DNS delegation failure on W2K8 when promoting to DC

I have a test machine, Server01, I am trying out server 2008 on, it has one
NIC and is not connected to any existing domain. I have installed DNS and
created primary Forward and Reverse lookup zone for test.local domain and
192.168.0 zones.

When I run dcpromo, I selected 'Yes automatically create DNS delegation
during installation' I am asked for user name and password to create the
delegation on the DNS server. I used server01\administrator and the admin
password.

I then get a message saying: ' DNS zone could not be created because it
already exists, you should check zone configuration and migrate to Active
Directory' I click Ok, then get message saying 'DNS server failure - create
DNS delegation' which then asks me again for credentials to create the
delegation.

I do not know which credentials to enter; I installed the DNS service as the
local administrator on Server01, what other credentials could be required?
No other DNS service is available.

If I click cancel AD installs, but I get Event ID 4013 DNS server AD
integration error in DNS event viewer.

I have tried changing Zone type from Primary to AD integrated in DNS
console. Does not fix problem.

What am I doing wrong?

What is the best way to install AD onto server where DNS already exists?

Thanks, Anastas

Hello Mikoyan,

I never installed a DC with DNS this way. The easiest option is to install
DNS during the promotion.

Did you check on the NIC that this is enabled:
- Select "Append primary and connection specific DNS suffixes"
- Check "Append parent suffixes of the primary DNS suffix"
- Check "Register this connection's addresses in DNS"

Did you select the "Allow Dynamic Update" on the forward lookup zone?

Did you make sure that the DNS domain name and AD domain name are equal?

See this one also:
http://technet.microsoft.com/en-us/l...42(WS.10).aspx

Is the "Intersite messaging" service started and also the DNS server and
DNS client service started?

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


> I have a test machine, Server01, I am trying out server 2008 on, it
> has one NIC and is not connected to any existing domain. I have
> installed DNS and created primary Forward and Reverse lookup zone for
> test.local domain and 192.168.0 zones.
>
> When I run dcpromo, I selected 'Yes automatically create DNS
> delegation during installation' I am asked for user name and password
> to create the delegation on the DNS server. I used
> server01\administrator and the admin password.
>
> I then get a message saying: ' DNS zone could not be created because
> it already exists, you should check zone configuration and migrate to
> Active Directory' I click Ok, then get message saying 'DNS server
> failure - create DNS delegation' which then asks me again for
> credentials to create the delegation.
>
> I do not know which credentials to enter; I installed the DNS service
> as the local administrator on Server01, what other credentials could
> be required? No other DNS service is available.
>
> If I click cancel AD installs, but I get Event ID 4013 DNS server AD
> integration error in DNS event viewer.
>
> I have tried changing Zone type from Primary to AD integrated in DNS
> console. Does not fix problem.
>
> What am I doing wrong?
>
> What is the best way to install AD onto server where DNS already
> exists?
>
> Thanks, Anastas
>

Hi Meinolf

Thanks for the reply

> Did you check on the NIC that this is enabled:
> - Select "Append primary and connection specific DNS suffixes"
> - Check "Append parent suffixes of the primary DNS suffix"
> - Check "Register this connection's addresses in DNS"


Yes these are all correct.
> Did you select the "Allow Dynamic Update" on the forward lookup zone?
>
> Did you make sure that the DNS domain name and AD domain name are equal?


Yes also correct

> See this one also:
> http://technet.microsoft.com/en-us/l...42(WS.10).aspx
>
> Is the "Intersite messaging" service started and also the DNS server and
> DNS client service started?

Yes these are started

I will try again and install DNS and DC at the same time.

Best regards Anastas


"Meinolf Weber [MVP-DS]" <meiweb@(nospam)gmx.de> wrote in message
news:. com...
> Hello Mikoyan,
>
> I never installed a DC with DNS this way. The easiest option is to install
> DNS during the promotion.
>
> Did you check on the NIC that this is enabled:
> - Select "Append primary and connection specific DNS suffixes"
> - Check "Append parent suffixes of the primary DNS suffix"
> - Check "Register this connection's addresses in DNS"
>
> Did you select the "Allow Dynamic Update" on the forward lookup zone?
>
> Did you make sure that the DNS domain name and AD domain name are equal?
>
> See this one also:
> http://technet.microsoft.com/en-us/l...42(WS.10).aspx
>
> Is the "Intersite messaging" service started and also the DNS server and
> DNS client service started?
>
> Best regards
>
> Meinolf Weber
> Disclaimer: This posting is provided "AS IS" with no warranties, and
> confers no rights.
> ** Please do NOT email, only reply to Newsgroups
> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>
>> I have a test machine, Server01, I am trying out server 2008 on, it
>> has one NIC and is not connected to any existing domain. I have
>> installed DNS and created primary Forward and Reverse lookup zone for
>> test.local domain and 192.168.0 zones.
>>
>> When I run dcpromo, I selected 'Yes automatically create DNS
>> delegation during installation' I am asked for user name and password
>> to create the delegation on the DNS server. I used
>> server01\administrator and the admin password.
>>
>> I then get a message saying: ' DNS zone could not be created because
>> it already exists, you should check zone configuration and migrate to
>> Active Directory' I click Ok, then get message saying 'DNS server
>> failure - create DNS delegation' which then asks me again for
>> credentials to create the delegation.
>>
>> I do not know which credentials to enter; I installed the DNS service
>> as the local administrator on Server01, what other credentials could
>> be required? No other DNS service is available.
>>
>> If I click cancel AD installs, but I get Event ID 4013 DNS server AD
>> integration error in DNS event viewer.
>>
>> I have tried changing Zone type from Primary to AD integrated in DNS
>> console. Does not fix problem.
>>
>> What am I doing wrong?
>>
>> What is the best way to install AD onto server where DNS already
>> exists?
>>
>> Thanks, Anastas
>>
>
>

"Mikoyan" <> wrote in message
news:...
> Hi Meinolf
>
> Thanks for the reply
>
>> Did you check on the NIC that this is enabled:
>> - Select "Append primary and connection specific DNS suffixes"
>> - Check "Append parent suffixes of the primary DNS suffix"
>> - Check "Register this connection's addresses in DNS"
>
>
> Yes these are all correct.
>> Did you select the "Allow Dynamic Update" on the forward lookup zone?
>>
>> Did you make sure that the DNS domain name and AD domain name are equal?
>
>
> Yes also correct
>
>> See this one also:
>> http://technet.microsoft.com/en-us/l...42(WS.10).aspx
>>
>> Is the "Intersite messaging" service started and also the DNS server and
>> DNS client service started?
>
> Yes these are started
>
> I will try again and install DNS and DC at the same time.
>

I'm not sure but it may be something to do with the first DC in the forest.
I know you can dcpromo a member server running DNS to an existing domain.
For the first DC in the forest it's probably best to let DNS install during
the promotion.

--
Kerry Brown
MS-MVP - Windows Desktop Experience: Systems Administration
http://www.vistahelp.ca/phpBB2/

Hi Kerry

I did install both at same time successfully.

thanks for your time

Regards Anastas

"Kerry Brown" <*a*m> wrote in message
news:...
>
> "Mikoyan" <> wrote in message
> news:...
>> Hi Meinolf
>>
>> Thanks for the reply
>>
>>> Did you check on the NIC that this is enabled:
>>> - Select "Append primary and connection specific DNS suffixes"
>>> - Check "Append parent suffixes of the primary DNS suffix"
>>> - Check "Register this connection's addresses in DNS"
>>
>>
>> Yes these are all correct.
>>> Did you select the "Allow Dynamic Update" on the forward lookup zone?
>>>
>>> Did you make sure that the DNS domain name and AD domain name are equal?
>>
>>
>> Yes also correct
>>
>>> See this one also:
>>> http://technet.microsoft.com/en-us/l...42(WS.10).aspx
>>>
>>> Is the "Intersite messaging" service started and also the DNS server and
>>> DNS client service started?
>>
>> Yes these are started
>>
>> I will try again and install DNS and DC at the same time.
>>
>
> I'm not sure but it may be something to do with the first DC in the
> forest. I know you can dcpromo a member server running DNS to an existing
> domain. For the first DC in the forest it's probably best to let DNS
> install during the promotion.
>
> --
> Kerry Brown
> MS-MVP - Windows Desktop Experience: Systems Administration
> http://www.vistahelp.ca/phpBB2/
>
>
>
>

Hello Mikoyan,

Thanks for the feedback, nice to hear that you got it.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


> Hi Kerry
>
> I did install both at same time successfully.
>
> thanks for your time
>
> Regards Anastas
>
> "Kerry Brown" <*a*m> wrote in message
> news:...
>
>> "Mikoyan" <> wrote in message
>> news:...
>>
>>> Hi Meinolf
>>>
>>> Thanks for the reply
>>>
>>>> Did you check on the NIC that this is enabled:
>>>> - Select "Append primary and connection specific DNS suffixes"
>>>> - Check "Append parent suffixes of the primary DNS suffix"
>>>> - Check "Register this connection's addresses in DNS"
>>> Yes these are all correct.
>>>
>>>> Did you select the "Allow Dynamic Update" on the forward lookup
>>>> zone?
>>>>
>>>> Did you make sure that the DNS domain name and AD domain name are
>>>> equal?
>>>>
>>> Yes also correct
>>>
>>>> See this one also:
>>>> http://technet.microsoft.com/en-us/l...42(WS.10).aspx
>>>> Is the "Intersite messaging" service started and also the DNS
>>>> server and DNS client service started?
>>>>
>>> Yes these are started
>>>
>>> I will try again and install DNS and DC at the same time.
>>>
>> I'm not sure but it may be something to do with the first DC in the
>> forest. I know you can dcpromo a member server running DNS to an
>> existing domain. For the first DC in the forest it's probably best to
>> let DNS install during the promotion.
>>
>> --
>> Kerry Brown
>> MS-MVP - Windows Desktop Experience: Systems Administration
>> http://www.vistahelp.ca/phpBB2