Problems with active directory

[ddamq]

Sponsored Links

Hello

I recently tried to change the security policy set on my domain.
While the old security policy contained settings for both DC and DNS, I somehow, in hurry, installed only the settings for the DC, and then removed the old policy. As a result, the domain controllers no longer functioned as DNS servers, as the DC policy had the DNS server service disabled.
When noticed, switched back to the old policy, but even if I deleted the new GPO links, the controllers continue to have the same GPO's applied: the new ones.
I have enabled and started manually the DNS server service, and some services started working(web, nslookup). But I still have no authentication. When checking the DNS management console, I noticed the forward lookup zone with the same name as my domain(rt.w005.opng.int) is gone!
Upon checking the DNS event logs I see a succession of events 4000 and 4013:

"The DNS Server was unable to open Active Directory... The DNS server will wait for the directory to start."

When trying to create the zone with the name rt.w005.opng.int I get a message that the operation failed. Invalid data.

Any help is highly appreciated.
Thanks
John

[ddamq]

Also, in Directory Service event log, I see the following message:
Event 1126: Active Directory was unable to establish a connection with the global catalog.

I have checked NTDS Settings and my first DC holds the Global Catalog role.

Seems it is a DNS misconfiguration, but I don't know how to handle it.