I can not see DNS records inside DNS zones in secondary domain controller

Federico Coppola 1,181 Reputation points
2021-06-17T19:32:11.593+00:00

Hi all,
I have two Domain Controller inside company.
Both of them are Windows 2016 DataCenter and they are installed in English Language.

Today I noted this issue:

On the first domain controller, inside DNS I can see all records inside the DNS zones.
On the second domain controller, inside DNS I see just DNS zones but inside domain zone there aren't DNS record, there are just the NameServer record!

After that I tried to the first domain controller, using DNS console, to connect to the second domain controller.
In this case I can see all DNS zones and records properly

What can I do?

Thanks
Federico

Windows Server 2016
Windows Server 2016
A Microsoft server operating system that supports enterprise-level management updated to data storage.
2,370 questions
Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
12,115 questions
Windows DHCP
Windows DHCP
Windows: A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.DHCP: Dynamic Host Configuration Protocol (DHCP). A communications protocol that lets network administrators manage centrally and automate the assignment of Internet Protocol (IP) addresses in an organization's network.
1,021 questions
0 comments
Accepted answer
  1. Dave Patrick 426.1K Reputation points MVP
    2021-06-19T12:18:22.957+00:00

    There seems to be some sort of corruption on this server. As a work-around it sounds like you can just use the newly created MSC but in my opinion I'd replace that domain controller ASAP.

    I'd use dcdiag / repadmin tools to verify health correcting all errors found before starting any operations. Then stand up the new one for replacement, patch it fully, license it, join existing domain, add active directory domain services, promote it also making it a GC (recommended), transfer FSMO roles over (optional), transfer pdc emulator role (optional), use dcdiag / repadmin tools to again verify health, when all is good you can decommission / demote old one.

    --please don't forget to upvote and Accept as answer if the reply is helpful--

    0 comments

17 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Dave Patrick 426.1K Reputation points MVP
    2021-06-17T19:42:09.91+00:00

    Something here may help.
    https://learn.microsoft.com/en-us/troubleshoot/windows-server/networking/dns-records-not-present

    --please don't forget to upvote and Accept as answer if the reply is helpful--

    0 comments
  2. Fan Fan 15,291 Reputation points Microsoft Vendor
    2021-06-18T02:56:04.69+00:00

    Hi,

    Before going further, did you confirm that both the 2 DCs are working well and the replication status between DCs is good?
    Following command can be tested:
    Dcdiag /v >c:\dcdiag1.log
    Repadmin /showrepl >C:\repl.txt
    Repadmin /showreps *

    Best Regards,

    0 comments
  3. Dave Patrick 426.1K Reputation points MVP
    2021-06-18T02:56:52.66+00:00

    Just checking if there's any progress or updates?

    --please don't forget to upvote and Accept as answer if the reply is helpful--

    0 comments
  4. Federico Coppola 1,181 Reputation points
    2021-06-18T11:15:28.763+00:00

    Hi @Fan Fan ,
    I have tried to execute command in CMD.

    I have attached output to this post.

    Finally I have this error on both domain controller:

    *C:\Windows\system32>Repadmin /showreps *
    LDAP error 81 (Server Down) Win32 Err 58.*

    What can I do?

    107091-dcdiag1-first-dc.log
    107060-dcdiag1-second-dc.log
    107101-repl-first-dc.txt
    107082-repl-second-dc.txt

    Finally, just to share more information about this issue, here some pictures.

    This picture is about DNS record in DNS Zone in DC02
    107064-image.png

    This picture is about DNS records in DNS Zone of DC02 from DC01. From DC01 seems to be all regular...
    107047-image.png

    0 comments