I have a Windows 2008 server which failed to boot due to a corrupted NTDS database.
I managed to recover AD in AD Restore Mode, using ESENTUTL to repair the corruption. The system now boots, but my DNS zones were active directory integrated, and one of them has been corrupted.
I figured I would just re-create them, but when i try to remove the corrupted zone i get an error..
"Zone Cannot be Deleted. Active Directory Service unavailble"
I can access AD fine via AD users & computers and also ADSI Edit but cannot find a way of manualy or forcefuly removing the corrupted DNS zone.
when i try to use ADSIEdit to remove the entry from DC=DomainDNSZones i get the error….
Operation Failed. Error code: 0x20ef
The directory service encountered an unknown failure.
000020ef: SvcErr: DSID-020503E2, problem 5005
(UNABLE_TO_PROCEED), data 8203
Any help appreciated.
Best Answer
Zow. You've got a mess there!
You might try deleting the DNS zone using ADSIEDIT. If it was a forest-wide zone, you're going to find the zone in the ForestDNSZones NC, under the MicrosoftDNS container.
If it was a domain-wide zone, you'll find the zone in DomainDNSZones NC under the same container.
(You really should be backing-up AD and should have probably restored from backup when this happened, but that's another rant for another question.)