DNS Delegation Warning when Promoting a Server Running Windows Server 2008, 2008 R2, or 2012

DNS Delegation Warning when Promoting a Server Running Windows Server 2008, 2008 R2, or 2012


This article discusses a warning that commonly appears when promoting a Windows 2008, 2008 R2, or 2012 server to a domain controller: "A delegation for this DNS server cannot be created..."


When promoting a server running Windows Server 2008, 2008 R2, or 2012, you may see a warning similar to the following:



This warning typically appears when promoting a server to be the first domain controller (DC) in a new Active Directory (AD) domain and installing the DNS Server role during the promotion, but it may also appear when promoting additional domain controllers.

In most cases, this warning can be ignored.
It signifies that the DC promotion (Dcpromo) wizard was unable to create a delegation on the DNS server that is authoritative for the parent domain of the domain being created.
In most cases, when creating a new AD domain, there is no existing parent domain, but the wizard will still attempt to infer the parent domain's name and contact the DNS server that is authoritative for it.
For example, if the domain being created is named mybusiness.local, the wizard will attempt to contact the authoritative DNS server for a domain named local, which doesn't exist, and the warning will appear.

There are some situations in which this warning can indicate a problem and shouldn't be ignored:

  • When creating a child domain of an existing AD domain. In this case, the first DC in the child domain should indeed be able to create a DNS delegation within the parent domain.
  • When creating an internet-connected AD domain for which the appropriate DNS delegation has already been manually created. The dcpromo wizard checks for an existing delegation before trying to create one, and if it finds one, the warning won't appear.
Note: In order for the Dcpromo wizard to successfully create the appropriate delegation, the parent DNS server must be running Windows DNS. For this reason, newly created internet-connected AD domains will always require the delegation to be created manually, as the top-level domain (TLD) DNS servers run BIND DNS.


More information about this warning can be found in the TechNet article Known Issues for Installing and Removing AD DS.




문서 ID: SLN156699

최종 수정일: 12/30/2016 03:27 AM


이 문서 평가하기

정확함
유용함
이해하기 쉬운
이 문서가 도움이 되셨나요?
지원 미지원
피드백을 보내 주십시오.
의견에는 <>()\와 같은 특수 문자를 사용할 수 없습니다.
죄송합니다. 현재 피드백 시스템은 사용하실 수 없습니다. 잠시 후에 다시 시도하십시오.

피드백을 보내주셔서 감사합니다.