To directly answer your question:, I'd suggest:
Convert the zone to Standard primary on the problematic server.
Configure the server to now use another DNS server for lookup.
Then delete the newly-converted zone on this server
Remove DNS from this server
Reboot for good measure
Ensure that there are no DNS errors present anywhere on the other DNS servers
Ensure that this server can resolve records using nslookup and can ping by
name and IP
Then reinstall DNS on this server.
HTH
Sincerely,
_____
(, / | /) /) /)
/---| (/_ ______ ___// _ // _
) / |_/(__(_) // (_(_)(/_(_(_/(__(/_
(_/ /)
(/
Microsoft MVP - Directory Services
www.readymaids.com <http://www.readymaids.com> - we know IT
www.akomolafe.com <http://www.akomolafe.com>
Do you now realize that Today is the Tomorrow you were worried about
Yesterday? -anon
________________________________
From: [EMAIL PROTECTED] on behalf of Danny
Sent: Tue 4/25/2006 12:50 PM
To: [email protected]
Subject: Re: [ActiveDir] DNS addition - event error 4010: unable to create RR
for AD zone
On 4/19/06, Al Mulnick <[EMAIL PROTECTED]> wrote:
> Because this is AD-Integrated, I would more likely suspect that there's a
> problem with one of the records or a configuration issue vs. wholesale
> corruption. The recommendation to remove the entire zone would flush that
> problem out but as you mentioned it would likely throw the baby out with
the
> bathwater. Since elephants are best eaten in small pieces, it would be
best
> to isolate and troubleshoot. For example, on the domain controller, can
you
> use nslookup to find the domain controller itself? What about SRV records?
> Is that the same with all domain controlled versions or just this one? What
> other events are logged at startup? When you open the DNS MMC, do you see
> anything odd?
>
> Removing the zone is not absolutely a bad idea if the zone is unusable
> anyway. The servers would re-register themselves in about the next 12-24
> hours anyway (usually much much much quicker but you hate to give that kind
> of advice willy-nilly.)
>
> I'm out of cliches for now, but let me know what you get with those
> questions. It might also be a good idea to start considering calling
> Microsoft if you need faster resolution.
Can anyone please confirm whether or not it is safe to simply delete
the main forward AD DNS zone? What are the steps to recreate
Thanks,
...D
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
