Do you only have the one DNS server internally? If so, Ryan's
approach should do the trick...though I would only do this if you have
a full backup of the server including the system state. Never poke an
AD/DNS server with sticks unless you have a way of unpoking it.
Otherwise, you may have no network at all!
If not, you may need to repeat the procedures on the
secondary/downline internal DNS servers as well. The trick in a multi
DNS environment is to do the fix and take the server offline then
repeat the steps on the other server and only then bring them back
online...otherwise you may inadvertently replicate the corrupt entry.
I would also recommend reviewing the event logs for DNS on the server
to see if there is more going wrong (especially in a multi AD/DNS
server environment as this could be a DNS replication issue).
TJ
On 7/6/09, Ryan Fox <Ryan@tads.com> wrote:
> Renee,
>
> Fixing DNS corruption within Active Directory will be beyond the scope of my
> suggested solution, but give this a try:
>
> From the DNS Snap-in:
> Expand your forward zones
> Get the properties for the faulty zone
> On the General tab, ensure the Type is Primary
> (If it is Active Directory Integrated, click change and uncheck the box at
> the bottom)
>
> From the Service Snap-in:
> Locate DNS Server Service
> Right click and select Stop
>
> From Windows Explorer:
> Navigate to %SystemRoot%\System32\dns
> Delete the .dns file for the faulty zone
>
> From the Service Snap-in:
> Locate DNS Server Service
> Right click and select Start
>
> From the DNS Snap-in:
> Expand your forward zones
> Right click the faulty zone and select Delete
> (It 'should' allow you to delete it now)
>
>
> Thanks,
> Ryan R. Fox
> TADS Technology Group
> www.tads.com
> 612.548.3333
>
>
>
>
> -----Original Message-----
> From: A forum for independent school educators
> [mailto:ISED-L@LISTSERV.SYR.EDU] On Behalf Of Renee Ramig
> Sent: Monday, July 06, 2009 1:37 PM
> To: ISED-L@LISTSERV.SYR.EDU
> Subject: Corrupted DNS Entry
>
> Hi Everyone,
>
> I need help from some of the more techie people out there.
>
> I did not have a content filter installed this past year, so I messed around
> with creating new DNS entries on my Windows 2003 server to basically have
> users go to nowhere when they tried to go to specific websites.
>
> One of the entries (for facebook) is now corrupt. I just want to go in and
> delete it, but nothing I do in DNS will allow me to access the entry in any
> way, including to delete it. I get a red X and a message that says Zone Not
> Loaded by DNS Server. I cannot access the properties. When I try to delete
> it, I get the message "The zone cannot be delete. Access was denied.) (I
> am logged in directly to the server where I created the dns record.)
>
> Does anyone know how to delete this out of the registry using regedit? Or is
> there some other way to force the DNS server to delete this corrupted DNS
> entry?
>
> Thanks,
>
> Renee Ramig
> Seven Hills School
>
> [ For info on ISED-L see http://www.gds.org/ISED-L ]
> Submissions to ISED-L are released under a creative commons, attribution,
> non-commercial, share-alike license.
> RSS Feed, http://listserv.syr.edu/scripts/wa.exe?RSS&L=ISED-L
>
> [ For info on ISED-L see http://www.gds.org/ISED-L ]
> Submissions to ISED-L are released under a creative commons, attribution,
> non-commercial, share-alike license.
> RSS Feed, http://listserv.syr.edu/scripts/wa.exe?RSS&L=ISED-L
>
--
Sent from my mobile device
TJ Rainsford
E: tjrainsford@gmail.com
[ For info on ISED-L see http://www.gds.org/ISED-L ]
Submissions to ISED-L are released under a creative commons, attribution, non-commercial, share-alike license.
RSS Feed, http://listserv.syr.edu/scripts/wa.exe?RSS&L=ISED-L
