Archived from groups: microsoft.public.win2000.dns (More info?)

Is there any way to back up DNS information in Windows Server 2003
Standard?

I have a total of three Win 2003 Domain Controllers which are DNS servers
as well. Two in Toronto, one in Calgary.

Last evening, the two that are in Toronto lost all of their zones under
both the Forward and Reverse Lookup Zones.

I found out the problems when users who are on shift were kicked out of
Outlook and some were not able to login to the domain.

The first thing I did was TermServ into the Exchange 2003 server. For
something that normally takes 30 seconds, it took well over five mintues.
I then suspect it was a DNS problem.

So, I tried to TermServ into the DC's and as suspected, both the Forward
Lookup Zone and the Reverse Lookup Zone were empty, as if the DNS server
was never configured.

I looked in the event logs and these are some of the errors:

The DNS server received indication that zone zoo.domain-removed.com was
deleted from the Active Directory. Since this zone was an Active Directory
integrated zone, it has been deleted from the DNS server.

The DNS server received indication that zone 34.20.10.in-addr.arpa was
deleted from the Active Directory. Since this zone was an Active Directory
integrated zone, it has been deleted from the DNS server.

The DNS server received indication that zone 36.20.10.in-addr.arpa was
deleted from the Active Directory. Since this zone was an Active Directory
integrated zone, it has been deleted from the DNS server.

The DNS server has encountered numerous run-time events. To determine the
initial cause of these run-time events, examine the DNS server event log
entries that precede this event. To prevent the DNS server from filling the
event log too quickly, subsequent events with Event IDs higher than 3000
will be suppressed until events are no longer being generated at a high
rate.


I have no idea as to why it would think the zone was deleted from the AD.
Nobody was doing anything at that time. I called Microsoft Support, spent
$350 and over three hours being cut off, and transferred to five different
people explaining the situation over and over and over and over again, with
bad phone lines and bad accents (I don't mean to offend anyone) and didn't
get an answer or resolution.

Luckily, the DNS info were not replicated to Calgary and I was able to re-
create the zones on both Toronto DC's as secondary and copy the information
from the Calgary DNS server. I then changed one of the Toronto DC's from
seconday back to AD-integrated and all seems to be well.

So, my question is, will taking a System State snapshot for the AD-
integrated DNS server help me in backing up the DNS information and how
would I prevent this from ever happening again? Luckily it was not during
the day, and even though we have staff 24/7, it didn't cause too much
inconvenience.

Sorry for the long post and I hope someone has an idea as to what the hell
happened. Thank you.


Chris.




----== Posted via Newsfeeds.Com - Unlimited-Uncensored-Secure Usenet News==----
http://www.newsfeeds.com The #1 Newsgroup Service in the World! 120,000+ Newsgroups
----= East and West-Coast Server Farms - Total Privacy via Encryption =----

Archived from groups: microsoft.public.win2000.dns (More info?)

In news:Xns9683671A9ABFBchrishchyahoocomSpam@38.119.71.105,
LastYJ <carsx88-6012@yahoo.comm.> stated, and I replied below:
> Is there any way to back up DNS information in Windows Server 2003
> Standard?
>
> I have a total of three Win 2003 Domain Controllers which are DNS
> servers
> as well. Two in Toronto, one in Calgary.
>
> Last evening, the two that are in Toronto lost all of their zones
> under
> both the Forward and Reverse Lookup Zones.
>
> I found out the problems when users who are on shift were kicked out
> of
> Outlook and some were not able to login to the domain.
>
> The first thing I did was TermServ into the Exchange 2003 server. For
> something that normally takes 30 seconds, it took well over five
> mintues.
> I then suspect it was a DNS problem.
>
> So, I tried to TermServ into the DC's and as suspected, both the
> Forward
> Lookup Zone and the Reverse Lookup Zone were empty, as if the DNS
> server
> was never configured.
>
> I looked in the event logs and these are some of the errors:
>
> The DNS server received indication that zone zoo.domain-removed.com
> was
> deleted from the Active Directory. Since this zone was an Active
> Directory integrated zone, it has been deleted from the DNS server.
>
> The DNS server received indication that zone 34.20.10.in-addr.arpa was
> deleted from the Active Directory. Since this zone was an Active
> Directory integrated zone, it has been deleted from the DNS server.
>
> The DNS server received indication that zone 36.20.10.in-addr.arpa was
> deleted from the Active Directory. Since this zone was an Active
> Directory integrated zone, it has been deleted from the DNS server.
>
> The DNS server has encountered numerous run-time events. To determine
> the
> initial cause of these run-time events, examine the DNS server event
> log
> entries that precede this event. To prevent the DNS server from
> filling the
> event log too quickly, subsequent events with Event IDs higher than
> 3000
> will be suppressed until events are no longer being generated at a
> high
> rate.
>
>
> I have no idea as to why it would think the zone was deleted from the
> AD.
> Nobody was doing anything at that time. I called Microsoft Support,
> spent $350 and over three hours being cut off, and transferred to
> five different
> people explaining the situation over and over and over and over
> again, with
> bad phone lines and bad accents (I don't mean to offend anyone) and
> didn't
> get an answer or resolution.
>
> Luckily, the DNS info were not replicated to Calgary and I was able
> to re-
> create the zones on both Toronto DC's as secondary and copy the
> information
> from the Calgary DNS server. I then changed one of the Toronto DC's
> from
> seconday back to AD-integrated and all seems to be well.
>
> So, my question is, will taking a System State snapshot for the AD-
> integrated DNS server help me in backing up the DNS information and
> how
> would I prevent this from ever happening again? Luckily it was not
> during
> the day, and even though we have staff 24/7, it didn't cause too much
> inconvenience.
>
> Sorry for the long post and I hope someone has an idea as to what the
> hell happened. Thank you.
>
>
> Chris.

If someone meant to delete a zone off a particular DNS server, and the zone
is AD Integrated, unfortunately the system will translate it as a request to
delete the zone entirely out of the AD database. You can test that by
creating a demo.com zone, make it AD integrated, create the zone on all
DC/DNS servers as AD Integrated, then delete it from one of them. You will
find it is deleted from the database entirely and will affect all DNS
servers.

A system state backup will back up the AD Database. To restore just the zone
data, however, you will need to perform an authoratative restore for that
specific data.

--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services
Infinite Diversities in Infinite Combinations.
=================================

Archived from groups: microsoft.public.win2000.dns (More info?)

Ace, please could you give an example of how to restore only DNS using an
authoratative restore?

Thanks.

"Ace Fekay [MVP]"
<PleaseSubstituteMyActualFirstName&LastNameHere@hotmail.com> wrote in
message newsfBlGj$eFHA.688@TK2MSFTNGP14.phx.gbl...
> In news:Xns9683671A9ABFBchrishchyahoocomSpam@38.119.71.105,
> LastYJ <carsx88-6012@yahoo.comm.> stated, and I replied below:
> > Is there any way to back up DNS information in Windows Server 2003
> > Standard?
> >
> > I have a total of three Win 2003 Domain Controllers which are DNS
> > servers
> > as well. Two in Toronto, one in Calgary.
> >
> > Last evening, the two that are in Toronto lost all of their zones
> > under
> > both the Forward and Reverse Lookup Zones.
> >
> > I found out the problems when users who are on shift were kicked out
> > of
> > Outlook and some were not able to login to the domain.
> >
> > The first thing I did was TermServ into the Exchange 2003 server. For
> > something that normally takes 30 seconds, it took well over five
> > mintues.
> > I then suspect it was a DNS problem.
> >
> > So, I tried to TermServ into the DC's and as suspected, both the
> > Forward
> > Lookup Zone and the Reverse Lookup Zone were empty, as if the DNS
> > server
> > was never configured.
> >
> > I looked in the event logs and these are some of the errors:
> >
> > The DNS server received indication that zone zoo.domain-removed.com
> > was
> > deleted from the Active Directory. Since this zone was an Active
> > Directory integrated zone, it has been deleted from the DNS server.
> >
> > The DNS server received indication that zone 34.20.10.in-addr.arpa was
> > deleted from the Active Directory. Since this zone was an Active
> > Directory integrated zone, it has been deleted from the DNS server.
> >
> > The DNS server received indication that zone 36.20.10.in-addr.arpa was
> > deleted from the Active Directory. Since this zone was an Active
> > Directory integrated zone, it has been deleted from the DNS server.
> >
> > The DNS server has encountered numerous run-time events. To determine
> > the
> > initial cause of these run-time events, examine the DNS server event
> > log
> > entries that precede this event. To prevent the DNS server from
> > filling the
> > event log too quickly, subsequent events with Event IDs higher than
> > 3000
> > will be suppressed until events are no longer being generated at a
> > high
> > rate.
> >
> >
> > I have no idea as to why it would think the zone was deleted from the
> > AD.
> > Nobody was doing anything at that time. I called Microsoft Support,
> > spent $350 and over three hours being cut off, and transferred to
> > five different
> > people explaining the situation over and over and over and over
> > again, with
> > bad phone lines and bad accents (I don't mean to offend anyone) and
> > didn't
> > get an answer or resolution.
> >
> > Luckily, the DNS info were not replicated to Calgary and I was able
> > to re-
> > create the zones on both Toronto DC's as secondary and copy the
> > information
> > from the Calgary DNS server. I then changed one of the Toronto DC's
> > from
> > seconday back to AD-integrated and all seems to be well.
> >
> > So, my question is, will taking a System State snapshot for the AD-
> > integrated DNS server help me in backing up the DNS information and
> > how
> > would I prevent this from ever happening again? Luckily it was not
> > during
> > the day, and even though we have staff 24/7, it didn't cause too much
> > inconvenience.
> >
> > Sorry for the long post and I hope someone has an idea as to what the
> > hell happened. Thank you.
> >
> >
> > Chris.
>
> If someone meant to delete a zone off a particular DNS server, and the
zone
> is AD Integrated, unfortunately the system will translate it as a request
to
> delete the zone entirely out of the AD database. You can test that by
> creating a demo.com zone, make it AD integrated, create the zone on all
> DC/DNS servers as AD Integrated, then delete it from one of them. You will
> find it is deleted from the database entirely and will affect all DNS
> servers.
>
> A system state backup will back up the AD Database. To restore just the
zone
> data, however, you will need to perform an authoratative restore for that
> specific data.
>
> --
> Regards,
> Ace
>
> Please direct all replies ONLY to the Microsoft public newsgroups
> so all can benefit.
>
> This posting is provided "AS-IS" with no warranties or guarantees
> and confers no rights.
>
> Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
> Microsoft Windows MVP - Windows Server - Directory Services
> Infinite Diversities in Infinite Combinations.
> =================================
>

Archived from groups: microsoft.public.win2000.dns (More info?)

In news:%23oYrCfJgFHA.3936@tk2msftngp13.phx.gbl,
ade <noone@somewhere.net> posted this:
> Ace, please could you give an example of how to restore only DNS
> using an authoratative restore?

If you have a backup zone file, remove the zone from AD. Then create a new
standard primary zone using the backed up zone file as the file to get the
data from. Then change the restored standard primary to be stored in AD. Do
this only on one DC! It is this zone that will be replicated through AD to
all DCs. Do not manually add a zone on any other DC, it will not contain the
backed up data and will overwrite any existing zone in AD causing zone data
loss of the static records.



--?
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================

Archived from groups: microsoft.public.win2000.dns (More info?)

"ade" <noone@somewhere.net> wrote in message
news:%23oYrCfJgFHA.3936@tk2msftngp13.phx.gbl...
> Ace, please could you give an example of how to restore only DNS using an
> authoratative restore?
>
> Thanks.

How to perform an authoritative restore to a domain controller in Windows
2000:
http://support.microsoft.com/defau [...] -us;241594

But in the future, prior to deleting an AD Integrated zone, as Kevin
mentioned, change the zone type to a Primary on one of the servers so you
have the zone data in text format. It's easier.

Ace