Here is a weird issue I ran into last week. Maybe someone who sees this will stumble upon this post and find useful.
If one changes an AD Integrated DNS Zone from Domain based replication to Forest based replication, it actually propagates a "delete" to all other domain controllers before propagating the "new" DNS zone in the alternative AD Application Partition. Here is a sample of what this event looks like in the eventlog on two "test" domain controllers:
Event Type: Information
Event Source: DNS
Event Category: None
Event ID: 713
Date: 11/19/2009
Time: 9:01:23 AM
User: N/A
Computer: TESTDC01
Description:
An administrator has moved the zone test.local to a new location in Active Diretory. The zone will be stored in Active Directory at DC=test.local,cn=MicrosoftDNS,DC=ForestDnsZones,DC=test,DC=local.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Event Type: Information
Event Source: DNS
Event Category: None
Event ID: 4005
Date: 11/19/2009
Time: 09:06:50 aM
User: N/A
Computer: TESTDC02
Description:
The DNS server received indication that zone test.local was deleted from the Active Directory. Since this zone was an Active Directory integrated zone, it has been deleted from the DNS server.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
In most environments, this will probably be a non-issue. However, if you have high replication intervals, you could see an extended period in remote sites without DNS service.
Also, of note from this testing. You can restore a zone as Domain wide replicated and it will exist in parallel, with no cross-updating, with the Forest based zone. This can add to a real headache when troubleshooting as both domain controllers will appear to have a local copy of the zone with different data..
Just an interesting issue that proved to be the source of a strange event..
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment