Question

Locked

Corrupt DNS Zone won't delete

By spragolf ·
A client was trying to use DNS as a content filter. She wanted to stop students from accessing Facebook but got complaints from administrators who needed access. She created a new forward lookup zone for Facebook.com, set an IP (local server) and then used the Zone security tab to allow access. I was called in when the Zone corrupted and no one could access Facebook.com. If I try to look at the zone properties, a red circle with a white dash appears and a message: "Zone not loaded by DNS server." If I try to delete: "The Zone cannot be deleted. Access was denied."
If I use ADSIEdit to try and get access rights via: Domain -> DC -> System -> MicrosoftDNS, I see two folders; one for in_addra_arpa, and another for Root DNS Servers. and what looks like a text file for DC=Facebook.com. When I attempt to get the object properties, I get: "An invalid directory pathname was passed". If I try to delete this object I get: "The folder or one of it's children has one or more property sheets up. Please close before continuing with this action."
The current configuration is a single DNS server for this AD domain. I have assigned full control permissions to the DnsAdmins group. There are no errors in Event Viewer and I get no errors when I run:
DCDiag /TEST:DNS
I tried creating a host file for Facebook but doesn't work. Client can get to the site by using the IP. How do I get to this object that doesn't seem to exist but is still stopping access to Facebook.com?

This conversation is currently closed to new comments.

2 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Answers

Collapse -

whoever did this ought to be

by CG IT In reply to Corrupt DNS Zone won't de ...

Well since I don't believe someone would have done this here's an article available on the internet.

http://hsphere.parallels.com/docs/3.2/sysadmin/html/removing_dns_zones.html

Collapse -

wrap up

by spragolf In reply to whoever did this ought to ...

First, Nobody is trying to make anyone look like a fool here. This really happened. I wouldn't have spent the time asking the question if I wasn't in a bind. Frankly, you can't make up some of the stuff people do when when trying to "fix" a problem. As for the solution, the customer downloaded a free version of Men and Mice tools console and used the DNS tool to delete the zone. There must be a way to do it without the tool but I never found it.

Back to Networks Forum
2 total posts (Page 1 of 1)  

Related Discussions

Related Forums