Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Get rid of DNS 4010 events...

2,295 views
Skip to first unread message

Jake

unread,
Oct 5, 2009, 9:05:10 AM10/5/09
to
Hi,

We have some event problems with our DNS service (w2003r2 and now
upgraded to w2008). At every reboot of the DNS server there is a pile
of 4010 and a couple of 4013 events.

These servers formerly had a single label (non dotted) domain name, and
I think the problem started after renaming to domain to a dotted one.

What do we do to get rid of these errors?

(This is another domain than the 'Adding 2008...' post above).

Thanks for help on this

regards

jake

From event log:

4010 The DNS server was unable to create a resource record for
477e0653-8f6b-4265-ba75-b053508230da._msdcs.mylocaldomain.lan. in zone
mylocaldomain.LAN. The Active Directory definition of this resource
record is corrupt or contains an invalid DNS name. The event data
contains the error.

4010 The DNS server was unable to create a resource record for
1ffcb6ba-c6bf-4037-95bc-2614d7ea9a61._msdcs.mylocaldomain.lan. in zone
mylocaldomain.LAN. The Active Directory definition of this resource
record is corrupt or contains an invalid DNS name. The event data
contains the error.

4010 The DNS server was unable to create a resource record for
_ldap._tcp.pdc._msdcs.mylocaldomain.lan. in zone mylocaldomain.LAN. The
Active Directory definition of this resource record is corrupt or
contains an invalid DNS name. The event data contains the error.

4010 The DNS server was unable to create a resource record for
_ldap._tcp.gc._msdcs.mylocaldomain.lan. in zone mylocaldomain.LAN. The
Active Directory definition of this resource record is corrupt or
contains an invalid DNS name. The event data contains the error.

4010 The DNS server was unable to create a resource record for
_kerberos._tcp.dc._msdcs.mylocaldomain.lan. in zone mylocaldomain.LAN.
The Active Directory definition of this resource record is corrupt or
contains an invalid DNS name. The event data contains the error.

4013 The DNS server is waiting for Active Directory Domain Services (AD
DS) to signal that the initial synchronization of the directory has been
completed. The DNS server service cannot start until the initial
synchronization is complete because critical DNS data might not yet be
replicated onto this domain controller. If events in the AD DS event log
indicate that there is a problem with DNS name resolution, consider
adding the IP address of another DNS server for this domain to the DNS
server list in the Internet Protocol properties of this computer. This
event will be logged every two minutes until AD DS has signaled that the
initial synchronization has successfully completed.

Message has been deleted

Ace Fekay [MCT]

unread,
Oct 5, 2009, 9:17:19 AM10/5/09
to

"Jake" <jak...@gmail.com> wrote in message
news:eDhq5xbR...@TK2MSFTNGP04.phx.gbl...


The 4010's mean lots of DNS errors are being recorded. However the 4013 is
more serious. This could depend on the ipconfig of the server and which DNS
addresses are listed. Post an ipconfig /all of the server, and we can
evaluate the config and provide suggestions and recommendations. The
ipconfigs give us more than just DNS addresses, so if we can see that, it
will greatly help.

--
Ace

This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

Please reply back to the newsgroup or forum for collaboration benefit among
responding engineers, and to help others benefit from your resolution.

Ace Fekay, MCT, MCTS 2008, MCTS Exchange, MCSE, MCSA 2003 & 2000, MCSA
Messaging
Microsoft Certified Trainer

For urgent issues, please contact Microsoft PSS directly. Please check
http://support.microsoft.com for regional support phone numbers.


Meinolf Weber [MVP-DS]

unread,
Oct 5, 2009, 9:23:41 AM10/5/09
to

Hello Jake,

Please post the complete event viewer entries here. Also an unedited ipconfig
/all from both DCs.

Did you follow this article for domain rename especially the DNS parts in it?
http://technet.microsoft.com/en-us/library/cc738208(WS.10).aspx

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

Jake

unread,
Oct 5, 2009, 1:11:40 PM10/5/09
to
Meinolf Weber [MVP-DS] skrev:

> Hello Jake,
>
> Please post the complete event viewer entries here. Also an unedited
> ipconfig /all from both DCs.
>
> Did you follow this article for domain rename especially the DNS parts
> in it?
> http://technet.microsoft.com/en-us/library/cc738208(WS.10).aspx

That was several years ago, and I think that article was taken into
account too. The process went without any error messages, but despite
that from than moment these error events started to appear each time the
server was rebooted.

With Moses (.13) w2003 dc there was always two 4010 events together, but
within w2008 .10 (Moses-2) there are 15 after a reboot, some of them are
copied below

Log Name: DNS Server
Source: Microsoft-Windows-DNS-Server-Service
Date: 05.10.2009 14:06:46
Event ID: 4010
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: Moses-2.Framnes.LAN
Description:


The DNS server was unable to create a resource record for

_kerberos._tcp.dc._msdcs.framnes.lan. in zone Framnes.LAN. The Active

Directory definition of this resource record is corrupt or contains an
invalid DNS name. The event data contains the error.

Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-DNS-Server-Service"
Guid="{71A551F5-C893-4849-886B-B5EC8502641E}" EventSourceName="DNS" />
<EventID Qualifiers="49152">4010</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2009-10-05T12:06:46.000Z" />
<EventRecordID>5</EventRecordID>
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>DNS Server</Channel>
<Computer>Moses-2.Framnes.LAN</Computer>
<Security />
</System>
<EventData Name="DNS_EVENT_DS_RECORD_LOAD_FAILED">
<Data Name="param1">_kerberos._tcp.dc._msdcs.framnes.lan.</Data>
<Data Name="param2">Framnes.LAN</Data>
<Binary>7B000000</Binary>
</EventData>
</Event>


Log Name: DNS Server
Source: Microsoft-Windows-DNS-Server-Service
Date: 05.10.2009 14:06:46
Event ID: 4010
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: Moses-2.Framnes.LAN
Description:


The DNS server was unable to create a resource record for

_kerberos._tcp.dc._msdcs.framnes.lan. in zone Framnes.LAN. The Active

Directory definition of this resource record is corrupt or contains an
invalid DNS name. The event data contains the error.

Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-DNS-Server-Service"
Guid="{71A551F5-C893-4849-886B-B5EC8502641E}" EventSourceName="DNS" />
<EventID Qualifiers="49152">4010</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2009-10-05T12:06:46.000Z" />
<EventRecordID>6</EventRecordID>
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>DNS Server</Channel>
<Computer>Moses-2.Framnes.LAN</Computer>
<Security />
</System>
<EventData Name="DNS_EVENT_DS_RECORD_LOAD_FAILED">
<Data Name="param1">_kerberos._tcp.dc._msdcs.framnes.lan.</Data>
<Data Name="param2">Framnes.LAN</Data>
<Binary>7B000000</Binary>
</EventData>
</Event>

Log Name: DNS Server
Source: Microsoft-Windows-DNS-Server-Service
Date: 05.10.2009 14:06:46
Event ID: 4010
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: Moses-2.Framnes.LAN
Description:


The DNS server was unable to create a resource record for

_kerberos._tcp.dc._msdcs.framnes.lan. in zone Framnes.LAN. The Active

Directory definition of this resource record is corrupt or contains an
invalid DNS name. The event data contains the error.

Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-DNS-Server-Service"
Guid="{71A551F5-C893-4849-886B-B5EC8502641E}" EventSourceName="DNS" />
<EventID Qualifiers="49152">4010</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2009-10-05T12:06:46.000Z" />
<EventRecordID>6</EventRecordID>
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>DNS Server</Channel>
<Computer>Moses-2.Framnes.LAN</Computer>
<Security />
</System>
<EventData Name="DNS_EVENT_DS_RECORD_LOAD_FAILED">
<Data Name="param1">_kerberos._tcp.dc._msdcs.framnes.lan.</Data>
<Data Name="param2">Framnes.LAN</Data>
<Binary>7B000000</Binary>
</EventData>
</Event>

Log Name: DNS Server
Source: Microsoft-Windows-DNS-Server-Service
Date: 05.10.2009 14:06:46
Event ID: 4010
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: Moses-2.Framnes.LAN
Description:


The DNS server was unable to create a resource record for

_ldap._tcp.93a285bc-f6b1-4c4c-bf62-1b647a3ea7d2.domains._msdcs.framnes.lan.
in zone Framnes.LAN. The Active Directory definition of this resource

record is corrupt or contains an invalid DNS name. The event data
contains the error.

Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-DNS-Server-Service"
Guid="{71A551F5-C893-4849-886B-B5EC8502641E}" EventSourceName="DNS" />
<EventID Qualifiers="49152">4010</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2009-10-05T12:06:46.000Z" />
<EventRecordID>9</EventRecordID>
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>DNS Server</Channel>
<Computer>Moses-2.Framnes.LAN</Computer>
<Security />
</System>
<EventData Name="DNS_EVENT_DS_RECORD_LOAD_FAILED">
<Data
Name="param1">_ldap._tcp.93a285bc-f6b1-4c4c-bf62-1b647a3ea7d2.domains._msdcs.framnes.lan.</Data>
<Data Name="param2">Framnes.LAN</Data>
<Binary>7B000000</Binary>
</EventData>
</Event>

C:\>ipconfig /all (w2003 master dc)

Windows IP Configuration

Host Name . . . . . . . . . . . . : Moses
Primary Dns Suffix . . . . . . . : mylocaldomain.LAN
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : mylocaldomain.LAN

Ethernet adapter Lower OnBoard NIC:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network
Connection
Physical Address. . . . . . . . . : 00-13-72-F9-95-AF
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 172.22.100.13
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 172.22.100.1
DNS Servers . . . . . . . . . . . : 172.22.100.13
172.22.100.11
Primary WINS Server . . . . . . . : 172.22.100.13

C:\>

C:\>ipconfig /all (w2008 dc)

Windows IP Configuration

Host Name . . . . . . . . . . . . : Moses-2
Primary Dns Suffix . . . . . . . : mylocaldomain.LAN
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : mylocaldomain.LAN

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network
Connection
Physical Address. . . . . . . . . : 00-0C-29-6C-4E-3F
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 172.22.100.10(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 172.22.100.1
DNS Servers . . . . . . . . . . . : 172.22.100.13
172.22.100.11
Primary WINS Server . . . . . . . : 172.22.100.13
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 8:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . :
isatap.{53E1D6EF-858C-4F37-A103-B28155E8B
DE3}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

C:\>

Jake

unread,
Oct 5, 2009, 1:14:28 PM10/5/09
to
Ace Fekay [MCT] skrev:

> The 4010's mean lots of DNS errors are being recorded. However the 4013 is
> more serious. This could depend on the ipconfig of the server and which DNS
> addresses are listed. Post an ipconfig /all of the server, and we can
> evaluate the config and provide suggestions and recommendations. The
> ipconfigs give us more than just DNS addresses, so if we can see that, it
> will greatly help.
>
See post below.
Thanks

jake

Jake

unread,
Oct 5, 2009, 1:21:02 PM10/5/09
to
Meinolf Weber [MVP-DS] skrev:

> Hello Jake,
>
> Please post the complete event viewer entries here. Also an unedited
ipconfig /all from both DCs.
>
> Did you follow this article for domain rename especially the DNS
parts in it?
> http://technet.microsoft.com/en-us/library/cc738208(WS.10).aspx

That was several years ago, and I think that article was taken into

account too. The process went without any error messages, but despite
that from than moment these error events started to appear each time the
server was rebooted.

With Moses (.13) w2003 dc there was always two 4010 events together, but
within w2008 .10 (Moses-2) there are 15 after a reboot, some of them are
copied below

Log Name: DNS Server
Source: Microsoft-Windows-DNS-Server-Service
Date: 05.10.2009 14:06:46
Event ID: 4010
Task Category: None
Level: Error
Keywords: Classic
User: N/A

Computer: Moses-2.mylocaldomain.LAN
Description:


The DNS server was unable to create a resource record for
_kerberos._tcp.dc._msdcs.mylocaldomain.lan. in zone mylocaldomain.LAN.
The Active Directory definition of this resource record is corrupt or
contains an invalid DNS name. The event data contains the error.

Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-DNS-Server-Service"
Guid="{71A551F5-C893-4849-886B-B5EC8502641E}" EventSourceName="DNS" />
<EventID Qualifiers="49152">4010</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2009-10-05T12:06:46.000Z" />
<EventRecordID>5</EventRecordID>
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>DNS Server</Channel>

<Computer>Moses-2.mylocaldomain.LAN</Computer>


<Security />
</System>
<EventData Name="DNS_EVENT_DS_RECORD_LOAD_FAILED">

<Data Name="param1">_kerberos._tcp.dc._msdcs.mylocaldomain.lan.</Data>
<Data Name="param2">mylocaldomain.LAN</Data>


<Binary>7B000000</Binary>
</EventData>
</Event>


Log Name: DNS Server
Source: Microsoft-Windows-DNS-Server-Service
Date: 05.10.2009 14:06:46
Event ID: 4010
Task Category: None
Level: Error
Keywords: Classic
User: N/A

Computer: Moses-2.mylocaldomain.LAN
Description:


The DNS server was unable to create a resource record for
_kerberos._tcp.dc._msdcs.mylocaldomain.lan. in zone mylocaldomain.LAN.
The Active Directory definition of this resource record is corrupt or
contains an invalid DNS name. The event data contains the error.

Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-DNS-Server-Service"
Guid="{71A551F5-C893-4849-886B-B5EC8502641E}" EventSourceName="DNS" />
<EventID Qualifiers="49152">4010</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2009-10-05T12:06:46.000Z" />
<EventRecordID>6</EventRecordID>
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>DNS Server</Channel>

<Computer>Moses-2.mylocaldomain.LAN</Computer>


<Security />
</System>
<EventData Name="DNS_EVENT_DS_RECORD_LOAD_FAILED">

<Data Name="param1">_kerberos._tcp.dc._msdcs.mylocaldomain.lan.</Data>
<Data Name="param2">mylocaldomain.LAN</Data>


<Binary>7B000000</Binary>
</EventData>
</Event>

Log Name: DNS Server
Source: Microsoft-Windows-DNS-Server-Service
Date: 05.10.2009 14:06:46
Event ID: 4010
Task Category: None
Level: Error
Keywords: Classic
User: N/A

Computer: Moses-2.mylocaldomain.LAN
Description:


The DNS server was unable to create a resource record for
_kerberos._tcp.dc._msdcs.mylocaldomain.lan. in zone mylocaldomain.LAN.
The Active Directory definition of this resource record is corrupt or
contains an invalid DNS name. The event data contains the error.

Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-DNS-Server-Service"
Guid="{71A551F5-C893-4849-886B-B5EC8502641E}" EventSourceName="DNS" />
<EventID Qualifiers="49152">4010</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2009-10-05T12:06:46.000Z" />
<EventRecordID>6</EventRecordID>
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>DNS Server</Channel>

<Computer>Moses-2.mylocaldomain.LAN</Computer>


<Security />
</System>
<EventData Name="DNS_EVENT_DS_RECORD_LOAD_FAILED">

<Data Name="param1">_kerberos._tcp.dc._msdcs.mylocaldomain.lan.</Data>
<Data Name="param2">mylocaldomain.LAN</Data>


<Binary>7B000000</Binary>
</EventData>
</Event>

Log Name: DNS Server
Source: Microsoft-Windows-DNS-Server-Service
Date: 05.10.2009 14:06:46
Event ID: 4010
Task Category: None
Level: Error
Keywords: Classic
User: N/A

Computer: Moses-2.mylocaldomain.LAN
Description:


The DNS server was unable to create a resource record for

_ldap._tcp.93a285bc-f6b1-4c4c-bf62-1b647a3ea7d2.domains._msdcs.mylocaldomain.lan.

in zone mylocaldomain.LAN. The Active Directory definition of this
resource record is corrupt or contains an invalid DNS name. The event
data contains the error.

Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-DNS-Server-Service"
Guid="{71A551F5-C893-4849-886B-B5EC8502641E}" EventSourceName="DNS" />
<EventID Qualifiers="49152">4010</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2009-10-05T12:06:46.000Z" />
<EventRecordID>9</EventRecordID>
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>DNS Server</Channel>

<Computer>Moses-2.mylocaldomain.LAN</Computer>


<Security />
</System>
<EventData Name="DNS_EVENT_DS_RECORD_LOAD_FAILED">
<Data

Name="param1">_ldap._tcp.93a285bc-f6b1-4c4c-bf62-1b647a3ea7d2.domains._msdcs.mylocaldomain.lan.</Data>
<Data Name="param2">mylocaldomain.LAN</Data>

Florian Frommherz [MVP]

unread,
Oct 5, 2009, 2:01:06 PM10/5/09
to
Jake,

Jake schrieb:


> Ethernet adapter Lower OnBoard NIC:
>
> Connection-specific DNS Suffix . :
> Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network
> Connection
> Physical Address. . . . . . . . . : 00-13-72-F9-95-AF
> DHCP Enabled. . . . . . . . . . . : No
> IP Address. . . . . . . . . . . . : 172.22.100.13
> Subnet Mask . . . . . . . . . . . : 255.255.255.0
> Default Gateway . . . . . . . . . : 172.22.100.1
> DNS Servers . . . . . . . . . . . : 172.22.100.13
> 172.22.100.11
> Primary WINS Server . . . . . . . : 172.22.100.13

Is .11 another DC? What is .11?

I've seen this behavior in a merger where a different record was broken.
Deleting the record with dnscmd and re-creating it (stop&&start
netlogon) fixed it, as far as I recall.

Have you checked http://support.microsoft.com/Default.aspx?kbid=316685?

Cheers,
Florian
--
Microsoft MVP - Group Policy
eMail: prename [at] frickelsoft [dot] net.
blog: http://www.frickelsoft.net/blog.
Maillist (german): http://frickelsoft.net/cms/index.php?page=mailingliste

Ace Fekay [MCT]

unread,
Oct 5, 2009, 2:15:41 PM10/5/09
to
"Jake" <jak...@gmail.com> wrote in message
news:Oypb3AeR...@TK2MSFTNGP05.phx.gbl...


Curious, in addition to Florian's post, which I would recommend looking
into, and the .11 (thought you changed that based on your other thread?),
does "mylocaldomain.LAN" actual name have an underscore in it?

Ace


Jake

unread,
Oct 5, 2009, 2:40:47 PM10/5/09
to
Ace Fekay [MCT] skrev:

> Curious, in addition to Florian's post, which I would recommend looking
> into, and the .11 (thought you changed that based on your other thread?),
> does "mylocaldomain.LAN" actual name have an underscore in it?
>
> Ace
>

172.22.100.11 is a third 2003 domain controller which is on its way out
after we have two new virtual w2008 dcs up and running.... I will alter
its IP til .14 though. The two 2008 will have .10 and .11 respectively.

No, my 'real' domain name does not have any special characters in it,
only a-z letters.

jake

Ace Fekay [MCT]

unread,
Oct 5, 2009, 11:57:57 PM10/5/09
to
"Jake" <jak...@gmail.com> wrote in message
news:e1uWbteR...@TK2MSFTNGP02.phx.gbl...


Jake,

Take a look at the links below. It may be an issue with the _msdcs zone, but
then again, maybe not, depending on what you have.

http://eventid.net/display.asp?eventid=4010&eventno=791&source=DNS&phase=1
http://eventid.net/display.asp?eventid=4013&eventno=2189&source=DNS&phase=1

Ace


Jake

unread,
Oct 6, 2009, 2:38:24 AM10/6/09
to

Ace Fekay [MCT] skrev:

> Take a look at the links below. It may be an issue with the _msdcs zone, but
> then again, maybe not, depending on what you have.
>
> http://eventid.net/display.asp?eventid=4010&eventno=791&source=DNS&phase=1
> http://eventid.net/display.asp?eventid=4013&eventno=2189&source=DNS&phase=1

Thanks a lot. Will look into this and report back later today.

jake

Jake

unread,
Oct 6, 2009, 4:36:13 AM10/6/09
to
Jake skrev:

>> http://eventid.net/display.asp?eventid=4010&eventno=791&source=DNS&phase=1

This looked very promising. My predesessor mentioned something about
having manually redone some dns folders.

I started ADSI edit but its 'Domain' node had just one empty container
called DC=mylocaldomain.LAN DC=LAN

The other root node 'Configuration' had several multilevel subcontainers
and the last root node Schema had many entries.

But since 'Domain' was empty I cannot search up the offending GUID and
delete it.

My other domain's domain controller had a populated 'Domain' container,
but its Domain / System / MicrosoftDNS node contained only
RootDNSServers and its list. From your eventid.net link it should also
have had a mylocaldomain container with several guid containers.

Now, how do I populate my ADSI 'Domain' root container with data again?

regards jake

Meinolf Weber [MVP-DS]

unread,
Oct 6, 2009, 4:58:33 AM10/6/09
to
Hello Jake,

According to the root "dc=mylocaldomain.lan, dc=lan" it seems that during
domain rename something is done wrong, because all your output states "mylocaldomain.lan"
and not "mylocaldomain.lan.lan"

Are you able to connect to "dc=mylocaldomain,dc=lan" in ADSIedit.msc? You
can fill it this way in the list to connect to, rightclick ADSIEDit and choose
connect, name it also domain and choose "connection point", Select or TYPE
a Distinguished Name or Naming context and fill in "dc=mylocaldomain,dc=lan".

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


> Jake skrev:
>
>>> http://eventid.net/display.asp?eventid=4010&eventno=791&source=DNS&p

Jake

unread,
Oct 6, 2009, 5:12:26 AM10/6/09
to

Meinolf Weber [MVP-DS] skrev:

> Hello Jake,
>
> According to the root "dc=mylocaldomain.lan, dc=lan" it seems that
> during domain rename something is done wrong, because all your output
> states "mylocaldomain.lan" and not "mylocaldomain.lan.lan"
>
> Are you able to connect to "dc=mylocaldomain,dc=lan" in ADSIedit.msc?
> You can fill it this way in the list to connect to, rightclick ADSIEDit
> and choose connect, name it also domain and choose "connection point",
> Select or TYPE a Distinguished Name or Naming context and fill in
> "dc=mylocaldomain,dc=lan".
>
> Best regards
>
> Meinolf Weber

I'm sorry that was a typo. The correct information is:

<ADSI Editor root>
Domain [DC1.mylocaldomain.lan]
Only and empty container: DC=mylocaldomain,DC=LAN
Configuration ...
Schema ...
</ADSI Editor root>

Now how do I repopulate the ADSI Domain container (since it is empty
now)? I hope I don't need to reinstall windows from scratch...

rgds jake

Meinolf Weber [MVP-DS]

unread,
Oct 6, 2009, 8:16:43 AM10/6/09
to
Hello Jake,

Please post an unedited dcdiag /v from all DCs here. Additional post the
NetBios name and the name shown in AD UC.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

Ace Fekay [MCT]

unread,
Oct 6, 2009, 10:38:32 AM10/6/09
to
"Jake" <jak...@gmail.com> wrote in message
news:u0QMgUmR...@TK2MSFTNGP02.phx.gbl...


Jake,

Sounds like you may possibly have a dupe zone. Read the following to find
out or at least eliminate this possibility.

Using ADSI Edit to Resolve Conflicting or Duplicate AD Integrated DNS zones
http://msmvps.com/blogs/acefekay/archive/2009/09/02/using-adsi-edit-to-resolve-conflicting-or-duplicate-ad-integrated-dns-zones.aspx

Ace


koj...@hotmail.com

unread,
Nov 17, 2009, 7:47:28 AM11/17/09
to
On Oct 5, 2:05 pm, Jake <jak...@gmail.com> wrote:
> Hi,
>
> We have some event problems with our DNS service (w2003r2 and now
> upgraded to w2008).  At every reboot of the DNS server there is a pile
> of 4010 and a couple of 4013 events.
>
> These servers formerly had a single label (non dotted) domain name, and
> I think the problem started after renaming to domain to a dotted one.
>
> What do we do to get rid of these errors?
>
> (This is another domain than the 'Adding 2008...' post above).
>
> Thanks for help on this
>
> regards
>
> jake
>
>  From event log:
>
> 4010 The DNS server was unable to create a resource record for
> 477e0653-8f6b-4265-ba75-b053508230da._msdcs.mylocaldomain.lan. in zone
> mylocaldomain.LAN. The Active Directory definition of this resource
> record is corrupt or contains an invalid DNS name. The event data
> contains the error.
> ...

Jake,

regarding 4010

- open adsiedit and navigate to Domain - System - MicrosoftDNS -
mylocaldomain.LAN (zone from event log) - delete problematic record
(copy it's name before)
- pick from adsiedit menu Action - new - object... and create a new
one with same (copied) name as deleted one
- go to Services and restart DNS Server
- refresh and check Event log

This make my headache with 4010 gone.
Hope will be helpful for you.

Regz!

0 new messages