Article ID: 938459 - View products that this article applies to.
You create a new Domain Name System (DNS) zone, or you replicate an Active Directory directory service-integrated DNS zone from a Microsoft Windows Server 2003-based domain controller. After you do this, you may receive an error message that resembles the following:
The zone cannot be replicated to all DNS servers in the (null) Active Directory domain because the required application does not exist. Only Enterprise administrators have the appropriate permissions to create an application directory partition. To store this zone in a domain container until the partition is created, close this message, and then replicate to all domain controllers in the active directory domain option.
This issue may occur if Active Directory replication fails. Active Directory replication may fail because of a DNS lookup failure or because the security channel is broken.
If you verify Active Directory replication by using the Active Directory sites and Services Microsoft Management Console (MMC) snap-in, you may receive one of the following error messages:
Error message 1
Error message 2
Target Principal Name is incorrect
When you reset the security channel, you may receive an error message that resembles the following:
DNS lookup failure
Target Principal Account name is incorrect
To resolve this issue, follow these steps:
Article ID: 938459 - Last Review: July 6, 2007 - Revision: 1.2