Unable to select DNS Server role when adding a domain controller into an existing Active Directory domain
When promoting a Windows Server 2008 or Windows Server 2008 R2 replica domain controller, the option to auto-install the DNS Server role is disabled or grayed out in the Active Directory Installation Wizard (DCPROMO).
Text in the Additional information field states:
DNS cannot be installed on this domain controller because this domain does not host DNS.
A screenshot of this condition is shown below:
The %windir%\debug\dcpromoui.log file on the replica domain controller being promoted shows the following:
Enter DoesDomainHostDns SLD
dcpromoui A74.A78 046C 14:07:18.800 Dns_DoesDomainHostDns testing domain name SLD
dcpromoui A74.A78 046D 14:07:19.113 SOA query returned 9003 so the domain does not host DNS
dcpromoui A74.A78 046E 14:07:19.113 Dns_DoesDomainHostDns returning false
dcpromoui A74.A78 046F 14:07:19.113 HRESULT = 0x00000000
dcpromoui A74.A78 0470 14:07:19.113 The domain does not host DNS.
- A code defect prevents the DNS Server checkbox from being enabled when promoting replica domain controllers into existing domains with single-label DNS names like "contoso" instead of best-practice fully qualified DNS name like "contoso.com" or "corp.contoso.com". This condition exists even when Microsoft DNS is installed on a domain controller and hosts Active Directory-integrated forward lookup zones for the target domain.OR
For more information regarding single label domains, visit the following Microsoft web site:
Microsoft DNS Namespace Planning Solution Center
- DCPromo checks to see if the DNS zone for the target Active Directory forest is hosted in Active Directory. If the DNS zone for the target domain is not hosted on an existing domain controller in the target forest, DCPROMO does not allow the user to install DNS during the replica promotion.
The goal of this behavior is to prevent administrators from creating duplicate copies of DNS zones with different replication scopes (i.e. file-based zones on Microsoft or third-party DNS Servers and Active Directory integrated DNS zones on domain controllers on the newly promoted domain controller).
For the first root cause, continue the promotion and install the DNS Server role after it is promoted.
For the second root cause, the DNS client and server configuration on the replica domain controller being promoted was sufficient to discover a helper domain controller in the target domain but DCPROMO has determined that the DNS zone for the domain was not Active Directory integrated.
Determine which DNS servers are going to host the zone for your Active Directory domain and what replication scopes those zones will use (Microsoft DNS versus third-party DNS, forest-wide application partition, domain-wide application partition, file-based primary, etc.)
Do not let the inability to auto-install the DNS Server role during DCPROMO block the promotion of Windows Server 2008 replica domain controllers in the domain. Server Manager can be used to install the Microsoft DNS Server role on existing domain controllers, as well as computers functioning as member or workgroup computers. DNS zones and their records can be replicated or copied between DNS servers.
Specific workarounds include:
- If the DNS zones exist on DNS servers outside the domain, consider moving the zones to an existing domain controller in the domain that hosts the DNS Server role.
- If zone data needs to be moved, configure the Microsoft DNS server to host a secondary copy of the zone, then convert that zone to be a file-based primary, then transition the zone to be Active Directory integrated as required. You can ignore this step if you have no interest in saving the DNS zone data.
- Configure the new replica domain controller being promoted to point exclusively to DNS servers hosting Active Directory integrated copies of the zone.
- Use the following command to force Windows 2000, Windows XP, Windows Server 2003, Windows Vista and Windows Server 2008 computers to dynamically register Host A or AAAA records:
- Use the following command to force Windows 2000, Windows Server 2003 and Windows Server 2008 domain controllers to dynamically register SRV records
net stop netlogon & net start netlogon
- Restart DCPROMO on the replica domain controller.
Article ID: 2002584 - Last Review: 09/14/2010 20:09:00 - Revision: 18.0