domain.local dns forward lookup zone has a red x

Discussion in 'DNS Server' started by Jamie, Aug 8, 2009.

  1. Jamie

    Jamie Guest

    It shows zone not loaded by dns server.

    The dns server encountered a problem while attempting to load the zone. The
    zone data may not be available in active directory, or the zone data is
    corrupt.

    If I right click on the domain.local zone and go to properties it shows
    under the general tab as status expired. All other options with a right
    click are greyed out.

    If I try to delete the zone it says the zone cannot be deleted the active
    directory service is not available.

    under the dns events it is getting errors 4004 and 4015 and warning 4521.

    I'm not sure what to try here. please help
     
    Jamie, Aug 8, 2009
    #1
    1. Advertisements


  2. Hi Jamie,

    It initially appears to be a DNS misconfiguration, however to absolutely
    determine that, and not something more serious, we'll need additional
    information and facts regarding the server's configuration to make a
    specific diagnosis. Please post an unedited ipconfig /all of the domain
    controller, please. If there is more than one DC, please post one for the
    others, as well.

    Common causes:
    Using the ISP's DNS address in the DC's NIC.
    Multiple NICs and or IPs.
    RRAS installed on a DC.
    IP Routing enabled on a DC.
    Domain is a Single Label Name.
    The DC has a Disjointed Namespace.

    Your ipconfigs will help us determine where the problem lies.

    Thank you,

    --
    Ace

    This posting is provided "AS-IS" with no warranties or guarantees and
    confers no rights.

    Please reply back to the newsgroup or forum to benefit from collaboration
    among responding engineers, and to help others benefit from your resolution.

    Ace Fekay, MCT, MCTS Exchange, MCSE, MCSA 2003 & 2000, MCSA Messaging
    Microsoft Certified Trainer

    For urgent issues, please contact Microsoft PSS directly. Please check
    http://support.microsoft.com for regional support phone numbers.
     
    Ace Fekay [MCT], Aug 8, 2009
    #2
    1. Advertisements

  3. Jamie

    Jamie Guest

    This is a very small network with just the one server. It is only using one
    NIC card as well. Here is the ipconfig /all.

    Microsoft Windows [Version 6.0.6001]
    Copyright (c) 2006 Microsoft Corporation. All rights reserved.

    C:\Users\Administrator>ipconfig /all

    Windows IP Configuration

    Host Name . . . . . . . . . . . . : sv-wmd
    Primary Dns Suffix . . . . . . . : wmd.local
    Node Type . . . . . . . . . . . . : Broadcast
    IP Routing Enabled. . . . . . . . : No
    WINS Proxy Enabled. . . . . . . . : No
    DNS Suffix Search List. . . . . . : wmd.local

    Ethernet adapter Local Area Connection:

    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Broadcom BCM5708C NetXtreme II GigE
    (NDIS
    VBD Client)
    Physical Address. . . . . . . . . : 00-1E-C9-CC-42-98
    DHCP Enabled. . . . . . . . . . . : No
    Autoconfiguration Enabled . . . . : Yes
    IPv4 Address. . . . . . . . . . . : 192.168.0.3(Preferred)
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Default Gateway . . . . . . . . . : 192.168.0.1
    DNS Servers . . . . . . . . . . . : 192.168.0.3
    NetBIOS over Tcpip. . . . . . . . : Enabled

    Tunnel adapter Local Area Connection* 8:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . :
    isatap.{AF7D905F-40E0-4C91-BF36-CAAE4F3F7
    C55}
    Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
    DHCP Enabled. . . . . . . . . . . : No
    Autoconfiguration Enabled . . . . : Yes

    C:\Users\Administrator>
     
    Jamie, Aug 10, 2009
    #3

  4. Jamie,

    Thanks for posting the ipconfig. It actually looks fine. It appears to be
    Windows 2008. What errors are in the Event viewer? Post the eventID# and
    Source name, please, if any exist.

    Also, what replication scope is the zone set to (DNS, zone properties,
    replication).

    Thanks,

    Ace
     
    Ace Fekay [MCT], Aug 10, 2009
    #4
  5. Jamie

    Jamie Guest

    4521, 4004, 4015 all from the dns-server-service.

     
    Jamie, Aug 10, 2009
    #5
  6. I apologize, you had already posted them.

    Curious, what services have you disabled on the machine? Is the DHCP Client
    service disabled? Any others you may or may have not disabled? How about the
    AD services?

    Also, see what automatic services are not running. You can click on the top
    of the startup type column to organize the startup by automatic, manual,
    etc.

    Ace
     
    Ace Fekay [MCT], Aug 11, 2009
    #6
  7. Jamie

    Jamie Guest

    I have not disabled any. TPM Base Services is the only service with an
    automatic that is not started. THe DHCP service is running. The Active
    directory domain services is running.
     
    Jamie, Aug 11, 2009
    #7
  8. Ok. Good. I assume you mean the DHCP CLIENT service, not the DHCP Server
    service. The Client service is what does registration into DNS.

    Are you able to change the zone type to a Primary zone (remove it from AD)?

    Also, did you demote the 2000 server? Or was it unplugged?

    Are you seeing any replication errors in the other logs in Event viewer?

    Ace
     
    Ace Fekay [MCT], Aug 11, 2009
    #8
  9. Jamie

    Jamie Guest

    Yes the DHCP Client service.

    I try to remove the zone from ad and it says "The data on teh primary zone
    failed to set. The operation cannot be performed because theis zone is
    shutdown."

    The 2000 machine was crashed and is gone.

    There are also a bunch of 5774 and 5781 source NETLOGON events that are
    occurring.
     
    Jamie, Aug 11, 2009
    #9

  10. Ok, it appears the crashed, or missing DC, is what it's looking for.
    Apparently it held a FSMO role, and because it crashed, the FSMOs were never
    seized over to the existing server, as well as that the old server's
    reference is still in the AD database, is what's causing all the problems.

    You'll need to first seize the FSMO roles over to the existing DC. Then
    perform a Metadata Cleanup to remove the machine's reference from AD, or
    this will continue. Follow the procedure in the following articles, please.

    Using Ntdsutil.exe to transfer or seize FSMO roles to a domain controller
    (in this case Jamie, you want to seize the roles)
    http://support.microsoft.com/kb/255504

    Cleanup (Metadata Cleanup) the AD database from the crashed DC - How to
    remove data in Active Directory after an unsuccessful domain controller
    demotion
    http://support.microsoft.com/kb/216498

    After that, go into Active Directory Sites and Services, and delete the
    servername.

    Make sure this DC is a GC. That is also in Sites and Services, Sitename,
    click on Server, to the right you will see NTDS, right click, choose
    properties, check the box for it to be a GC.

    Afer all is done, run the following to check for errors:
    dcdiag /v /fix
    netdiag /v /fix.

    Ace
     
    Ace Fekay [MCT], Aug 12, 2009
    #10
  11. Jamie

    Jamie Guest

    Well let me throw another loop at you. When I put the server in place I
    created a new domain. There are only 5 computers so I just joined them all
    to the new domain. There is no trace of the old server on the domain because
    it was never there.
     
    Jamie, Aug 14, 2009
    #11

  12. Yep, that's a loop. But you're saying there was a 2000 DC, and it is no
    longer there. How was it removed? Was it demoted with dcpromo, or
    crashed/unplugged?

    Ace
     
    Ace Fekay [MCT], Aug 14, 2009
    #12
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.