CRITICAL! Please help. Invalid Zone Error

Archived from groups: microsoft.public.win2000.dns (More info?)

Our main ADI zone in our DNS 'disappeared' from all 3 DCs. We were able to
add it back on to 2 of the DCs after a time but only as a secondary zone on 1
of the 3. An hour after this the two AD integrated zones disappeared and now
when we try to recreate the zone as Primary or ADI we get the error:

"The zone cannot be created. The zone type is invalid."
4 answers Last reply
More about critical help invalid zone error
  1. Archived from groups: microsoft.public.win2000.dns (More info?)

    In news:384113B9-0CF7-445B-B8FC-32ED0CFC3743@microsoft.com,
    Les Arrowman <LesArrowman@discussions.microsoft.com> posted this:
    > Our main ADI zone in our DNS 'disappeared' from all 3 DCs. We were
    > able to add it back on to 2 of the DCs after a time but only as a
    > secondary zone on 1 of the 3. An hour after this the two AD
    > integrated zones disappeared and now when we try to recreate the zone
    > as Primary or ADI we get the error:
    >
    > "The zone cannot be created. The zone type is invalid."

    This is why I advise people to only add AD integrated zones to one server
    and let it replicate. On a set of replicating DCs you cannot mix AD
    integrated zones on one DC with standard primary or Standard Secondary on
    another DC in the same replication scope.

    You will have to delete any esxisting AD zones from DNS and from
    ADU&C>System>MicrosoftDNS contaner. Restart the DNS service on all DCs, if
    the zone reappears as a secondary zone on any DC or a Primary on more than
    one DC, delete the secondary and excess primary. you should start with one
    Primary zone on one DC, point all DCs to it for DNS, change the zone to AD
    integrated with dynamic updates allowed.

    This zone will then replicate to all DCs, do not manually create a zone for
    the same name on any other DNS server within the replication scope of this
    zone. You can force a replication cycle or wait for the next replication
    cycle.


    --?
    Best regards,
    Kevin D4 Dad Goodknecht Sr. [MVP]
    Hope This Helps
    ===================================
    When responding to posts, please "Reply to Group"
    via your newsreader so that others may learn and
    benefit from your issue, to respond directly to
    me remove the nospam. from my email address.
    ===================================
    http://www.lonestaramerica.com/
    ===================================
    Use Outlook Express?... Get OE_Quotefix:
    It will strip signature out and more
    http://home.in.tum.de/~jain/software/oe-quotefix/
    ===================================
    Keep a back up of your OE settings and folders
    with OEBackup:
    http://www.oehelp.com/OEBackup/Default.aspx
    ===================================
  2. Archived from groups: microsoft.public.win2000.dns (More info?)

    In news:384113B9-0CF7-445B-B8FC-32ED0CFC3743@microsoft.com,
    Les Arrowman <LesArrowman@discussions.microsoft.com> stated, which I then
    commented on below:
    > Our main ADI zone in our DNS 'disappeared' from all 3 DCs. We were
    > able to add it back on to 2 of the DCs after a time but only as a
    > secondary zone on 1 of the 3. An hour after this the two AD
    > integrated zones disappeared and now when we try to recreate the zone
    > as Primary or ADI we get the error:
    >
    > "The zone cannot be created. The zone type is invalid."

    Is this a Windows 2000 AD infrastructure?

    Sounds like you tried to create a zone, but it was already created, but you
    may have tried to delete the zone on one of the DCs. If you delete an AD
    Integrated zone on any one DC, you've essentially deleted the zone on ALL
    DNS servers.

    We'll need more info on your infrastructure to better assist and the exact
    steps you did prior to the "disappearance".

    If this is Windows 2003, it may be a conflict in AD zone replication scope
    types.

    --
    Regards,
    Ace

    Please direct all replies ONLY to the Microsoft public newsgroups
    so all can benefit.

    This posting is provided "AS-IS" with no warranties or guarantees
    and confers no rights.

    Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
    Microsoft Windows MVP - Windows Server - Directory Services
    Infinite Diversities in Infinite Combinations.
    =================================
  3. Archived from groups: microsoft.public.win2000.dns (More info?)

    OK sorry for the lack of info, pressure and freak out.

    We ended up getting it resolved. Here's what happened in case anyone searches.

    We had a DC (let's call it DC2) that got rebuilt last week. When we rebuilt
    DC2 we configured it to create an ADI zone (that was already in existance on
    DCs 1 & 3) and everything looked good. I was out of town last week but was
    told that DC2 had exhibited weird anomolies, mainly that it had turned itself
    into a secondary zone instead of an ADI zone. Thus leading up to the issue of
    when you would try change it to an ADI zone you'd get the "The zone cannot be
    changed. The zone type is invalid."

    Well after a server reboot the zone, literally, disappeared from all 3 DCs.
    Whenever we'd try to create it on any of the 3 we'd get the "The zone cannot
    be created. The zone type is invalid." message.

    We went into ADU&C/System/MicrosoftDNS and the domain.com zone was listed in
    there even though it wasn't on the servers. We removed this zone in ADUC and
    then were able to recreate the zone in ADI mode.

    After all servers DNS zone properties were set back up we restarted the
    netlogon service.

    We suspect that the zone file was corrupt either before the rebuild of DC2
    or got corrupted during one of the DCPROMOs (to first remove AD then add the
    DC to the domain post re-build).

    Hope this helps.

    Les

    "Ace Fekay [MVP]" wrote:

    > In news:384113B9-0CF7-445B-B8FC-32ED0CFC3743@microsoft.com,
    > Les Arrowman <LesArrowman@discussions.microsoft.com> stated, which I then
    > commented on below:
    > > Our main ADI zone in our DNS 'disappeared' from all 3 DCs. We were
    > > able to add it back on to 2 of the DCs after a time but only as a
    > > secondary zone on 1 of the 3. An hour after this the two AD
    > > integrated zones disappeared and now when we try to recreate the zone
    > > as Primary or ADI we get the error:
    > >
    > > "The zone cannot be created. The zone type is invalid."
    >
    > Is this a Windows 2000 AD infrastructure?
    >
    > Sounds like you tried to create a zone, but it was already created, but you
    > may have tried to delete the zone on one of the DCs. If you delete an AD
    > Integrated zone on any one DC, you've essentially deleted the zone on ALL
    > DNS servers.
    >
    > We'll need more info on your infrastructure to better assist and the exact
    > steps you did prior to the "disappearance".
    >
    > If this is Windows 2003, it may be a conflict in AD zone replication scope
    > types.
    >
    > --
    > Regards,
    > Ace
    >
    > Please direct all replies ONLY to the Microsoft public newsgroups
    > so all can benefit.
    >
    > This posting is provided "AS-IS" with no warranties or guarantees
    > and confers no rights.
    >
    > Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
    > Microsoft Windows MVP - Windows Server - Directory Services
    > Infinite Diversities in Infinite Combinations.
    > =================================
    >
    >
    >
  4. Archived from groups: microsoft.public.win2000.dns (More info?)

    In news:3FF99065-0488-4D08-B9DA-88090767FC83@microsoft.com,
    Les Arrowman <LesArrowman@discussions.microsoft.com> stated, which I then
    commented on below:
    > OK sorry for the lack of info, pressure and freak out.
    >
    > We ended up getting it resolved. Here's what happened in case anyone
    > searches.
    >
    > We had a DC (let's call it DC2) that got rebuilt last week. When we
    > rebuilt DC2 we configured it to create an ADI zone (that was already
    > in existance on DCs 1 & 3) and everything looked good. I was out of
    > town last week but was told that DC2 had exhibited weird anomolies,
    > mainly that it had turned itself into a secondary zone instead of an
    > ADI zone. Thus leading up to the issue of when you would try change
    > it to an ADI zone you'd get the "The zone cannot be changed. The zone
    > type is invalid."
    >
    > Well after a server reboot the zone, literally, disappeared from all
    > 3 DCs. Whenever we'd try to create it on any of the 3 we'd get the
    > "The zone cannot be created. The zone type is invalid." message.
    >
    > We went into ADU&C/System/MicrosoftDNS and the domain.com zone was
    > listed in there even though it wasn't on the servers. We removed this
    > zone in ADUC and then were able to recreate the zone in ADI mode.
    >
    > After all servers DNS zone properties were set back up we restarted
    > the netlogon service.
    >
    > We suspect that the zone file was corrupt either before the rebuild
    > of DC2
    > or got corrupted during one of the DCPROMOs (to first remove AD then
    > add the DC to the domain post re-build).
    >
    > Hope this helps.
    >
    > Les

    Thanks for posting back this info. Many other posters who find a way to fix
    it usually never post back and leave us wondering if they are ok or if they
    did, how did they do it.

    One other tool I would like to mention for future issues (if it ever arises
    again), is ADSI Edit. You can see the zone in that tool, including the
    DomainDnsZones and ForestDnsZones app partitions.

    Glad you got it fixed!
    Cheers!

    Ace
Ask a new question

Read More

Microsoft DNS ADI Windows