change from bind secondary to ad intergrated

[JasonMeyer]

I have several zones that I have slaved to my windows DNS servers. I
would now like to make them responsible for the zones. If I convert them
to just Primary zones, no problems. But if i try to use AD intergrated I
get, sorry can't remember the exact message, "the primary zone failed
to set. the zone type is invalid". The servers running bind are going
away and I wanted to sort of simplify DNS a bit. I can make the zones
Primary standards, just would rather use AD to transfer the zones around.

Also will I need to edit the SOA and NS records? Thanks for the help.

Jason

 

[Ace Fekay [MVP]]

In

I have several zones that I have slaved to my windows DNS servers. I
would now like to make them responsible for the zones. If I convert
them to just Primary zones, no problems. But if i try to use AD
intergrated I get, sorry can't remember the exact message, "the
primary zone failed to set. the zone type is invalid". The servers running
bind are going
away and I wanted to sort of simplify DNS a bit. I can make the zones
Primary standards, just would rather use AD to transfer the zones
around.
Also will I need to edit the SOA and NS records? Thanks for the help.

Jason

This opens up a multitude of questions about your config. Is this the first
time attempting to change it to AD Integrated or was it attempted in teh
past and there's a lingering zone in the AD database? If so, and it's 2003,
it can be in three different locations, which you will need to find using
ADSI Edit. If 2000, it's in one possible place. \

Also, are you attempting to use the 2003 DNS console to configure a 2000 DNS
server or the other way around?

It could be something as simple as incompatible records in the zone itself
causing this as well, such as misconfigured CNAMES, or there's a blank FQDN
as a CNAME, which the DCs require for their own IP, which is called the
LdalIpAddress. Wildcards may do it too.

--
Ace

This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

If this post is viewed at a non-Microsoft community website, and you were to
respond to it through that community's website, I may not see your reply
unless that website posts replies back to the original Microsoft forum.
Therefore, please direct all replies ONLY to the Microsoft public newsgroup
this thread originated in so all can benefit or ensure the web community
posts it back to the original forum.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft MVP - Windows Server Directory Services
Microsoft Certified Trainer
Infinite Diversities in Infinite Combinations.
=================================

 

[Kevin D. Goodknecht Sr. [MVP]]

I have several zones that I have slaved to my windows DNS servers. I
would now like to make them responsible for the zones. If I convert
them to just Primary zones, no problems. But if i try to use AD
intergrated I get, sorry can't remember the exact message, "the
primary zone failed
to set. the zone type is invalid". The servers running bind are going
away and I wanted to sort of simplify DNS a bit. I can make the zones
Primary standards, just would rather use AD to transfer the zones
around.

You cannot change a zone straight from Secondary to AD integrated, change to
Standard Primary, click Apply, then change to AD integrated and click Apply.

Also will I need to edit the SOA and NS records? Thanks for the help.

No, AD integrated zones will automatically take the Full Computer name of
the machine it is on as the SOA primary. Each DNS server it is running on as
AD integrated will also auto-create its own NS record. But it will not
remove any existing NS records.
I have tested all of these this week on a Win2k DC, I suspect Win2k3 has the
same behavior.

 

[JasonMeyer]

You cannot change a zone straight from Secondary to AD integrated, change to
Standard Primary, click Apply, then change to AD integrated and click Apply.





No, AD integrated zones will automatically take the Full Computer name of
the machine it is on as the SOA primary. Each DNS server it is running on as
AD integrated will also auto-create its own NS record. But it will not
remove any existing NS records.
I have tested all of these this week on a Win2k DC, I suspect Win2k3 has the
same behavior.

Thanks for the info guys. I have set the new zones to standard primary.
Probably going to let those sit like that for a bit, then try to make
them AD intergrated.I manually removed the old NS records and added my 3
main DCs as NS records and all is well. I may just leave them all
standard since everything is working well that way. I just need to
remember to document it.

But for the record I got the error first when using 2003 tools to manage
2000 DNS, but then I tried with 2000 tools and got the same thing.

 

[Kevin D. Goodknecht Sr. [MVP]]

Thanks for the info guys. I have set the new zones to standard
primary. Probably going to let those sit like that for a bit, then
try to make them AD intergrated.I manually removed the old NS records
and added my 3 main DCs as NS records and all is well. I may just
leave them all standard since everything is working well that way. I
just need to remember to document it.

But for the record I got the error first when using 2003 tools to
manage 2000 DNS, but then I tried with 2000 tools and got the same
thing.

Are you attempting to change the zone to AD integrated before deleting the
zone on the other DCs?
In order to change the zone to AD integrated, you must leave the Primary
zone on one DC ONLY, delete the zone from the other DCs. Then, change the
zone to AD integrated on one DC ONLY. Do not create the zone on your other
DCs, be patient, if replication is working the zone should replicate,
usually within 15 minutes.

 

[Jorge_de_Almeida_Pinto]

I have several zones that I have slaved to my windows DNS
servers. I
would now like to make them responsible for the zones. If I
convert them
to just Primary zones, no problems. But if i try to use AD
intergrated I
get, sorry can't remember the exact message, "the primary
zone failed
to set. the zone type is invalid". The servers running bind
are going
away and I wanted to sort of simplify DNS a bit. I can make
the zones
Primary standards, just would rather use AD to transfer the
zones around.

Also will I need to edit the SOA and NS records? Thanks for
the help.

Jason

Try to make them standard primary first and then convert to AD
integrated

 

[JasonMeyer]

Are you attempting to change the zone to AD integrated before deleting the
zone on the other DCs?
In order to change the zone to AD integrated, you must leave the Primary
zone on one DC ONLY, delete the zone from the other DCs. Then, change the
zone to AD integrated on one DC ONLY. Do not create the zone on your other
DCs, be patient, if replication is working the zone should replicate,
usually within 15 minutes.

I'll remember that when I make them AD intergrated. Again, thanks for
the info.

Jason

 

[Ace Fekay [MVP]]

In

Try to make them standard primary first and then convert to AD
integrated

Jorge, that's exactly what Kevin said the post he made yesterday in this
thread.

Ace