Sign in with
Sign up | Sign in
Your question

CRITICAL! Please help. Invalid Zone Error

Last response: in Windows 2000/NT
Share
Anonymous
July 25, 2005 6:51:03 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

Our main ADI zone in our DNS 'disappeared' from all 3 DCs. We were able to
add it back on to 2 of the DCs after a time but only as a secondary zone on 1
of the 3. An hour after this the two AD integrated zones disappeared and now
when we try to recreate the zone as Primary or ADI we get the error:

"The zone cannot be created. The zone type is invalid."
Anonymous
July 26, 2005 3:24:30 AM

Archived from groups: microsoft.public.win2000.dns (More info?)

In news:384113B9-0CF7-445B-B8FC-32ED0CFC3743@microsoft.com,
Les Arrowman <LesArrowman@discussions.microsoft.com> posted this:
> Our main ADI zone in our DNS 'disappeared' from all 3 DCs. We were
> able to add it back on to 2 of the DCs after a time but only as a
> secondary zone on 1 of the 3. An hour after this the two AD
> integrated zones disappeared and now when we try to recreate the zone
> as Primary or ADI we get the error:
>
> "The zone cannot be created. The zone type is invalid."

This is why I advise people to only add AD integrated zones to one server
and let it replicate. On a set of replicating DCs you cannot mix AD
integrated zones on one DC with standard primary or Standard Secondary on
another DC in the same replication scope.

You will have to delete any esxisting AD zones from DNS and from
ADU&C>System>MicrosoftDNS contaner. Restart the DNS service on all DCs, if
the zone reappears as a secondary zone on any DC or a Primary on more than
one DC, delete the secondary and excess primary. you should start with one
Primary zone on one DC, point all DCs to it for DNS, change the zone to AD
integrated with dynamic updates allowed.

This zone will then replicate to all DCs, do not manually create a zone for
the same name on any other DNS server within the replication scope of this
zone. You can force a replication cycle or wait for the next replication
cycle.


--?
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================
Anonymous
July 26, 2005 4:00:42 AM

Archived from groups: microsoft.public.win2000.dns (More info?)

In news:384113B9-0CF7-445B-B8FC-32ED0CFC3743@microsoft.com,
Les Arrowman <LesArrowman@discussions.microsoft.com> stated, which I then
commented on below:
> Our main ADI zone in our DNS 'disappeared' from all 3 DCs. We were
> able to add it back on to 2 of the DCs after a time but only as a
> secondary zone on 1 of the 3. An hour after this the two AD
> integrated zones disappeared and now when we try to recreate the zone
> as Primary or ADI we get the error:
>
> "The zone cannot be created. The zone type is invalid."

Is this a Windows 2000 AD infrastructure?

Sounds like you tried to create a zone, but it was already created, but you
may have tried to delete the zone on one of the DCs. If you delete an AD
Integrated zone on any one DC, you've essentially deleted the zone on ALL
DNS servers.

We'll need more info on your infrastructure to better assist and the exact
steps you did prior to the "disappearance".

If this is Windows 2003, it may be a conflict in AD zone replication scope
types.

--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services
Infinite Diversities in Infinite Combinations.
=================================
Related resources
Anonymous
July 26, 2005 4:00:43 AM

Archived from groups: microsoft.public.win2000.dns (More info?)

OK sorry for the lack of info, pressure and freak out.

We ended up getting it resolved. Here's what happened in case anyone searches.

We had a DC (let's call it DC2) that got rebuilt last week. When we rebuilt
DC2 we configured it to create an ADI zone (that was already in existance on
DCs 1 & 3) and everything looked good. I was out of town last week but was
told that DC2 had exhibited weird anomolies, mainly that it had turned itself
into a secondary zone instead of an ADI zone. Thus leading up to the issue of
when you would try change it to an ADI zone you'd get the "The zone cannot be
changed. The zone type is invalid."

Well after a server reboot the zone, literally, disappeared from all 3 DCs.
Whenever we'd try to create it on any of the 3 we'd get the "The zone cannot
be created. The zone type is invalid." message.

We went into ADU&C/System/MicrosoftDNS and the domain.com zone was listed in
there even though it wasn't on the servers. We removed this zone in ADUC and
then were able to recreate the zone in ADI mode.

After all servers DNS zone properties were set back up we restarted the
netlogon service.

We suspect that the zone file was corrupt either before the rebuild of DC2
or got corrupted during one of the DCPROMOs (to first remove AD then add the
DC to the domain post re-build).

Hope this helps.

Les

"Ace Fekay [MVP]" wrote:

> In news:384113B9-0CF7-445B-B8FC-32ED0CFC3743@microsoft.com,
> Les Arrowman <LesArrowman@discussions.microsoft.com> stated, which I then
> commented on below:
> > Our main ADI zone in our DNS 'disappeared' from all 3 DCs. We were
> > able to add it back on to 2 of the DCs after a time but only as a
> > secondary zone on 1 of the 3. An hour after this the two AD
> > integrated zones disappeared and now when we try to recreate the zone
> > as Primary or ADI we get the error:
> >
> > "The zone cannot be created. The zone type is invalid."
>
> Is this a Windows 2000 AD infrastructure?
>
> Sounds like you tried to create a zone, but it was already created, but you
> may have tried to delete the zone on one of the DCs. If you delete an AD
> Integrated zone on any one DC, you've essentially deleted the zone on ALL
> DNS servers.
>
> We'll need more info on your infrastructure to better assist and the exact
> steps you did prior to the "disappearance".
>
> If this is Windows 2003, it may be a conflict in AD zone replication scope
> types.
>
> --
> Regards,
> Ace
>
> Please direct all replies ONLY to the Microsoft public newsgroups
> so all can benefit.
>
> This posting is provided "AS-IS" with no warranties or guarantees
> and confers no rights.
>
> Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
> Microsoft Windows MVP - Windows Server - Directory Services
> Infinite Diversities in Infinite Combinations.
> =================================
>
>
>
Anonymous
July 27, 2005 1:52:18 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

In news:3FF99065-0488-4D08-B9DA-88090767FC83@microsoft.com,
Les Arrowman <LesArrowman@discussions.microsoft.com> stated, which I then
commented on below:
> OK sorry for the lack of info, pressure and freak out.
>
> We ended up getting it resolved. Here's what happened in case anyone
> searches.
>
> We had a DC (let's call it DC2) that got rebuilt last week. When we
> rebuilt DC2 we configured it to create an ADI zone (that was already
> in existance on DCs 1 & 3) and everything looked good. I was out of
> town last week but was told that DC2 had exhibited weird anomolies,
> mainly that it had turned itself into a secondary zone instead of an
> ADI zone. Thus leading up to the issue of when you would try change
> it to an ADI zone you'd get the "The zone cannot be changed. The zone
> type is invalid."
>
> Well after a server reboot the zone, literally, disappeared from all
> 3 DCs. Whenever we'd try to create it on any of the 3 we'd get the
> "The zone cannot be created. The zone type is invalid." message.
>
> We went into ADU&C/System/MicrosoftDNS and the domain.com zone was
> listed in there even though it wasn't on the servers. We removed this
> zone in ADUC and then were able to recreate the zone in ADI mode.
>
> After all servers DNS zone properties were set back up we restarted
> the netlogon service.
>
> We suspect that the zone file was corrupt either before the rebuild
> of DC2
> or got corrupted during one of the DCPROMOs (to first remove AD then
> add the DC to the domain post re-build).
>
> Hope this helps.
>
> Les

Thanks for posting back this info. Many other posters who find a way to fix
it usually never post back and leave us wondering if they are ok or if they
did, how did they do it.

One other tool I would like to mention for future issues (if it ever arises
again), is ADSI Edit. You can see the zone in that tool, including the
DomainDnsZones and ForestDnsZones app partitions.

Glad you got it fixed!
Cheers!

Ace
!