0

We recently added a new 2008 R2 DC to an existing 2003 forest with one 2003 DC. We haven't raised any functional levels. The 2003 DC was powered down (it hadn't been demoted yet, but all the FSMOs are on the 2008R2 DC) and the 2008R2 was then rebooted. We got the following error in the event log on the 2008R2 upon reboot (note the 2003DC was still offline).

For sake of the question, 

Server01 = Server 2003 Box - Primary DNS itself, secondary Server02
Server02 = Server 2008R2 (FSMOs) - Primary DNS itself, Secondary Server 01

The DNS server timed out attempting an Active Directory service operation on DC=server02,DC=domain.local,cn=MicrosoftDNS,DC=DomainDnsZones,DC=domain,DC=local.  Check Active Directory to see that it is functioning properly. The event data contains the error.

This required a restart of the DNS server and it started working again (at this point the 2003 DC was booting back up). Is this just because it was unable to speak to the other DC (and thus it's replication partner) or is there more at fault here?

PnP
  • 1,684
  • 8
  • 37
  • 65

2 Answers2

3

Don't have a DC use itself for DNS first. Have it use another DC first and the loopback address last.

MDMarra
  • 100,183
  • 32
  • 195
  • 326
0

This is a very typical error from AD and DNS, it has nothing to do with Server01 being offline, it is more related to the fact that you got your DNS running in AD Integrated Mode.

Your question does not include all the error information, after looking into Google I would safely assume that the error code is 4016, which says that you need to have a look at the zone information. http://technet.microsoft.com/en-us/library/cc735747(v=ws.10).aspx

If you had the option to delete/re create the zone in DNS, I would take it.

Hope this helps.

Noor Khaldi
  • 3,829
  • 3
  • 18
  • 28