DcDiag: "Warning: The Active Directory zone on this DC/DNS server was not found (probably a misconfiguration)" meaning?

windows-server-2008 domain-name-system domain-controller
5,503

EDIT: changed answer, because partly it was nonsense and partly it didn't apply.

Possibly the server has only a stub zone, which can include A records. The AD zone includes also structures like "_msdcs", "_sites", "_tcp", "_udp", "domaindnszones" and "forestdnszones", which are necessary to find the directory services in the AD.

Also the A record could be served by the forwarders.

EDIT: When you have access to the server, check for the zone being primary, and having the above mentioned SRV entries.

You can read here in more detail than I'm able to explain how DNS is used for AD, an whats needed.

Share:
5,503

Related videos on Youtube

boston
Author by

boston

Updated on September 17, 2022

Comments

  • boston
    boston over 1 year

    Does this mean there is no Forward Lookup Zone by the name of the domain (say domain.local) in DNS? I only have the log of dcdiag, not the actual machine, so I cannot check.

    Later it says:

    Matching A record found at DNS server %own IP%: dc2.domain.local

    So dcdiag says there is a record in a zone that is not there? Or does dcdiag not notice when a record is found using a forwarder?

    UPDATE: The DNS server has two DNS servers configured as forwarders.

  • boston
    boston over 13 years
    The NIC has only itself (127.0.0.1) configured as DNS server. What do you mean by:"When DcDiag searches for the zone, it does so possibly not by querying for a name."?
  • boston
    boston over 13 years
    OK to make sure I got this right. You say that dcdiag might report that the "Active Directory zone on this DC/DNS server was not found" because it is missing the specific subfolders, but the zone exists as a stub with A host record for the DC?
  • knitti
    knitti over 13 years
    a stub zone is a type of zone in MS DNS, which is not authoritative. I only suspect thats the case with your server, I don't really know. I also don't know whether these folders have to be absent, but they aren't usually there in a stub zone.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Window Server 2008 R2: Can you change the IP address of the domain controller?
Cannot connect to Active Directory Domain Controller
How do I get Windows Domain Controller and Ubuntu dnsmasq to play nicely?
What to use on Windows Server 2008 since NETDIAG isn't supported?
How do you repair active directory after a partially renamed domain controller?
DNS settings for domain controller with dual nics one facing internet directly and one to router
MSDCS zone missing
resolving a dns entry for a virtual machine from physical host
Can't connect to domain controller
What's wrong with my reverse lookup zone?