none
Problem with stub zone RRS feed

  • Question

  • Suddenly, there was a problem with the stub zone.

    There are two forests mos.smt.com and SFH. Local. They were linked by a trusting relationship. DNS servers are running the appropriate stub zones. Zones are integrated into AD.

    Yesterday I found that the stub-zone sfh. Local has stopped working in the mos.smt.com domain. In the results field, you receive:

    The zone is not loaded by the DNS server.

    An error is also logged in the event log:

    Source: DNS-Server-Service

    ID: 6534

    Failed transfer of zone sfh.local from DNS server at %2. The DNS server at 172.16.201.50 aborted or failed to complete transfer of the zone. Check the DNS server at 172.16.201.50 and ensure it is properly functioning and authoritative for zone sfh.local.

    Tried to ping. Also tried to change zone transfer settings in SFH. Local: Allow safe and unsafe transmissions. Also set the permission to transfer the zone to all servers.

    Sometimes, if you try to manually request a zone transfer, an error occurs:

    The zone transfer was unsuccessful.

    The zone is locked for transfer or update.

    Does anyone tell you what you can do?

    Wednesday, May 8, 2019 8:03 AM

Answers

All replies

  • Hi,

    Please check the configuration of zone transfer:

    https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/dd349618(v%3dws.10)  

    You can also try to recreate the stub zone.

    Have you updated the server recently? there is a known issue about windows 2019.

    Zone transfers between primary and secondary DNS servers over the Transmission Control Protocol (TCP) may fail after installing this update.

    https://support.microsoft.com/en-sg/help/4495667  

    Best regards,

    Travis


    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Wednesday, May 8, 2019 10:01 AM
    Moderator
  • Hi,

    I have the same issue with a fully patched Windows 2016 Server. I read it as a known issues in the release notes from the last CU.

    Is there a workaround for this issues? We have now many DNS problems with our trusted domain! 

    Best regards

    Tobias

    Wednesday, May 8, 2019 11:04 AM
  • Thanks for answer.

    In my case KB4493473 was the cause of the problemю

    Thanks for your help.

    • Marked as answer by msandrosov Wednesday, May 8, 2019 12:00 PM
    Wednesday, May 8, 2019 12:00 PM
  • Hi,

    Microsoft is working on a resolution and will provide an update in an upcoming release.

    Meanwhile, I would suggest you report feedback to Microsoft.

    I will watching closely to this issue, If there is any related update, I will let you know. 

    Best regards,

    Travis


    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Thursday, May 9, 2019 6:16 AM
    Moderator
  • Hi,

    Good to hear that you have solved this issue by yourself. In addition, thanks for sharing your solution in the forum as it would be helpful to anyone who encounters similar issues.

    If there is anything else we can do for you, please feel free to post in the forum.

    Best regards,

    Travis


    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Thursday, May 9, 2019 6:16 AM
    Moderator
  • Hi all,

    I found the same problem on 2019 server, with KB4495667

    https://support.microsoft.com/en-sg/help/4495667/windows-10-update-kb4495667

    Same error reported by msandrosov.

    Fortunately it happened to a newly installed 3rd DC, still not in production.
    It fails to copy a secondary zone from the DNS servers of another domain, while my other DC 2008 and 2012 work perfectly.

    At this point I don't know whether to try to uninstall the update in question or wait for news from Microsoft.

    Best regargs,

    Edoardo

    Thursday, May 9, 2019 7:19 AM
  • Hi Help Desk CED,

    Microsoft is working on a resolution and will provide an update in an upcoming release.

    Best regards,

    Travis


    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Friday, May 10, 2019 5:14 AM
    Moderator
  • Glad I found this today.  I had two newly installed 2016 DCs with this same issue.  Uninstalling KB4493473 got things going again for me as well.
    Saturday, May 11, 2019 4:47 AM
  • For anyone still having this issue, I'm sure the KB4493473 was the root cause.  However with the installation of the May 2019 update, this issue, thankfully, appears to have been corrected.  
    Monday, May 20, 2019 8:58 PM