Applies ToWindows Server 2012 R2 Datacenter Windows Server 2012 R2 Standard Windows Server 2012 R2 Essentials Windows Server 2012 R2 Foundation
Симптомы
Проблема 1
Проблема 2
Текст события DNS не отображается правильно в узле глобальные журналы диспетчера DNS Windows Server 2012 R2 при установке августа 2014 накопительный пакет обновления 2975719 или более поздней версии ежемесячных обновлений.
Ниже приведен снимок экрана сообщения журнала событий DNS.
Решение
Для устранения ошибки 1
Чтобы устранить проблему, описанную в разделе «Проблема 1», установите исправление 3082532.
Примечание. Исправление 3082532 не помогло устранить проблему, описанную в разделе «Проблема 2».
Временное решение
Обходной путь для проблемы 1
Установите октября 2014 накопительный пакет 3995388до или после установки декабря 2014 накопительный пакет обновлений 3013769 для временного решения этой проблемы.
Обходной путь для проблемы 2
Просмотр событий DNS в оснастках «Управление компьютером» и средство просмотра событий после установки исправления 3082532.
Статус
Корпорация Майкрософт подтверждает, что это проблема продуктов Майкрософт, перечисленных в разделе «Относится к».
Ссылки
См. термины , которые корпорация Майкрософт использует для описания обновлений программного обеспечения.
Нужна дополнительная помощь?
Нужны дополнительные параметры?
Изучите преимущества подписки, просмотрите учебные курсы, узнайте, как защитить свое устройство и т. д.
[German]Another issue, which was brought to my attention by a reader. It’s about Windows Server 2019, where there is a problem with the domain controller in the morning hours because the DNS service fails. This is not limited to one system, but occurs on several customer systems. I’m posting it on the blog to find out if there are any others affected.
Reader reports DNS outages
German blog reader Patrick P. works as an IT supporter for various customers. In this context, he also administers several Windows Servers 2019, which also act as domain controllers. However, he has been observing a crude problem for some time.
- For some of the managed Windows Server 2019 domain controllers, the DNS service always fails in the morning hours.
- Restarting Windows Server 2019 or the DNS service fixes this failure until the service fails again the following day.
If the DNS service is down, clients can no longer access the domain. This results in corresponding calls from customers whose systems are no longer running. As a special problem, Patrick also states that he can no longer access the terminal server via the gateway using RDP. Patrick has observed this strange behavior with four customers so far – so it is not a single system problem.
Event viewer returns event 404
Patrick has also checked the event logs of the relevant domain controllers on the Windows Server 2019 systems. There are entries with the event ID 404 that relate to the DNS service.
Event viewer; Click to zoom
In the details it says that a TCP socket could not be bound to the IP address xx.xx.xx.xx. Somehow the resources seem to be running out. The recommendation is to restart the DNS server or the computer.
A resource problem?
Based on the error description above, I would spontaneously guess something like a memory leak, so that the working memory is running full and resources are running low. Restarting the server or the DNS service will free up the memory so that the machine can run for a few hours again.
I am haunted by the article Windows Server: April 2024 Update KB5036909 causes also LSASS crashes on DCs. The memory leak there, which was caused by the March/April 2024 update, has actually been fixed by an out-of-band update since the mail and should have been fixed with the regular security updates in June 2024.
There is a Microsoft forum postt DNS server errors 404, 407, 408 when windows server installed on SSD from November 2020, where someone describes the error pattern and wants to attribute the whole thing to an SSD installation. Microsoft also has this resource from 2010, which also deals with event ID 404 on the DNS server. The suggestion there is to free up memory (which is occupied by applications or services) on the server in question.
There is still a fairly recent support article Event IDs 4016 and 4004 when DNS updates time out from May 2024, but it deals with a different error code. There Microsoft offers hotfixes to fix the problem. At this point the question: Has anyone also observed the behavior described above? Is there any insight into the cause and how to fix the problem permanently?
This entry was posted in issue, Windows and tagged issue, Windows Server 2019. Bookmark the permalink.
Recently we had “Patch Monday” – unusual since we usually patch on Fridays (in case something goes wrong we have weekend ahead), but this one time was good opportunity since there was some infrastructure work and we had planed downtime and we took the opportunity to patch.
Unfortunately something went very wrong. First after rebooting one of the Exchange servers I got following error:
Exchange ECP / The LDAP Server is unavailable
“Topology Provider couldn’t find the Microsoft Exchange Active Directory”
In logs event id 2142 MSExchangeADTopology was logged with error “Topology discovery failed”
At first I thought it was a bad patch, but soon after that still unpatched Exchange
reported errors.
Errors obviously point to AD. I looked at domain controller since it also was updated. Immediately after logging onto DC I was greeted with unpleasant surprise.
After opening DNS console “Access Denied” message appeared.
DNS was unreachable.
On DC following events were logged:
Microsoft-Windows-DNS-Server-Service Event ID 4000
The description for Event ID ( 4000 ) in Source ( Microsoft-Windows-DNS-Server-Service ) cannot be found. Either the component that raises this event is not installed on your local computer, or the installation is corrupted. You can install or repair the component on the local computer, or contact the component manufacturer for a newer version.
If the event was saved from another computer or forwarded from a remote computer, you might have to include display information with the events when saving them or when setting up the forwarding s
Microsoft-Windows-DNS-Server-Service Event ID 4007
The description for Event ID ( 4007 ) in Source ( Microsoft-Windows-DNS-Server-Service ) cannot be found. Either the component that raises this event is not installed on your local computer, or the installation is corrupted. You can install or repair the component on the local computer, or contact the component manufacturer for a newer version.
If the event was saved from another computer or forwarded from a remote computer, you might have to include display information with the events when saving them or when setting up the forwarding
According to Microsoft / https://support.microsoft.com/en-us/help/2751452/dns-zones-do-not-load–event-4000–4007 this happens in two cases:
This happens when that particular DC/DNS server has lost its Secure channel with itself or PDC.
This can also happen in a single DC environment where that DC/DNS server holds all the FSMO roles and is pointing to itself as Primary DNS server.
I’m still not sure why this happened in my case, but here are steps that resolved this problem for me
Stop KDC (Kerberos Key Distribution Center) Service in Service Console on DC that doesn’t work.
Run command prompt with elevated priviledges (as Administrator) and enter following command
netdom resetpwd /server:DC.domain.local /userd:Domain\domain_admin /passwordd:*(change dc.domain.local with fqdn of your DC, and DOMAIN\domain_admin with your domain and admin account)
You will be prompted for the password. Enter domain admin password that you use for that account.
Once command is executed restart the server.
DNS zones after that worked for me and Exchange Servers were fine.
Disclaimer
The DNS server refuses to start at times. Or the Event ID 404, 407 and 408 are generated.
Details of the Event ID are given Below:
Log Name: DNS Server
Source: Microsoft-Windows-DNS-Server-Service
Date: 3/5/2009 12:03:00 PM
Event ID: 408
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: DC1-NY-2K8.psytrix.local
Description:
The DNS server could not open socket for address 127.0.0.1.
Verify that this is a valid IP address for the server computer. If it is NOT valid use the Interfaces dialog under Server Properties in the DNS Manager to remove it from the list of IP interfaces. Then stop and restart the DNS server. (If this was the only IP interface on this machine and the DNS server may not have started as a result of this error. In that case remove the DNS\Parameters\ ListenAddress value in the services section of the registry and restart.)
If this is a valid IP address for this machine, make sure that no other application (e.g. another DNS server) is running that would attempt to use the DNS port.
For more information, see «DNS server log reference» in the online Help.
Log Name: DNS Server
Source: Microsoft-Windows-DNS-Server-Service
Date: 3/5/2009 12:03:00 PM
Event ID: 407
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: DC1-NY-2K8.psytrix.local
Description:
The DNS server could not bind a User Datagram Protocol (UDP) socket to 127.0.0.1. The event data is the error code. Restart the DNS server or reboot your computer.
Log Name: DNS Server
Source: Microsoft-Windows-DNS-Server-Service
Date: 3/5/2009 12:03:00 PM
Event ID: 408
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: DC1-NY-2K8.psytrix.local
Description:
The DNS server could not open socket for address 192.168.1.151.
Verify that this is a valid IP address for the server computer. If it is NOT valid use the Interfaces dialog under Server Properties in the DNS Manager to remove it from the list of IP interfaces. Then stop and restart the DNS server. (If this was the only IP interface on this machine and the DNS server may not have started as a result of this error. In that case remove the DNS\Parameters\ ListenAddress value in the services section of the registry and restart.)
If this is a valid IP address for this machine, make sure that no other application (e.g. another DNS server) is running that would attempt to use the DNS port.
For more information, see «DNS server log reference» in the online Help.
Log Name: DNS Server
Source: Microsoft-Windows-DNS-Server-Service
Date: 3/5/2009 12:03:00 PM
Event ID: 407
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: DC1-NY-2K8.psytrix.local
Description:
The DNS server could not bind a User Datagram Protocol (UDP) socket to 192.168.1.151. The event data is the error code. Restart the DNS server or reboot your computer.
Event Type: Error
Event Source: DNS
Event Category: None
Event ID: 404
Date: 3/5/2009
Time: 1:08:24 PM
User: N/A
Computer: DC1-NY-2K8.psytrix.local
Description:
The DNS server could not bind a Transmission Control Protocol (TCP) socket to address 127.0.0.1. The event data is the error code. An IP address of 0.0.0.0 can indicate a valid «any address» configuration in which all configured IP addresses on the computer are available for use.
Restart the DNS server or reboot the computer.
Event Type: Error
Event Source: DNS
Event Category: None
Event ID: 404
Date: 3/5/2009
Time: 1:08:24 PM
User: N/A
Computer: DC1-NY-2K8.psytrix.local
Description:
The DNS server could not bind a Transmission Control Protocol (TCP) socket to address 192.168.1.151. The event data is the error code. An IP address of 0.0.0.0 can indicate a valid «any address» configuration in which all configured IP addresses on the computer are available for use.
Restart the DNS server or reboot the computer.
This is caused by another process using port 53 (TCP / UDP). To verify this do the following:
net stop DNS (i.e. If it is not already stopped)
netstat –ano find “:53” the output should be something like:
TCP 127.0.0.1:53 0.0.0.0:0 LISTENING 2752
TCP 192.168.1.151:53 0.0.0.0:0 LISTENING 2752
TCP [::1]:53 [::]:0 LISTENING 2752
UDP 127.0.0.1:53 *:* 2752
UDP 192.168.1.151:53 *:* 2752
UDP [::1]:53 *:* 2752
In the output the last digit indicates the PID of the process using the port. Open up the Task Manager and add the PID (Process Identifier) to the process column (how: go to View > Select Columns ).
Once you have located the PID, finding which service / process is using Ports TCP 53 / UDP 53, should be a breeze.
Then just stop the respective process and restart the DNS server service. And the Event IDs will go away.
NOTE: If only the UDP 53 is in use by another process but the TCP 53 port is not, then DNS will start but will still give the same Event ID. However if both TCP 53 and UDP 53 are in use DNS will sometimes not start at all.
Skip to content
I came across an Exchange issue where the exchange services were not starting up after a reboot of my Exchange Server(On the same server AD also hosted). For one it took a long time to start up – indicating DNS issues and after boot up DNS stopped to work. Gave the above error message. The Event Logs were filled with two errors:
Event ID 4000:
The DNS server was unable to open Active Directory. This DNS server is configured to obtain and use information from the directory for this zone and is unable to load the zone without it. Check that the Active Directory is functioning properly and reload the zone. The event data is the error code.
Event id 4007:
The DNS server was unable to open zone in the Active Directory from the application directory partition . This DNS server is configured to obtain and use information from the directory for this zone and is unable to load the zone without it. Check that the Active Directory is functioning properly and reload the zone. The event data is the error code.
Symptoms:–
-When you try to open the DNS console you get a pop up giving “Access Denied”.
– You notice that the DNS Server service is up and running.
– When you try to perform any operation on the AD integrated zones using DNSCMD you get “Access Denied”.
Causes:
-This happens when theDC/DNS server has lost its Secure channel with itself or PDC.
-This can also happen in a single DC environment where the DC/DNS server holds all the FSMO roles and is pointing to itself as Primary DNS server.
Resoultion:
-Stop the KDC service on the DC experiencing the issue.
-Run the following command with elevated rights: netdom resetpwd /server: /userd: /passwordd:*
-It will prompt for the password of the Domain Admin account that you used, enter that.
-Once the command executes, reboot the server.
-DNS zones should load now.
-Exchange services should be started.
Make sure you do not configured google IP as DNS server.