DAMN! Human error - DNS screwed - HELP!

[RJ]

We have screwed our DNS up - DOH - don't ask..

Basically, we are Windows 2003 server with 2003 AD.
Server A (primary), B running DNS
Server C wasn't running DNS but we wanted to install it on there
(doing so cocked up)

A,B & C are all DC's. A has all the roles.

-----------

Basically, AD got "lost" when we added/removed server C DNS - and
zones got corrupt/lost.

Logged a call with PSS, and stopped DNS/NETLOGON and cleared out
netlogon.dns files and sysroot\sys32\dns etc. Removed DNS from B & C.

Server A - keeps finding old zone files - even though they were
deleted 3+ times. Even Mr MS has no idea why. Seems to be found
after DNS service restart...

Anyway, after last clean up - configured <ourdomain.com> and added all
hosts and things look okay ish (names resolve).

However, the _msdcs within <ourdomain.com> looked like a normal folder
and not "special". And the _msdcs.ourdomain.com in the forward lookup
zone has not been created. (netlogon.dns looks okay though).

PSS say "wait 3 hours" - but thats a hell of a wait and we qare not
conviced.

We are sort-of-following Q294328 but not exactly. (AD under U&C /
ADSIEDIT was empty under the MicrosoftDNS tree).

Perhaps it was the DC replication keeping bringing back the old zones?

But any ideas or related technotes appreciated....

(Our first downtime for > 5 years ((((()

Damn goes xmas bonus. (or is it time to renegotaite salary once
fixed!?)

Comments/thoughts welcome!

 

[Kevin D. Goodknecht Sr. [MVP]]

In

We have screwed our DNS up - DOH - don't ask..

Basically, we are Windows 2003 server with 2003 AD.
Server A (primary), B running DNS
Server C wasn't running DNS but we wanted to install it
on there (doing so cocked up)

A,B & C are all DC's. A has all the roles.

-----------

Basically, AD got "lost" when we added/removed server C
DNS - and zones got corrupt/lost.

Logged a call with PSS, and stopped DNS/NETLOGON and
cleared out netlogon.dns files and sysroot\sys32\dns etc.
Removed DNS from B & C.

Server A - keeps finding old zone files - even though
they were deleted 3+ times. Even Mr MS has no idea why.
Seems to be found after DNS service restart...

Anyway, after last clean up - configured <ourdomain.com>
and added all hosts and things look okay ish (names
resolve).

However, the _msdcs within <ourdomain.com> looked like a
normal folder and not "special". And the
_msdcs.ourdomain.com in the forward lookup zone has not
been created. (netlogon.dns looks okay though).

PSS say "wait 3 hours" - but thats a hell of a wait and
we qare not conviced.

We are sort-of-following Q294328 but not exactly. (AD
under U&C / ADSIEDIT was empty under the MicrosoftDNS
tree).

Perhaps it was the DC replication keeping bringing back
the old zones?

But any ideas or related technotes appreciated....

(Our first downtime for > 5 years ((((()

Damn goes xmas bonus. (or is it time to renegotaite
salary once fixed!?)

Comments/thoughts welcome!

Oh now, it's not all that bad. If you were using or had at one time used
Standard Primary DNS zone, there will be a backup of the zone text file in
the systemroot\system32\dns\backup folder.

Follow this KB to do a reinstall of the AD zone, it's for Win2k so some of
the steps are slightly different, like the way you change from AD integrated
to standard primary. The most important is to do it in the right order, the
first step is to point all DCs to one DNS server for DNS before you start
then do the reinstall on it.

294328 - How to Reinstall a Dynamic DNS Active Directory- Integrated Zone
http://support.microsoft.com/default.aspx?scid=kb;en-us;Q294328