Event ID 4515 is logged in the DNS Server log in Windows Server 2003

To resolve this behavior, determine which Active Directory partition for contoso.com you would like to use, and then remove the other contoso.com zone(s) from Active Directory.

The following locations are the three default directory partition locations in Active Directory that DNS can be stored in on a Windows Server 2003 Domain Controller (DC). These are:

1. To all DNS servers in the Active Directory Forest contoso.com. [ForestDNSZones]
2. To all DNS servers in the Active Directory domain contoso.com. [DomainDNSZones]
3. To all domain controllers in the Active Directory domain contoso.com.

To determine which zone should be deleted, you should take into consideration the information below, where you would like to have the DNS zone replicated to in your environment, and which zone currently has the majority of the records. Typically, all of the DNS zones for contoso.com should be set to utilize the same Active Directory partition for all Microsoft DNS servers in the environment.

Option 1 [ForestDNSZones] and Option 2 [DomainDNSZones] listed above are only understood by Windows Server 2003 domain controllers. Option 3 is understood by Windows 2000 and Windows Server 2003 domain controllers. If you have any Windows 2000 DCs that need to host this zone, you must choose Option 3.

If possible, it is recommended to use either Option 1 or 2. Here are some benefits of storing DNS zones in default DNS application partitions:

• Relocating DNS zones from the Active Directory integrated domain partitions to application partitions removes DNS records from non-DNS Servers in the domain and Global Catalog domain controllers in the forest. DNS zones and their records are only present on the domain controllers running the Microsoft DNS Server service in the domain for zones placed in domain-wide partitions or DNS Servers in the forest for forest-wide DNS application partitions. This reduces the amount of replication required throughout the domain or forest as compared to using option 3.
• When the _MSDCS sub-domain is placed in a forest-wide DNS application partition, all DNS servers in the forest host a local copy of the _MSDCS.<forest root domain> zones containing CNAME and SRV locator records for all DCs in the forest. This configuration is easier to administer and has less overhead for DCs to resolve these records which are required for AD replication. The Windows 2000 alternative is to utilize secondary zones or forwarders to internal DNS servers which host the _MSDCS zone when in a forest with multiple domains. For more information about how to convert the _MSDCS zone, see the following Microsoft Knowledge Base article:
  817470 How to reconfigure an _msdcs Subdomain to a Forest-wide DNS application directory partition when you upgrade from Windows 2000 to Windows Server 2003
  
  

There are two ways to migrate off of Windows 2000 Active Directory-integrated DNS zones in your environment and convert to DomainDNSZones or ForestDNSZones:

1. Upgrade existing Windows 2000 DCs that are running the Microsoft DNS Server Service to Windows Server 2003.
2. Remove the DNS Server Service on Windows 2000 DCs and optionally install the Microsoft DNS Server Service on Windows Server 2003 DCs, ideally on the same subnet as the deprecated Windows 2000 DNS Server. When you relocate the DNS Server service from one computer to another, remember to modify the IP address for DNS Server settings on member computers, member servers, domain controllers, DHCP Servers and DNS Servers (forwarders + delegations + NS records). Alternatively, have the new Windows Server 2003 DNS Server swap IP address with the deprecated Windows 2000 DNS Server if both computers are on the same subnet. Again, remember to verify record registration for new and deprecated DNS Servers.

To view the records for the various DNS partitions or to delete the contoso.com zone in the desired directory partition(s), follow these steps.

Warning If you use the ADSI Edit snap-in, the LDP utility, or any other LDAP version 3 client, and you incorrectly modify the attributes of Active Directory objects, you can cause serious problems. These problems may require you to reinstall Microsoft Windows 2000 Server, Microsoft Windows Server 2003, Microsoft Exchange 2000 Server, Microsoft Exchange Server 2003, or both Windows and Exchange. Microsoft cannot guarantee that problems that occur if you incorrectly modify Active Directory object attributes can be solved. Modify these attributes at your own risk.

For Option 1: [ForestDNSZones]

1. Click Start, click Run, type adsiedit.msc, and then click OK.
2. In the console tree, right-click ADSI Edit, and then click Connect to.
3. Click Select or type a Distinguished Name or Naming Context, type the following text in the list, and then click OK:
   
   DC=ForestDNSZones, DC=contoso, DC=com
4. In the console tree, double-click DC=ForestDNSZones, DC=contoso, DC=com.
5. Double-click CN=MicrosoftDNS, and click the zone (contoso.com). You should now be able to view the DNS records which exist in this DNS partition. If you desire to remove this partition, right-click on contoso.com and then click Delete.
   
   Note Deleting a zone is a destructive operation. Please confirm that a duplicate zone exists before you perform a deletion.
6. If you have deleted a zone, restart the DNS service. To do this, follow these steps:
   1. Click Start, point to All Programs, point to Administrative Tools, and then click DNS.
   2. In the console tree, right-click contoso.com, point to All Tasks, and then click Restart.

For Option 2: [DomainDNSZones]

1. Click Start, click Run, type adsiedit.msc, and then click OK.
2. In the console tree, right-click ADSI Edit, and then click Connect to.
3. Click Select or type a Distinguished Name or Naming Context, type the following text in the list, and then click OK: DC=DomainDNSZones,DC=contoso,DC=com.
4. In the console tree, double-click DC=DomainDNSZones,DC=contoso,DC=com
5. Double-click CN=MicrosoftDNS, and click the zone (contoso.com). You should now be able to view the DNS records which exist in this DNS partition. If you desire to remove this partition, right-click on contoso.com and then click Delete.
   
   Note Deleting a zone is a destructive operation. Please confirm that a duplicate zone exists before you perform a deletion.
6. If you have deleted a zone, restart the DNS service. To do this, follow these steps:
   1. Click Start, point to All Programs, point to Administrative Tools, and then click DNS.
   2. In the console tree, right-click contoso.com, point to All Tasks, and then click Restart.

For Option 3

1. Click Start, click Run, type adsiedit.msc, and then click OK.
2. In the console tree, double-click Domain NC [servername.contoso.com].
3. If, for some reason, Domain NC is not already present in the console tree, follow these steps:
   1. In the console tree, right-click ADSI Edit, and then click Connect to.
   2. Click Select or type a Distinguished Name or Naming Context, type the following text in the list, and then click OK:
      DC=contoso,DC=com
4. In the console tree, double-click DC=contoso,DC=com and double-click CN=System.
5. Double-click CN=MicrosoftDNS, and click the zone (contoso.com). You should now be able to view the DNS records which exist in this DNS partition. If you desire to remove this partition, right-click on contoso.com and then click Delete.
   
   Note Deleting a zone is a destructive operation. Please confirm that a duplicate zone exists before you perform a deletion.
6. If you have deleted a zone, restart the DNS service. To do this, follow these steps:
   1. Click Start, point to All Programs, point to Administrative Tools, and then click DNS.
   2. In the console tree, right-click contoso.com, point to All Tasks, and then click Restart.

Restart the services and reset DNS

After you perform these operations, follow these steps:

1. Restart the DNS service.
2. Restart the Net Logon service.
3. At a command prompt, type the following commands. Press ENTER after each command.
   • ipconfig /flushdns
     ipconfig /registerdns