win2003 dns missing _msdcs Entry

[Dan]

I have a windows 2003 server and under the DNS > Server > Foward Lookup
Zones > Im missing the folder called _msdcs.domain name. I setup a test box
with the similiar setup to see if this folder would get removed and it
didnt. How can i get this folder back.

 

[Herb Martin]

I have a windows 2003 server and under the DNS > Server > Foward Lookup
Zones > Im missing the folder called _msdcs.domain name. I setup a test box
with the similiar setup to see if this folder would get removed and it
didnt. How can i get this folder back.

DNS
1) Dynamic for the zone supporting AD
2) All internal DNS client NIC\IP properties must specify SOLELY
that internal, dynamic DNS server (set.)
3) DCs and even DNS servers are DNS clients too -- see #2

Restart NetLogon on any DC if you change any of the above that
affects a DC.

If you set it up correctly as above, and then restart the Netlogon
service on the DC(s) then it will be recreated automatically by
them.
[/QUOTE]

 

[Dan]

tried that already and no luck. Do i need this folder?

DNS
1) Dynamic for the zone supporting AD
2) All internal DNS client NIC\IP properties must specify SOLELY
that internal, dynamic DNS server (set.)
3) DCs and even DNS servers are DNS clients too -- see #2

Restart NetLogon on any DC if you change any of the above that
affects a DC.

If you set it up correctly as above, and then restart the Netlogon
service on the DC(s) then it will be recreated automatically by
them.

[/QUOTE]

 

[Herb Martin]

tried that already and no luck. Do i need this folder?

Yes, and if you "tried" that already you missed something.

First, let's eliminate the obvious: Is this a "secondary" DNS server?

If so, then we must ensure it is pulling from the Primary where
those subdomains are created.

Second, just to confirm: This is a Win2000+ DOMAIN enviroment,
and the DNS zone that supports it, right? (If not, then the underscore
zones are not only irrelevant but never created.)

Ok, once we have that, then the rules I gave you MUST work.

Most likely reasons they would not:

You forgot the "Dynamic" setting on the DNS server
You didn't set the DC to use STRICTLY this Dynamic DNS
server (set)
The DNS Primary and Secondary cannot talk to each other
for some reason...
For whatever reason, the DC is registering with one DC and
this isn't getting replicated.

Also, try running DCDiag.

BTW, most common after someone says "did that" is the second
one where they either list the wrong (or no) DNS server or
multiple (external AND internal) DNS servers on the DC.

The DCs must list ONLY the "Internal Dynamic DNS server" (set).
--
Herb Martin

tried that already and no luck. Do i need this folder?

[/QUOTE]

 

[Herb Martin]

And after you mess with it, remember to RESTART NETLOGON
on the DC.

BTW, you do have at least a "Two Tag DNS name", right?

domain.com, but NOT just "domain".

--
Herb Martin

tried that already and no luck. Do i need this folder?

[/QUOTE]

 

[Ace Fekay [MVP]]

In

tried that already and no luck. Do i need this folder?

Sure do. Unfortunately restarting netlogon with W2k3 won't recreate this.
Its created at first installation but its not created when you upgrade (wish
it were). Here's how to recreate/create it:

817470 - HOW TO Reconfigure an _msdcs Subdomain to a Forest-wide DNS
Application Directory Partition When You Upgrade from Win:
http://support.microsoft.com/?id=817470

Q. What's the DNS _msdcs zone for the forest root domain used for:
http://www.winnetmag.com/windowsnt2...ticleID/43039/windowsnt20002003faq_43039.html

--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Active Directory

HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.