AD DNS recovery

  
        

The customer has two DC servers, DC1 is DC and DNS, DC2 is DC, and DNS is not installed. Now DC1 blue screen is damaged, the user has moved FSMO to DC2, and installed DNS, and integrated for AD. However, it was found that there are only a few A records in the DNS record on DC2, and there are no other records, such as _msdcs, _tcp, and so on. Trying to recover by deactivating net logon, then deleting the dns area, then creating a new area, enabling net logon, but not successful. In the current DC2 you can see the user, the customer does not have any backups. Excuse me, how can I recover DNS and AD? Answer: We do not need to manually back up the AD database. Because the AD database will automatically synchronize between DC1 and DC2. Although DC1 is broken, we can still maintain the AD database through DC2. For the DNS problem, because there is no backup of the DNS database, we can't solve the DNS problem through backup recovery. However, we can manually re-create the _msdcs.domain AD integration area and other areas on DC2, so that DC2 can replace DC1 for DNS resolution.

I have tested this problem on my virtual machine for your problem. The test result is that the _msdcs.domain AD integration area can be successfully created. However, it should be noted that after creating the _msdcs.domain AD integration area, please run the following command to complete the SRV record registration: dnscmd /clearcache & ipconfig /flushdns & net stop netlogon & net stop dns & ; net start dns & net start netolgon & ipconfig /registerdns are all created by creating a new way. However, the creation of the _msdcs.domain AD integration area is special. Below I will list the _msdcs.domain AD integration zone creation steps: Open the DNS MMC, right click on ”Forward Lookup Zones”, select “New Zone”. Create the following area: Ø Type Selection: The main area of ​​the AD integration. Ø copy type: ”To all DNS servers running on domain controllers in this domain:”Ø zone name: _msdcs.domain (note that the domain here is the actual domain name, such as contoso.com). After creating the _msdcs.domain AD integration area, be sure to run the following command to complete the SRV record registration: dnscmd /clearcache & ipconfig /flushdns & net stop netlogon & net stop dns & net start dns & Net start netolgon & ipconfig /registerdnsXiongfei WuAD DNS recovery related articles please refer to AD DNS recovery dns server rebuild recovery Windows 2003AD domain DNS recovery restore --- gnaw0725 author "Active Directory SEO";



Copyright © Windows knowledge All Rights Reserved