DNS issues after a SBS 2003 to Windows server 2008 R2 migration
After finishing a successful server migration from SBS 2003 to multiple Windows Server 2008 R2 servers there were some DNS issues. After a restart of the domain controller it looked like DNS is not working as it should the servers are also signaling they don’t have an internet connection. Restarting the DNS service fixes all problems for that time, but after a new restart same problem comes back every time.
Looking at the system event log there are a lot warnings and error events from the Source: NETLOGON
Event ID: 5774
The dynamic registration of the DNS record ‘domain.local. 600 IN A 192.168.117.21’ failed on the following DNS server:
DNS server IP address: ::
Returned Response Code (RCODE): 0
Returned Status Code: 0
For computers and users to locate this domain controller, this record must be registered in DNS.
USER ACTION
Determine what might have caused this failure, resolve the problem, and initiate registration of the DNS records by the domain controller. To determine what might have caused this failure, run DCDiag.exe. To learn more about DCDiag.exe, see Help and Support Center. To initiate registration of the DNS records by this domain controller, run ‘nltest.exe /dsregdns’ from the command prompt on the domain controller or restart Net Logon service.
Or, you can manually add this record to DNS, but it is not recommended.
ADDITIONAL DATA
Error Value: DNS name does not exist.
And:
Event ID: 5781
Dynamic registration or deletion of one or more DNS records associated with DNS domain ‘domain.local.’ failed. These records are used by other computers to locate this server as a domain controller (if the specified domain is an Active Directory domain) or as an LDAP server (if the specified domain is an application partition).
Possible causes of failure include:
– TCP/IP properties of the network connections of this computer contain wrong IP address(es) of the preferred and alternate DNS servers
– Specified preferred and alternate DNS servers are not running
– DNS server(s) primary for the records to be registered is not running
– Preferred or alternate DNS servers are configured with wrong root hints
– Parent DNS zone contains incorrect delegation to the child zone authoritative for the DNS records that failed registration
USER ACTION
Fix possible misconfiguration(s) specified above and initiate registration or deletion of the DNS records by running ‘nltest.exe /dsregdns’ from the command prompt on the domain controller or by restarting Net Logon service on the domain controller.
‘DomainDnsZones.domain.local.’
‘ForestDnsZones.domain.local.’
As we run DCDIAG /C before this didn’t give any error, but when we now run DCDIAG /test:dns we see the following result:
Running enterprise tests on : domain.local
Starting test: DNS
Test results for domain controllers:
DC: NewServer. domain.local
Domain: domain.local
TEST: Delegations (Del)
Error: DNS server: OLDSERVERNAME. domain.local.
IP:
As you can see the test is trying to resolve the old servername at the Delegations test.
Solution:
At the end the problem was when looking in DNS manager and going to the domain.local – _msdcs subzone, the NS record had still the old servername entered.
Just change the record and change the data to the new server information. This resolved the first error, but the second stayed.
This error occures because there are one or more DNS zones are not correctly saved within Active Directory. You can easy see this by using the Registry editor regedit.exe and browse to HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ DNS Server \ Zones. All you dns zones should be located over here.
When you select a zone it would look like this:
As you can see there isn’t a REG_SZ value DirectoryPartition DomainDnsZones.domain.local or ForestDnsZones.domain.local these are the problem zones. I had to delete these zones (both were manual made zones in the past on the old DC) and recreate them. After recreation the REG_SZ value DirectoryPartition value was set and the event warnings didn’t come back as after restarts no problems have raised anymore.
Tags: dns, migration, sbs 2003, windows 2008R2
I have a problem similar if not identical to this, however, I was wondering if you could expand a bit on the replacement of the registry values. What exactly you replaced, where, and the values implemented. My migration was from sbs2003 to sbs 2011. I have fixed the first issue: “Just change the record and change the data to the new server information. This resolved the first error”. But would like to resolve the other as well, thank you.
Hi, I am not complete sure what you would like to no, because I wrote you need to delete the complete zones from the registry that aren’t right, the location is as in the screen capture
Can you give me the steps to delete and recreate the zones?
Thanks a lot
what steps are you looking for? they are all explained in the article.
ronnypot – dont be an ass. how about an after picture or some extra information?? where did you delete and where did you create??
pardon? To delete a DNS zone, open dns manager, select the zone you want to delete, right click and choose delete. To create a new zone, right click forward lookup zones and choose add zone.
This worked great for me.
Thank you very much.