Because this is AD-Integrated, I would more likely suspect that there's a problem with one of the records or a configuration issue vs. wholesale corruption. The recommendation to remove the entire zone would flush that problem out but as you mentioned it would likely throw the baby out with the bathwater. Since elephants are best eaten in small pieces, it would be best to isolate and troubleshoot. For example, on the domain controller, can you use nslookup to find the domain controller itself? What about SRV records? Is that the same with all domain controlled versions or just this one? What other events are logged at startup? When you open the DNS MMC, do you see anything odd?
Removing the zone is not absolutely a bad idea if the zone is unusable anyway. The servers would re-register themselves in about the next 12-24 hours anyway (usually much much much quicker but you hate to give that kind of advice willy-nilly.)
I'm out of cliches for now, but let me know what you get with those questions. It might also be a good idea to start considering calling Microsoft if you need faster resolution.
Al
On 4/18/06, Danny <[EMAIL PROTECTED]> wrote:
On 4/17/06, Al Mulnick <[EMAIL PROTECTED]> wrote:
>
> When you talk about deleting and such are you thinking about the newsgroups
> posts like this one:
> http://www.tech-archive.net/Archive/Windows/microsoft.public.windows.server.dns/2005-05/msg00245.html
> ???
Yes, along those lines. But, the zone file in question in this
scenario is the forward lookup zone for AD. Since DNS plays a
critical role in AD, I am sure that you can understand that I am
hesitant to just delete the AD DNS zone without understanding exactly
how a new zone will automatically create all the essential resource
records.
> Some questions:
> Is DNS AD-Integrated?
Yes, the default.
> Software revisions in use?
I am not sure what you mean, but there is a mix of Windows 2000 SP4
and Windows Server 2003 SP1.
> When the client fails, what's the error logged and what are they looking
> for? (I assume nslookup vs. live clients - is that correct?)
Example:
hosts file only contains one server on the LAN
DNS cache has been flushed
DNS client points exclusivley to IP of DNS server
NIC has been restarted
nslookup default server displayed; try a hostname lookup and I receive:
DNS request timed out.
timeout was 2 seconds
When I ping a hostname not previously looked up (or in the cache), it
takes a few seconds and then it finally resolves the name and pings
host successfully.
Regardless, do you know what can be done to resolve the original
issue? What I have just described is more than likely a result of the
root problem.
Thanks,
...D
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
