Hallo, as we have some weired dns problems, i tried to find out where they come from. Following is our settup:

2DCs with AD integrated DNS-Zones

Forward-Lookupzone on activeDC1

 +_msdcs.abcdomain.local -> seems okay

 + _sites.abcdomain.local -> seems okay

 + _tcp.abcdomain.local -> seems okay

 + _udp.abcdomain.local -> seems okay

 + abcdomain.local

      (same as parent folder) Host (A) 0.0.0.0 Static ---> this entry seems very weired? Wenn I make a nslookup abcdomain.local i get the two Domain Controller and 0.0.0.0. Can I saftly delete this entry, whereever it came from?

      + _msdcs --->  (same as parent folder) Nameserver olderservername static ---> I think I slould delete this old entry and only leave the second one pointing to itself. Or do I also Need to configure our second DC as nameserver in this Delegation?

                      --->  (same as parent folder) Nameserver activeDC1 static

       + _sites --->  (same as parent folder) Nameserver olderservername static ---> I think I slould delete this old entry and only leave the second one pointing to itself. Or do I also Need to configure our second DC as nameserver in this Delegation?

                      --->  (same as parent folder) Nameserver activeDC1 static

     + _tcp --->  (same as parent folder) Nameserver olderservername static ---> I think I slould delete this old entry and only leave the second one pointing to itself. Or do I also Need to configure our second DC as nameserver in this Delegation?

                      --->  (same as parent folder) Nameserver activeDC1 static

     + _udp --->  (same as parent folder) Nameserver olderservername static ---> I think I slould delete this old entry and only leave the second one pointing to itself. Or do I also Need to configure our second DC as nameserver in this Delegation?

                      --->  (same as parent folder) Nameserver activeDC1 static

     + DomainDnsZones --->  (same as parent folder) Host (A) wrongIPentry olddate ---> Can I safety delete this old entry whereever it comes from.

                      --->  (same as parent folder) Host (A) IP-DC1 dynamic

                      --->  (same as parent folder) Host (A) IP-DC2 dynamic

    + ForestDnsZones --->  (same as parent folder) Host (A) wrong IP olddate --->Can I safety delete this old entry whereever it comes from.

                      --->  (same as parent folder) Host (A) IP-DC1 dynamic

                      --->  (same as parent folder) Host (A) IP-DC2 dynamic

The rest of the configuration seems okay. I bet these wrong entries are from our Domain upgrade 2003-2008 but already a few years old. Our main Problem is when connecting to Shares via dns Name. Sometimes you are able to browse normally but very often browsing is very very slow and takes a long time to show the files. It's like Name Resolution is having timeouts. So we use netbios at the moment to overcome the problem...Hopefully you can give me advice about the correct DNS entries. Regards

• Edited by ollivetti_ 23 hours 38 minutes ago

Hi ollivatti_

According to your description, DNS zones with AD integrated have some wrong entries, and it cause some problems when doing name resolution.

You may try to delete the bad DNS entries first, see if it will work. I find a post that seems similar with you issue, you may read it as reference:

https://social.technet.microsoft.com/Forums/windowsserver/en-US/31695ea9-4b5c-4663-bf4a-e301623f25a5/dns-question-old-dc-records?forum=winserverDS

Besides, here is the reference about how DNS support active directory, you may read it to learn the description of each record.

https://technet.microsoft.com/en-us/library/Cc759550(v=WS.10).aspx

Best Regards,

Anne He

Hello, thank you for your reply! Reading your recommondations I will figure out which old entries to delete. But I am still missing how it should look like in Optimum case. For example should the _msdcs, _sites, .... delegations point to only one productive dc or to both? Thinking of the case that one dc has to be taken offline actually both dc's should be nameserver for the delegations or am I thinking wrong?

And is it safe to delete the 0.0.0.0 entry? I could not find anything about this...in my point it does not make any sense unless it is some Kind of standard configuration setting?

Thank you very much.