DNS DP Already Exists (0X000026AE) — Real Fixes
You're trying to add a DNS directory partition that's already registered. Usually happens after a failed domain controller promotion or replication issue.
30-Second Check — Is the Partition Already Visible?
Open DNS Manager (dnsmgmt.msc). Expand your server, then Forward Lookup Zones. Look for a zone named like _msdcs.yourdomain.com or any custom application partition.
If you see it listed, you're done — someone already created it. Don't try to re-add it. Close the console and move on.
Still getting the error? The partition is registered in Active Directory but not showing in DNS Manager. Let's dig deeper.
5-Minute Fix — Clean Up Orphaned Partitions with ntdsutil
Run this as Domain Admin on any domain controller:
ntdsutil
partition management
listYou'll see all directory partitions. Look for the one you're trying to create — it'll be there with an NC (naming context) like DC=yourdomain,DC=com.
If it's an orphan (no longer needed), delete it:
ntdsutil
partition management
select partition NC
NC=DC=DomainDnsZones,DC=yourdomain,DC=com
deleteReplace yourdomain.com with your actual domain. This wipes the partition from AD. Then try re-adding it via DNS Manager or PowerShell.
Pro tip: Run
repadmin /syncallafter deleting to force replication. Stale replicas cause this error.
15-Minute Advanced Fix — Manual ADSI Edit Cleanup
When ntdsutil won't delete (permission errors or replication issues), go straight to ADSI Edit.
- Open ADSI Edit. Connect to Configuration context.
- Navigate to:
CN=Partitions,CN=Configuration,DC=yourdomain,DC=com - Find the partition object — look in the right pane for
cn=DomainDnsZonesorcn=ForestDnsZones. - Right-click and delete it. Confirm the warning.
- Go back to DNS Manager and re-add the partition.
Still failing? Check replication: repadmin /showrepl. If any DC is stuck, use repadmin /options +DISABLE_INBOUND_REPL to force disable inbound replication on that DC, then retry.
One last resort: Restart the Netlogon service on all domain controllers. Yes, really. I've seen a hung Netlogon cause this exact error. Run net stop netlogon && net start netlogon on each DC, then try again.
Why This Happens
Most common trigger: You demoted a domain controller that held a DNS application partition, but the partition's AD object wasn't cleaned up. Or someone manually added a partition via PowerShell on another DC and replication hasn't caught up.
The error code 0X000026AE maps to DNS_ERROR_DP_ALREADY_EXISTS — the partition's crossRef object already exists in the Configuration partition. Your DNS server sees it and refuses to create a duplicate.
| Tool | What it checks |
|---|---|
| dnsmgmt.msc | Visible zones |
| ntdsutil | AD partition list |
| ADSI Edit | Orphaned objects |
| repadmin | Replication health |
Skip the voodoo steps — don't waste time restarting DNS Server service alone. That won't fix a partition registration stuck in AD. The fix is always in Active Directory, not DNS itself.
If you're still stuck after this, check event log DNS Events for event ID 4520 or 4521 — they'll name the exact partition NC causing the conflict. Then go back to ADSI Edit and nuke it.
Was this solution helpful?