This article (KB953317) provides a fix for an issue in which there are no records in a secondary DNS zone and DNS Error 6527 is logged on a Windows Server 2008 server. For detailed information about this missing records issue, see the “Symptoms,” “Cause,” and “Resolution” sections of this article.
To download the fix for this issue, click the View and request hotfix downloads link that is located on the upper-left of the screen.
Consider the following scenario:
You create a primary DNS zone on your Domain Name System (DNS) server.
You enable Zone Transfer on the DNS zone, and you allow Zone Transfer for all the servers.
You enable Dynamic Update on the DNS zone.
A very large number of changes occur on the primary DNS zone.
In this scenario, all records are missing from the secondary DNS zone except the start of authority (SOA) records.
Additionally, the following error message is logged on the Windows Server 2008 server:
Event Type: ErrorEvent Source: DNSEvent Category: NoneEvent ID: 6527Description:Zone msprod.msp expired before it could obtain a successful zone transfer or update from a master server acting as its source for the zone. The zone has been shut down.For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
This issue occurs because the primary zone file cannot transfer to the Windows Server 2008-based secondary DNS server when the primary DNS server has a very large number of changes. During the DNS Zone Transfer, the secondary DNS server requests an incremental zone transfer (IXFR) of the zone. When a very large number of changes occur on the primary DNS server, the primary DNS server cannot service an IXFR query. Instead, the primary DNS server responds to the IXFR query with a full zone transfer (AXFR) response. The secondary DNS server ends the transfer because it expects an IXFR request and not an AXFR request. Because the secondary DNS server is never able to complete a zone transfer, all records in the zone on the secondary server eventually expire. Therefore, there are no records in the secondary DNS zone.
To resolve this problem, obtain the latest service pack for Windows Server 2008. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
968849 How to obtain the latest service pack for Windows Server 2008
A supported hotfix is available from Microsoft. However, this hotfix is intended to correct only the problem that is described in this article. Apply this hotfix only to systems that are experiencing the problem described in this article. This hotfix might receive additional testing. Therefore, if you are not severely affected by this problem, we recommend that you wait for the next software update that contains this hotfix.
If the hotfix is available for download, there is a "Hotfix download available" section at the top of this Knowledge Base article. If this section does not appear, contact Microsoft Customer Service and Support to obtain the hotfix.
Note If additional issues occur or if any troubleshooting is required, you might have to create a separate service request. The usual support costs will apply to additional support questions and issues that do not qualify for this specific hotfix. For a complete list of Microsoft Customer Service and Support telephone numbers or to create a separate service request, visit the following Microsoft Web site:
Note The "Hotfix download available" form displays the languages for which the hotfix is available. If you do not see your language, it is because a hotfix is not available for that language.
Important Windows Vista and Windows Server 2008 hotfixes are included in the same packages. However, only one of these products may be listed on the “Hotfix Request” page. To request the hotfix package that applies to both Windows Vista and Windows Server 2008, just select the product that is listed on the page.
You must have Windows Server 2008 installed to apply this hotfix.
Note Service Pack 1 is integrated into Windows Server 2008.
You must restart the computer after you apply this hotfix.
Hotfix replacement information
This hotfix does not replace any other hotfixes.
The English version of this hotfix has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time item in Control Panel.
Note The .manifest files and the .mum files that are installed in each environment are listed separately in the "Additional file information for Windows Server 2008 and for Windows Vista" section. These files and their associated .cat (security catalog) files are critical to maintaining the state of the updated component. The .cat files are signed with a Microsoft digital signature. The attributes of these security files are not listed.
For all supported 32-bit versions of Windows Server 2008
For all supported 64-bit versions of Windows Server 2008
Additional file information for Windows Server 2008
Additional files for all supported 32-bit versions of Windows Server 2008
Windows Server 2008 Standard, Windows Server 2008 Enterprise, Windows Server 2008 Datacenter, Windows Server 2008 Datacenter without Hyper-V, Windows Server 2008 Enterprise without Hyper-V, Windows Server 2008 Standard without Hyper-V