drewhill.net

During DCPROMO in Windows Server 2008, If you select the option to install DNS, you might receive a message that indicates that a DNS delegation for the DNS server could not be created and that you should manually create a DNS delegation to the DNS server to ensure reliable name resolution.

If you are installing an additional domain controller in either the forest root domain or a tree root domain, you do not need to create the DNS delegation. This is a known issue by Microsoft.  Just click Yes and disregard the message.

Read: Known Issues for Installing and Removing AD DS

“Adprep could not contact a replica for partition DC=DomainDnsZones,DC=Domain,DC=suffix”
“Adprep could not contact a replica for partition DC=DomainDnsZones,DC=Subdomain,DC=Domain,DC=suffix”
“Adprep could not contact a replica for partition DC=ForestDnsZones,DC=Domain,DC=suffix”

Read: Error message when you run the “Adprep /rodcprep” command in Windows Server 2008: “Adprep could not contact a replica for partition DC=DomainDnsZones,DC=Contoso,DC=com”

Note: I could not get the VB script that Microsoft provided in the above KB article to work.  I received the following error, “fixfsmo.vbs(1, 1) Microsoft VBscript compilation error: Expected statement”. 

Here’s the way I ended up fixing the problem:

• Open ADSIEdit
• Connect to DC=DomainDnsZones,DC=domain,DC=suffix
• Expand it and select CN=Infrastructure
• Right click, click on Properties and look at the fsmoRoleOwner attribute.  In my case it was referencing a deleted domain controller:

CN=NTDS SettingsADEL:0db95bd9-0a15-46d8-9665-951689a3c7f9,CN=PFCSRDC1ADEL:5bcf835e-adb2-4eba-9a3e-bccc9611fc78,CN=Servers,CN=PFCS,CN=Sites,CN=Configuration,DC=pfcs,DC=farm

• This means that AD has a bad value for the infrastructure master because the infrastructure master for the referenced partition or partitions has been forcefully demoted or is offline.
• You will need to copy the correct path to the infrastructure master into the fsmoRoleOwner value. To do this, first determine what server your infrastructure master is supposed to be using AD Users and Computers.
• Once you have the <servername>, go back into ADSIEdit.
• Connect to the Configuration partition.
• Expand CN=Sites, CN=<site where Infrastructure Master server is located>, CN=<server name> and go to properties of CN=NTDS Settings.
• Edit the distinguishedName attribute, select the value and copy it into the clipboard.
• Now go back to the Infrastructure object underneath DomainDNSZones, and copy
  the value you got into the fsmoRoleOwner attribute.
• This will have to be done for each partition with a bad value.
• After AD has been cleaned up rerun the “Adprep /rodcprep” command.