Troubleshooting Windows Servers
 
HomeCalendarFAQSearchMemberlistUsergroupsRegisterLog in
Useful Links
Search
 
 

Display results as :
 
Rechercher Advanced Search
Latest topics
» Acquista Viagra. negozi viagra generico
Thu Aug 04, 2011 9:01 am by Guest

» Comprare Viagra. erica carnea viagra generico
Thu Aug 04, 2011 5:53 am by Guest

» how to get fans for your facebook page xf
Thu Aug 04, 2011 4:12 am by Guest

» Acquisto Viagra. scegliere viagra generico
Wed Aug 03, 2011 9:43 pm by Guest

» life of luxury video slot
Wed Aug 03, 2011 6:41 pm by Guest

» buy facebook fans f5
Wed Aug 03, 2011 5:54 pm by Guest

» Wellnigh as tatty as files
Wed Aug 03, 2011 7:24 am by Guest

» benefits of garlic
Wed Aug 03, 2011 3:41 am by Guest

» гинекологическое оборудование
Mon Aug 01, 2011 4:42 pm by Guest

Navigation
 Portal
 Index
 Memberlist
 Profile
 FAQ
 Search
Forum
Affiliates
free forum
 



Share | 
 

 Event id 4004 DNS errors and external name resolution problems

View previous topic View next topic Go down 
AuthorMessage
Admin
Admin


Posts : 35
Join date : 2008-12-16

PostSubject: Event id 4004 DNS errors and external name resolution problems   Mon Dec 29, 2008 4:19 pm

Internal names resolve but external DNS names won’t resolve. The following error will also appear in the event log.

Event Type: Error
Source: DNS
Event ID: 4004
Description: The DNS server was unable to complete directory service enumeration of zone <domain.com>. This DNS server is configured to use information obtained from Active Directory for this zone and is unable to load the zone without it. Check that the Active Directory is functioning properly and repeat enumeration of the zone.

More information:
The DNS Server service uses Active Directory to store DNS data, and it encountered a Lightweight Directory Access Protocol (LDAP) error while querying the directory. This error could be caused by either a high load on the domain controller or the failure of other domain controller services.


*** Resolution ***

1. DNS is listening on both the LAN and RRAS adapters. Configure DNS to listen only on the LAN adapter and then delete all records in forward lookup zone that reference the RRAS adapter address.

2. The DNS server may have a forward lookup zone called _msdcs.<forest_root_domain>
AND a subfolder under the <forest_root_domain> forward lookup zone call _msdcs. Remove the
_msdcs.<forest_root_domain>subfolder and then restart the DNS Server and Netlogon service. Also run ipconfig /flushdns and ipconfig /registerdns.

If you find a missing _msdcs delegation under <forest_root_domain> zone , create a new delegation by performing the following:

Right click on <forest_root_domain> zone, select new, then delegation, click next on the wizard, under delegated domain, type in _msdcs and click next, clck add and browse to the server's A record under forward lookup zones, domain.local, click ok and finish.

For Windows 2000 DNS, the separate zone for the _msdcs folder and delegation to it from the main forward lookup zone doesn’t exist. The _msdcs folder for Windows 2000 DNS servers will exist under the main forward lookup zone along with the _sites, _tcp and _udp SRV records. If there is a combination of the Windows 2000 and Windows 2003 DNS configuration, related to the _msdcs folder, then you must decide which is appropriate.

3. When a domain controller is demoted, the registry may still contain the Active Directory integrated zone names. This results in the server trying to load the zones. Since there is no Directory Service running, it causes the server to log the event id 4004 error.

To prevent the errors remove the old zones from the following registry location.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\DNS Server\Zones

4. Make sure the Administrators and Enterprise Domain Controllers groups are added to the
“Enable Computer and User Accounts to be Trusted for Delegation" & “Access this computer from the network” right. The following steps will allow you to add these groups to the appropriate user rights assignement.

a) Open Domain Controller Security Policy.
b) In the console tree, click User Rights Assignment under:
Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment
c) In the details pane, double-click the user right that you want to assign.
d) Click Add User or Group. If the button appears dimmed, select the Define these
policy settings check box.
e) Type the name of the group to which you want to assign this right.

5. Change the zone type for each of the AD integrated zones to a standard primary zone in the DNS manager console
Back to top Go down
View user profile http://serverunleashed.forumotion.com
 
Event id 4004 DNS errors and external name resolution problems
View previous topic View next topic Back to top 
Page 1 of 1
 Similar topics
-
» [DONE] Pre-event CLAS:H @Skenoo Hall, Gandaria City Mall
» Petra to Perform at “We Will Stand” Event
» [Japan Festival - BUNKASAI] SEN YUUREI NO MATSURI (senyuum) on July 2011
» [DONE] AFAID 2013 @indonesia 3 hari wooow!!!
» [DONE] IFLS ITS INOCHI 23 JUNI 2013 [SBY dan skitar MASUK! haha]

Permissions in this forum:You cannot reply to topics in this forum
Server Unleashed :: Networking :: Event ID 4004 DNS errors and external name resolution problems-
Jump to: