Verify zone transfers
Updated: March 2, 2005
Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2
With Active Directory–integrated Domain Name System (DNS), all DNS servers in the domain can modify the zone and then replicate the changes to other domain controllers. Therefore, the procedures for verifying zone transfers of an Active Directory–integrated DNS server are equivalent to Active Directory replication verification procedures.
Although Active Directory-integrated zones are transferred by using Active Directory replication, you can also perform standard zone transfers to secondary servers in a manner similar to standard DNS zone transfers. You can use the following procedure to verify zone transfers.
To perform this procedure, you must be a member of the Administrators group on the local computer, or you must have been delegated the appropriate authority. If the computer is joined to a domain, members of the Domain Admins group might be able to perform this procedure. As a security best practice, consider using the Run as command to perform this procedure.
Verifying zone transfers
Open the DNS snap-in.
In the console tree, double-click Event Viewer, and then click DNS Events.
Check for the following critical events:
Event ID Description
Zone expired before it could obtain a successful zone transfer or update from a master server acting as its source for the zone. The zone has been shut down.
This event ID might appear when the DNS server is configured to host a secondary copy of the zone from another DNS server acting as its source or master server. Verify that this server has network connectivity to its configured master server.
If the problem continues, consider one or more of the following options:
Delete the zone and recreate it, specifying either a different master server, or an updated and corrected IP address for the same master server.
If zone expiration continues, consider adjusting the expire interval.
The DNS server received a zone transfer request from %1 for a non-existent or non-authoritative %2.
- Delete the zone and recreate it, specifying either a different master server, or an updated and corrected IP address for the same master server.
|To open the DNS snap-in, click Start, point to Administrative Tools, and then click DNS.|