    Sunday, February 26, 2012 5:41 PM
  • I have Single Forest, Multiple Domains. Do I replicate "To all DNS servers running on the domain controllers in this forest" rather than just the domain?

    Peterand

    Tuesday, March 6, 2012 9:47 PM
  • This is an old thread. Please a new thread with your question.


    Santhosh Sivarajan | Houston, TX
    http://www.sivarajan.com/

    FaceBook Twitter LinkedIn SS Tech Forum

    This posting is provided AS IS with no warranties,and confers no rights.

    Wednesday, March 7, 2012 3:42 PM
  • Friday, December 7, 2012 3:50 PM
  • Thanks! This issue really had me concerned for a while...

    "Erk, that's greyed out. Still, it'll be on another DC...erk, it's greyed out on that one too. Arg, they're all grey! My domain is in trouble!" (etc.)


    I told you the Amiga was better

    Saturday, June 29, 2013 12:17 AM
  • Thank you so much for this answer. It worked perfectly. We had a failed Exchange 2010 SP3 upgrade that seemed to foul up many components. One of which was AD and DNS. I also read about backing up and removing DNS. I wanted no part of that being that the customer only has one server doing everything as far as AD and Exchange. Yes I know that's a bad idea but the customers dollars do the talking. Way to go!!!
    Wednesday, September 25, 2013 4:03 AM
  • Thanks for the answer.  After finding this I also stumbled on the official Microsoft article, How to reconfigure an _mscds subdomain to a forest-wide DNS application directory partition when you upgrade from Windows 2000 to Windows Server 2003: http://support.microsoft.com/kb/817470/en-us . 
    Tuesday, November 19, 2013 4:18 PM
  • Thank you!  Tim's solution worked for me! Microsoft should explain that on the link they provide on the BPA tool so that we don't have to be googling around for answers.

    Jose Angel Rivera



    • Edited by balboa41 Thursday, February 6, 2014 3:50 AM
    Thursday, February 6, 2014 3:48 AM
  • Did you delete the _msdcs folder first? I'm having the same exact issue as this and when I follow your instructions i get "The server has encountered an error" and won't do any thing after.
    Thursday, September 4, 2014 4:52 PM
  • Nice one Tim, not sure why this isn't showing at the top.
    Thursday, October 15, 2015 1:18 PM
  • This is the exact fix I was looking for.  Thanks @kgills and @TIM Baldwin
    Monday, February 22, 2016 6:30 PM
  • Thank you very much!
    Friday, June 24, 2016 4:34 AM
  • Thank you both Baldwin and kgills for solving my problem. Microsoft explanations look too complicated

    Monday, October 24, 2016 3:58 PM
  • I just noticed that this situation exists in my DNS system, however I haven't noticed any DNS problems.  I am running 2012R2 servers.  is this something that HAS to be fixed or can it be left alone?

    I am actually scheduling to remove the oldest DC from the domain.

    Thursday, November 10, 2016 9:51 PM
  • DigitalMan161 did you get an answer for your situation?  I'm about to shutdown a Server 2003 DC with DNS to a Server 2012 DC with DNS and receive the _msdcs errors in BPA.  Did you apply a fix or leave the error alone?

    Monday, January 30, 2017 3:19 PM