Databáze znalostí

DNS Delegation Warning when Promoting a Server Running Windows Server 2008, 2008 R2, or 2012


This article discusses a warning that commonly appears when promoting a Windows 2008, 2008 R2, or 2012 server to a domain controller: "A delegation for this DNS server cannot be created..."


When promoting a server running Windows Server 2008, 2008 R2, or 2012, you may see a warning similar to the following:



This warning typically appears when promoting a server to be the first domain controller (DC) in a new Active Directory (AD) domain and installing the DNS Server role during the promotion, but it may also appear when promoting additional domain controllers.

In most cases, this warning can be ignored.
It signifies that the DC promotion (Dcpromo) wizard was unable to create a delegation on the DNS server that is authoritative for the parent domain of the domain being created.
In most cases, when creating a new AD domain, there is no existing parent domain, but the wizard will still attempt to infer the parent domain's name and contact the DNS server that is authoritative for it.
For example, if the domain being created is named mybusiness.local, the wizard will attempt to contact the authoritative DNS server for a domain named local, which doesn't exist, and the warning will appear.

There are some situations in which this warning can indicate a problem and shouldn't be ignored:

  • When creating a child domain of an existing AD domain. In this case, the first DC in the child domain should indeed be able to create a DNS delegation within the parent domain.
  • When creating an internet-connected AD domain for which the appropriate DNS delegation has already been manually created. The dcpromo wizard checks for an existing delegation before trying to create one, and if it finds one, the warning won't appear.
Note: In order for the Dcpromo wizard to successfully create the appropriate delegation, the parent DNS server must be running Windows DNS. For this reason, newly created internet-connected AD domains will always require the delegation to be created manually, as the top-level domain (TLD) DNS servers run BIND DNS.


More information about this warning can be found in the TechNet article Known Issues for Installing and Removing AD DS.




ID článku: SLN156699

Datum poslední změny: 12/30/2016 03:27 AM


Zhodnoťte tento článek

Přesné
Užitečné
Snadno srozumitelné
Byl tento článek užitečný?
Ano Ne
Zašlete nám svůj názor
Komentáře nesmí obsahovat tyto speciální znaky: <>() \
Je nám líto, ale náš systém zpětné vazby je v současné době mimo provoz. Zkuste to později.

Děkujeme za váš názor.