Please help ...Windows 2003 DNS _msdcs zone is blank ?

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

Hello All

Here is some background informmation on our domain.
We migrated from NT4 to 2003


I'm trying to troubleshoot a problem with Windows XP clients logging onto the network, and have run across a strange problem. While looking through our DNS settings I have found that the _msdcs zone under our domain forward lookup, is pretty much blank. It has an A record that was pointing to the server that we used to migrate from windows NT4 to 2003. Unfortunately, this server is no longer on the domain. Now under the DNS server it has a secondary _msdcs zone entry with is _msdcs.ourdomain.com you see this zone as soon as you expand the DNS Servers forward lookup zone. My question is do I need to copy everything that is in _msdcs.ourdomain.com to the _msdcs zone that is located inside the ourdomain.com zone ?
 
I'm trying to troubleshoot a problem with Windows XP clients logging
onto the network, and have run across a
strange problem. While looking through our DNS settings I have found that
Click to expand...
the _msdcs zone under our domain
forward lookup, is pretty much blank. It has an A record that was pointing
Click to expand...
to the server that we used to migrate from
windows NT4 to 2003. Unfortunately, this server is no longer on the domain.

Now under the DNS server it has a secondary _msdcs zone entry with is _msdcs.ourdomain.com
you see this zone as soon as you expand the DNS Servers forward lookup zone. My question is
do I need to copy everything that is in _msdcs.ourdomain.com to the _msdcs zone that is located
inside the ourdomain.com zone ?
Click to expand...

NO. You do not need to "copy" anything. You need to fix up your
DNS settings so that it will work correctly and AUTOMATICALLY.

Usually the cause is this: One or more of your DCs are not configured
in their "own Client settings" to use the Dynamic DNS server (set)
solely.

Of course it is possible (since you have apparently removed
DCs more likely) that you just don't have a "Primary DNS"
server or that it isn't set to be DYNAMIC on this zone.

You must have:
Dynamic DNS zone for the domain
All clients must be pointed ONLY to this internal DNS
server (set) on their NIC properties -- and DCs are DNS clients too.

If you change any of this, restart the NetLogon service to get the DCs
to re-register.

net stop "DNS Server"
net start "DNS Server"
 
Hello Herb

The servers are pointing to themselves for the DNS config on the NIC adapter, and the DNS servers are set to "secure only" Dynamic Updates. When i removed the Server we used to migrare I demoted the server and moved the home server for the DNS to the other DNS server that was staying on the Domian. Apparently i missed the _msdcs zone that was in the "our domian" zone. Is there any way to get the _msdcs zone to auto fill in all the info ?
 
jay said:
Hello Herb,

The servers are pointing to themselves for the DNS config on the
Click to expand...
NIC adapter, and the DNS servers are set to "secure only" Dynamic Updates.
When i removed the Server we used to migrare I demoted the server and moved
the home server for the DNS to the other DNS server that was staying on the
Domian. Apparently i missed the _msdcs zone that was in the "our domian"
zone. Is there any way to get the _msdcs zone to auto fill in all the info ?

Yes, once you make the DNS zone dynamic, set the DCs to use that
DYNAMIC DNS server(set), and restart NetLogon those _underscore
subdomains will be recreated with the correct records.

Which machine is your Primary (or AD integrated set of machines)?
Is that the one that EVERY DC specifies?

Restart NetLogon.
 
Back
Top