Here is everything you asked for. Thank you for you help.
I have 7 Domain Controllers two at the main office and one at each branch
plant. They all are running DNS. There are no firewalls in place at all
between the system I think the duplicates happened because myself and
another network tech here where creating zones at the same time and that is
how the corruption happened. How do I clean this out of active directory do
I uninstall dns and reinstall. Do I delete all the zones? I found this
article on Microsoft website about removing DNS and reinstalling it: Q294328
Is this the recommend approach for this problem?
Should I delete the CNFs with ADSI Edit if they are duplicates?
DC=..InProgress-40805F2200AA3B48-0.20.172.in-addr.arpa
DC=..InProgress-408C1B682E817945-mydomain.com
Should I delete this Inprogress stuff which is under DomainDNSZones
MicrosoftDNS?
In addition to this I was getting a duplicate zone error a few days ago with
event id 4515
So I removed the duplicate zone from DomainDNSZones
Was that the right thing to do? From what I read on the news groups that is
what is recommended
----------------------------------------------------
The zone mydomain.com was previously loaded from the directory partition
MicrosoftDNS but another copy of the zone has been found in directory
partition DomainDnsZones.mydomain.com. The DNS Server will ignore this new
copy of the zone. Please resolve this conflict as soon as possible.
If an administrator has moved this zone from one directory partition to
another this may be a harmless transient condition. In this case, no action
is necessary. The deletion of the original copy of the zone should soon
replicate to this server.
If there are two copies of this zone in two different directory partitions
but this is not a transient caused by a zone move operation then one of
these copies should be deleted as soon as possible to resolve this conflict.
To change the replication scope of an application directory partition
containing DNS zones and for more details on storing DNS zones in the
application directory partitions, please see Help and Support.
For more information, see Help and Support Center at
Dcdiag
Domain Controller Diagnosis
Performing initial setup:
* Verifying that the local machine dc, is a DC.
* Connecting to directory service on server dc.
* Collecting site info.
* Identifying all servers.
* Identifying all NC cross-refs.
* Found 8 DC(s). Testing 1 of them.
Done gathering initial info.
Doing initial required tests
Testing server: Wausau\DC
Starting test: Connectivity
* Active Directory LDAP Services Check
* Active Directory RPC Services Check
......................... DC passed test Connectivity
Doing primary tests
Testing server: Wausau\DC
Starting test: Replications
* Replications Check
* Replication Latency Check
* Replication Site Latency Check
......................... DC passed test Replications
Test omitted by user request: Topology
Test omitted by user request: CutoffServers
Starting test: NCSecDesc
* Security Permissions Check for
DC=ForestDnsZones,DC=mydomain,DC=com
(NDNC,Version 2)
* Security Permissions Check for
DC=DomainDnsZones,DC=mydomain,DC=com
(NDNC,Version 2)
* Security Permissions Check for
CN=Schema,CN=Configuration,DC=mydomain,DC=com
(Schema,Version 2)
* Security Permissions Check for
CN=Configuration,DC=mydomain,DC=com
(Configuration,Version 2)
* Security Permissions Check for
DC=mydomain,DC=com
(Domain,Version 2)
......................... DC passed test NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
......................... DC passed test NetLogons
Starting test: Advertising
The DC DC is advertising itself as a DC and having a DS.
The DC DC is advertising as an LDAP server
The DC DC is advertising as having a writeable directory
The DC DC is advertising as a Key Distribution Center
The DC DC is advertising as a time server
The DS DC is advertising as a GC.
......................... DC passed test Advertising
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS
Settings,CN=DC,CN=Servers,CN=Wausau,CN=Sites,CN=Configuration,DC=mydomain,DC
=com
Role Domain Owner = CN=NTDS
Settings,CN=DC,CN=Servers,CN=Wausau,CN=Sites,CN=Configuration,DC=mydomain,DC
=com
Role PDC Owner = CN=NTDS
Settings,CN=DC,CN=Servers,CN=Wausau,CN=Sites,CN=Configuration,DC=mydomain,DC
=com
Role Rid Owner = CN=NTDS
Settings,CN=DC,CN=Servers,CN=Wausau,CN=Sites,CN=Configuration,DC=mydomain,DC
=com
Role Infrastructure Update Owner = CN=NTDS
Settings,CN=DC,CN=Servers,CN=Wausau,CN=Sites,CN=Configuration,DC=mydomain,DC
=com
......................... DC passed test KnowsOfRoleHolders
Starting test: RidManager
* Available RID Pool for the Domain is 6109 to 1073741823
* dc.mydomain.com is the RID Master
* DsBind with RID Master was successful
* rIDAllocationPool is 5609 to 6108
* rIDPreviousAllocationPool is 5609 to 6108
* rIDNextRID: 5646
......................... DC passed test RidManager
Starting test: MachineAccount
* SPN found :LDAP/dc.mydomain.com/mydomain.com
* SPN found :LDAP/dc.mydomain.com
* SPN found :LDAP/DC
* SPN found :LDAP/dc.mydomain.com/MYDOMAIN
* SPN found
:LDAP/146ddf16-8e52-48bb-aff0-c70d60c56d7e._msdcs.mydomain.com
* SPN found
:E3514235-4B06-11D1-AB04-00C04FC2DCD2/146ddf16-8e52-48bb-aff0-c70d60c56d7e/m
ydomain.com
* SPN found :HOST/dc.mydomain.com/mydomain.com
* SPN found :HOST/dc.mydomain.com
* SPN found :HOST/DC
* SPN found :HOST/dc.mydomain.com/MYDOMAIN
* SPN found :GC/dc.mydomain.com/mydomain.com
......................... DC passed test MachineAccount
Starting test: Services
* Checking Service: Dnscache
* Checking Service: NtFrs
* Checking Service: IsmServ
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: RpcSs
* Checking Service: w32time
* Checking Service: NETLOGON
......................... DC passed test Services
Test omitted by user request: OutboundSecureChannels
Starting test: ObjectsReplicated
DC is in domain DC=mydomain,DC=com
Checking for CN=DC,OU=Domain Controllers,DC=mydomain,DC=com in
domain DC=mydomain,DC=com on 1 servers
Object is up-to-date on all servers.
Checking for CN=NTDS
Settings,CN=DC,CN=Servers,CN=Wausau,CN=Sites,CN=Configuration,DC=mydomain,DC
=com in domain CN=Configuration,DC=mydomain,DC=com on 1 servers
Object is up-to-date on all servers.
......................... DC passed test ObjectsReplicated
Starting test: frssysvol
* The File Replication Service SYSVOL ready test
File Replication Service's SYSVOL is ready
......................... DC passed test frssysvol
Starting test: frsevent
* The File Replication Service Event log test
......................... DC passed test frsevent
Starting test: kccevent
* The KCC Event log test
Found no KCC errors in Directory Service Event log in the last 15
minutes.
......................... DC passed test kccevent
Starting test: systemlog
* The System Event log test
Found no errors in System Event log in the last 60 minutes.
......................... DC passed test systemlog
Test omitted by user request: VerifyReplicas
Starting test: VerifyReferences
The system object reference (serverReference)
CN=DC,OU=Domain Controllers,DC=mydomain,DC=com and backlink on
CN=DC,CN=Servers,CN=Wausau,CN=Sites,CN=Configuration,DC=mydomain,DC=com
are correct.
The system object reference (frsComputerReferenceBL)
CN=DC,CN=Domain System Volume (SYSVOL share),CN=File Replication
Service,CN=System,DC=mydomain,DC=com
and backlink on CN=DC,OU=Domain Controllers,DC=mydomain,DC=com are
correct.
The system object reference (serverReferenceBL)
CN=DC,CN=Domain System Volume (SYSVOL share),CN=File Replication
Service,CN=System,DC=mydomain,DC=com
and backlink on
CN=NTDS
Settings,CN=DC,CN=Servers,CN=Wausau,CN=Sites,CN=Configuration,DC=mydomain,DC
=com
are correct.
......................... DC passed test VerifyReferences
Test omitted by user request: VerifyEnterpriseReferences
Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Running partition tests on : mydomain
Starting test: CrossRefValidation
......................... mydomain passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... mydomain passed test CheckSDRefDom
Running enterprise tests on : mydomain.com
Starting test: Intersite
Skipping site Wausau, this site is outside the scope provided by
the
command line arguments provided.
Skipping site Waverly, this site is outside the scope provided by
the
command line arguments provided.
Skipping site Corning, this site is outside the scope provided by
the
command line arguments provided.
Skipping site LakeWales, this site is outside the scope provided by
the command line arguments provided.
Skipping site SouthHill, this site is outside the scope provided by
the command line arguments provided.
Skipping site Paulding, this site is outside the scope provided by
the
command line arguments provided.
Skipping site Charleston, this site is outside the scope provided
by
the command line arguments provided.
......................... mydomain.com passed test Intersite
Starting test: FsmoCheck
GC Name: \\dc.mydomain.com
Locator Flags: 0xe00003fd
PDC Name: \\dc.mydomain.com
Locator Flags: 0xe00003fd
Time Server Name: \\dc.mydomain.com
Locator Flags: 0xe00003fd
Preferred Time Server Name: \\dc.mydomain.com
Locator Flags: 0xe00003fd
KDC Name: \\dc.mydomain.com
Locator Flags: 0xe00003fd
......................... mydomain.com passed test FsmoCheck
"Ace Fekay [MVP]"
