Share via

I can not see DNS records inside DNS zones in secondary domain controller

Federico Coppola 1,181 Reputation points
2021-06-17T19:32:11.593+00:00

Hi all,
I have two Domain Controller inside company.
Both of them are Windows 2016 DataCenter and they are installed in English Language.

Today I noted this issue:

On the first domain controller, inside DNS I can see all records inside the DNS zones.
On the second domain controller, inside DNS I see just DNS zones but inside domain zone there aren't DNS record, there are just the NameServer record!

After that I tried to the first domain controller, using DNS console, to connect to the second domain controller.
In this case I can see all DNS zones and records properly

What can I do?

Thanks
Federico

Windows Server 2016
Windows Server 2016
A Microsoft server operating system that supports enterprise-level management updated to data storage.
2,450 questions
Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
12,737 questions
Windows DHCP
Windows DHCP
Windows: A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.DHCP: Dynamic Host Configuration Protocol (DHCP). A communications protocol that lets network administrators manage centrally and automate the assignment of Internet Protocol (IP) addresses in an organization's network.
1,038 questions
0 comments
Accepted answer
  1. Anonymous
    2021-06-19T12:18:22.957+00:00

    There seems to be some sort of corruption on this server. As a work-around it sounds like you can just use the newly created MSC but in my opinion I'd replace that domain controller ASAP.

    I'd use dcdiag / repadmin tools to verify health correcting all errors found before starting any operations. Then stand up the new one for replacement, patch it fully, license it, join existing domain, add active directory domain services, promote it also making it a GC (recommended), transfer FSMO roles over (optional), transfer pdc emulator role (optional), use dcdiag / repadmin tools to again verify health, when all is good you can decommission / demote old one.

    --please don't forget to upvote and Accept as answer if the reply is helpful--

    0 comments

17 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2021-06-18T12:04:37.733+00:00

    DFS Replication service encountered an error communicating with partner PE-DC-002 for replication group Domain System Volume There are no more endpoints available from the endpoint mapper

    I'd check the event logs for more details. The "no more end points available" is usually the result of port exhaustion, as a temporary fix rebooting may help. Also check that the required ports are flowing between networks.
    https://learn.microsoft.com/en-us/troubleshoot/windows-server/identity/config-firewall-for-ad-domains-and-trusts

    --please don't forget to upvote and Accept as answer if the reply is helpful--

    0 comments
  2. Federico Coppola 1,181 Reputation points
    2021-06-18T15:52:50.687+00:00

    Hi @Anonymous ,
    Two domain controllers are in the same network VLAN.

    These two domain controllers are running from 2/3 years, always in the same network.
    There is just Windows Firewall running on all company servers and domain controller servers.

    I rebooted DC01, I do not see changes in this moment.

    Thanks
    Federico

    0 comments
  3. Anonymous
    2021-06-18T15:54:24.793+00:00

    What is in the event logs? (source and event ID) Might also try demote, reboot, promo the problematic one.

    0 comments
  4. Federico Coppola 1,181 Reputation points
    2021-06-18T18:36:22.887+00:00

    Hi @Anonymous

    Inside EventViewer I filtered logs in Event Viewer > Applications and Services > DFS Replication using Critical, Error, Warning levels as showed.

    107202-2021-06-18-20h27-41.jpg

    After reboot sometime happear the warning/error few times (just one or two times). Otherwise I have just successful DFS sync.
    107221-image.png

    Anyway I continue to not see any DNS records inside DNS Zone in DC02. Inside DC01 I see all.

    0 comments