I have inhertied an issue where my AD Integrated DNS Zone was deleted and there are no system state backups available. I have checked in AD, under DNS and there are no records there. However, under the Zone (as listed in DNS) most records are present. On one of my DCs, I manually increased the SOA record and restarted the netlogon service, this has got the "zone" replicating again. I have also repopulated the GUIDs under the _MSDCS folder. Under the properties of the Zone, it is still listed as AD integrated.
My question is:
If I change the properties to "Primary" it should create the txt file in System32\DNS. Assuming I allow replication time etc, can I just change it back to AD and will that repopulate the AD side of things?
Or will I need to export the contents of the txt file, then delete the zone and recreate?
Also, one further question:
My Forest Root Domain has a broken delegation in DNS to the child Domain – again inherited and down to poor administration. The delegated namespace is the same as the AD integrated zone that I have the issue with above – if I repair this (by putting "Live" DCs within the delegated options) will this affect the other AD zone? Or is this a symptom of the above issue?
If you need further info, or if I have not been specific enough please accept my apologies and I shall endeavour to supply what you need.
Many thanks in advance for your assistance.
Best Answer
You mentioned that it's replicating again - is it back in the AD container now?
Keep in mind that there's two different locations that AD will keep zones - Legacy (Win 2000 compatible) zones are stored in the default directory partition (
CN=MicrosoftDNS,CN=System,DC=example,DC=com), while there's two different directory partitions for modern-style integrated zones -DC=DomainDNSZones,DC=example,DC=comandDC=ForestDNSZones,DC=example,DC=com. This was done so that the zone data can be replicated only to the AD servers that are serving the zones, as opposed to all AD controllers (regardless of whether they were DNS servers) when the data was stored in the default partition.Yes - toggling the zone to local and back should rebuild its directory objects - but make a backup of the zone file while it's in text format, just in case.
For the delegation, just manually create the NS records in the parent zone (putting them in the delegation tab does the same) - this is probably an unrelated issue that has never been right from the day it was created.