After verifying that the DNS server settings were correct, rebooting, and verifying that the SYSVOL share was present on the domain controller, I ran dcdiag on the domain controller and saw this:
The DNS console was unusable:
The DNS event log was littered with red ink (so to speak):
So I followed instructions from https://support.microsoft.com/en-us/kb/2751452 and it worked! Yay!
These were the instructions:
- Stop the KDC service.
- Run the following command with elevated rights: netdom resetpwd /server:
/userd: /passwordd:* - It will prompt for the password of the Domain Admin account that you used, enter that.
- Once the command executes, reboot the server.
- DNS zones should load now.
