Share via

Active Directory DNS Records have disappeared

Omid Shojaee 121 Reputation points
2022-03-05T13:19:19.863+00:00

Hello,

We installed and configured our Active Directory about 3 months ago.

AD DS and DNS roles installed on a server and then other computers joined. Everything was OK.

However today after 3 months we tried to join a few more machines but because the DNS lookup for SVR record failed, I logged into the AD server to find out that all DNS records are gone. Nothing is left except the zone (mydomain.com) itself plus one SOA and one NS record. Everything else is wiped out.

I'm the only one who has access to this server.

I tried to solve this by removing DNS role and adding it again, to no avail.

This is a crisis for us. Please assist.

Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,245 questions
Windows DHCP
Windows DHCP
Windows: A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.DHCP: Dynamic Host Configuration Protocol (DHCP). A communications protocol that lets network administrators manage centrally and automate the assignment of Internet Protocol (IP) addresses in an organization's network.
1,035 questions
0 comments
Accepted answer
  1. Anonymous
    2022-03-09T14:19:27.827+00:00

    That sounds very risky. Have you addressed the issues I raised? A much simpler / safer method is to stand up a new one for a test.

    I'd use dcdiag / repadmin tools to verify health correcting all errors found before starting any operations. Then stand up the new one, patch it fully, license it, join existing domain, add active directory domain services, promote it also making it a GC (recommended), transfer FSMO roles over (optional), transfer pdc emulator role (optional), use dcdiag / repadmin tools to again verify health, when all is good you can decommission / demote old one.

    --please don't forget to upvote and Accept as answer if the reply is helpful--

    1 person found this answer helpful.

14 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2022-03-06T13:53:11.023+00:00

    Looks Ok, I'd also add the server's own static address (192.168.50.12) listed for DNS, then do ipconfig /flushdns, ipconfig /registerdns, restart the netlogon service and check the DFS Replication event log for errors.

    --please don't forget to upvote and Accept as answer if the reply is helpful--

    0 comments
  2. Omid Shojaee 121 Reputation points
    2022-03-06T14:56:31.327+00:00

    @Anonymous

    Did all that and nothing. DNS Manager still shows SOA and one NS record.

    There's no error related to DFSR.

    What if I remove DNS role, restart the server and install the role again? AD DS should re-populate it right?

    Please note that the DNS service works fine because hamrahfelez.net.dns file exists inside C:\Windows\System32\dns folder.

    0 comments
  3. Anonymous
    2022-03-06T15:00:25.38+00:00

    That isn't recommended. Might work through these ones.
    https://learn.microsoft.com/en-us/troubleshoot/windows-server/networking/dns-records-not-present

    Another option may be to stand up a new domain controller with integrated DNS as a test.

    --please don't forget to upvote and Accept as answer if the reply is helpful--

    0 comments
  4. Omid Shojaee 121 Reputation points
    2022-03-06T15:10:37.393+00:00

    @Anonymous

    Already checked them all. They are either not applicable or not the cause here.

    What if move the zone file to another folder and use it to create all records manually?

    0 comments