Active Directory DNS Records have disappeared

Omid Shojaee 116 Reputation points
2022-03-05T13:19:19.863+00:00

Hello,

We installed and configured our Active Directory about 3 months ago.

AD DS and DNS roles installed on a server and then other computers joined. Everything was OK.

However today after 3 months we tried to join a few more machines but because the DNS lookup for SVR record failed, I logged into the AD server to find out that all DNS records are gone. Nothing is left except the zone (mydomain.com) itself plus one SOA and one NS record. Everything else is wiped out.

I'm the only one who has access to this server.

I tried to solve this by removing DNS role and adding it again, to no avail.

This is a crisis for us. Please assist.

Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,060 questions
Windows DHCP
Windows DHCP
Windows: A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.DHCP: Dynamic Host Configuration Protocol (DHCP). A communications protocol that lets network administrators manage centrally and automate the assignment of Internet Protocol (IP) addresses in an organization's network.
1,028 questions
0 comments No comments
{count} votes

Accepted answer
  1. Dave Patrick 426.3K Reputation points MVP
    2022-03-09T14:19:27.827+00:00

    That sounds very risky. Have you addressed the issues I raised? A much simpler / safer method is to stand up a new one for a test.

    I'd use dcdiag / repadmin tools to verify health correcting all errors found before starting any operations. Then stand up the new one, patch it fully, license it, join existing domain, add active directory domain services, promote it also making it a GC (recommended), transfer FSMO roles over (optional), transfer pdc emulator role (optional), use dcdiag / repadmin tools to again verify health, when all is good you can decommission / demote old one.

    --please don't forget to upvote and Accept as answer if the reply is helpful--

    1 person found this answer helpful.

14 additional answers

Sort by: Most helpful
  1. Dave Patrick 426.3K Reputation points MVP
    2022-03-05T14:00:49.093+00:00

    Please run;

    Dcdiag /v /c /d /e /s:%computername% >C:\dcdiag.log
    repadmin /showrepl >C:\repl.txt
    ipconfig /all > C:\dc1.txt
    ipconfig /all > C:\dc2.txt
    ipconfig /all > C:\dc3.txt
    ipconfig /all > C:\problemworkstation.txt

    then put unzipped text files up on OneDrive and share a link.

    0 comments No comments

  2. Omid Shojaee 116 Reputation points
    2022-03-05T14:37:02.63+00:00

    @Dave Patrick

    Hello,

    Thanks. Looks like I panicked and posted this question without proper investigation.

    The zone file is still in C:\Windows\System32\DNS and it works fine and new machines were able to join the domain successfully BUT the DNS Manager GUI is empty and I don't see any of the records in it except for just one SOA and one NS record - both pointing to the server itself. Reloading the zone and restarting both DNS Server service and the server didn't solve this issue. The GUI is still empty.

    Now if you still need those files let me know and I'll provide them.

    0 comments No comments

  3. Dave Patrick 426.3K Reputation points MVP
    2022-03-05T14:57:05.433+00:00

    Some possibilities here.
    https://learn.microsoft.com/en-us/troubleshoot/windows-server/networking/dns-records-not-present

    --please don't forget to upvote and Accept as answer if the reply is helpful--

    0 comments No comments

  4. Omid Shojaee 116 Reputation points
    2022-03-06T12:29:58.153+00:00

    @Dave Patrick

    The files you requested are here:

    https://1drv.ms/u/s!AnKo_BSti8xpiNFQohS-Wbyu4Ct1_Q?e=fToZ8Z

    Please note that we have one DC only and it's on the same server as AD and DNS.

    0 comments No comments