A. Windows Server 2003 introduced the DomainDNSZones application partition, which is replicated to all DCs running the DNS service within a domain (so each domain has its own version of the DomainDNSZones partition) and the ForestDNSZones application partition, which is replicated to all DCs running the DNS service within the entire forest.
To determine which directory partitions a DC running DNS is registered as part of the replica set, run the command
dnscmd /enumdirectorypartitionswhich on my system resulted in the following output:
Enumerated directory partition list: Directory partition count = 2 DomainDnsZones.savilltech.com Enlisted Auto Domain ForestDnsZones.savilltech.com Enlisted Auto Forest Command completed successfully.
This example shows that the DC is enlisted in both the domain (DomainDNSZones) and forest (ForestDNSZones) application partitions. Alternatively, the status could show as "Not-Enlisted Auto Domain/Forest".
To add the server to a partition's replica set, use the /enlistdirectorypartition parameter, as this example shows
dnscmd /enlistdirectorypartition domaindnszones.savilltech.comRunning this command displays the following output:
DNS Server . enlisted directory partition: domaindnszones.savilltech.com Command completed successfully.To view all the members of the replica set of a partition, use the ntdsutil command as shown below (enter the commands in bold):
ntdsutil ntdsutil: domain management domain management: connection server connections: connect to server savdaldc01 Binding to savdaldc01 ... Connected to savdaldc01 using credentials of locally logged on user. server connections: quit domain management: list Note: Directory partition names with International/Unicode characters will display correctly only if appropriate fonts and language support are loaded Found 6 Naming Context(s) 0 - CN=Configuration,DC=savilltech,DC=com 1 - DC=savilltech,DC=com 2 - CN=Schema,CN=Configuration,DC=savilltech,DC=com 3 - DC=DomainDnsZones,DC=savilltech,DC=com 4 - DC=ForestDnsZones,DC=savilltech,DC=com 5 - DC=child,DC=savilltech,DC=com domain management: list nc replica dc=forestdnszones,dc=savilltech,dc=com The application directory partition dc=forestdnszones,dc=savilltech,dc=com's Replicas are: CN=NTDS Settings,CN=VPC2003ROOTDC2,CN=Servers,CN=Smallville,CN=Sites,CN=Configuration,DC=savilltech,DC=com CN=NTDS Settings,CN=SAVDALDC02,CN=Servers,CN=Smallville,CN=Sites,CN=Configuration,DC=savilltech,DC=com * CN=NTDS Settings,CN=SAVDALDC01,CN=Servers,CN=Smallville,CN=Sites,CN=Configuration,DC=savilltech,DC=com The *'ed items are currently uninstantiated replicas. domain management: list nc replica dc=domaindnszones,dc=savilltech,dc=com The application directory partition dc=domaindnszones,dc=savilltech,dc=com's Replicas are: CN=NTDS Settings,CN=VPC2003ROOTDC2,CN=Servers,CN=Smallville,CN=Sites,CN=Configuration,DC=savilltech,DC=com CN=NTDS Settings,CN=SAVDALDC01,CN=Servers,CN=Smallville,CN=Sites,CN=Configuration,DC=savilltech,DC=com domain management: quit ntdsutil: quit Disconnecting from savdaldc01...
The sample code and output first shows starting the domain management functions of the NTDSUTIL command, then connecting to a DC. Next you use the list command to tell ntdsutil to show all the partitions that exist, then to display the members of the forestdnszones replica set and the domaindnszones replica set (for the savilltech.com domain).
If the output shows any DCs listed as uninstantiated replicas, it means no replication object is configured to allow the replication of the information. You can force the Knowledge Consistency Checker (KCC) to run to create the replication objects, as needed. To do so, type the command
repadmin /kccand then force replication by running the command
repadmin /syncall
