Event ID 6702 — DNS Server Configuration
Applies To: Windows Server 2008
The DNS server configuration consists of the settings that determine how the DNS server will function on a network and how those settings are stored and retrieved when they are needed.
Event Details
Product: | Windows Operating System |
ID: | 6702 |
Source: | Microsoft-Windows-DNS-Server-Service |
Version: | 6.0 |
Symbolic Name: | DNS_EVENT_UPDATE_DS_PEERS_FAILURE |
Message: | DNS server has updated its own host (A) records. In order to ensure that its DS-integrated peer DNS servers are able to replicate with this server, an attempt was made to update them with the new records through dynamic update. An error was encountered during this update, the record data is the error code. If this DNS server does not have any DS-integrated peers, then this error should be ignored. If this DNS server's Active Directory replication partners do not have the correct IP address(es) for this server, they will be unable to replicate with it. To ensure proper replication: 1) Find this server's Active Directory replication partners that run the DNS server. 2) Open DnsManager and connect in turn to each of the replication partners. 3) On each server, check the host (A record) registration for THIS server. 4) Delete any A records that do NOT correspond to IP addresses of this server. 5) If there are no A records for this server, add at least one A record corresponding to an address on this server, that the replication partner can contact. (In other words, if there multiple IP addresses for this DNS server, add at least one that is on the same network as the Active Directory DNS server you are updating.) 6) Note, that is not necessary to update EVERY replication partner. It is only necessary that the records are fixed up on enough replication partners so that every server that replicates with this server will receive (through replication) the new data. |
Resolve
Correct the replication problem
After updating its own host (A or AAAA) resource records, this server was not able to update its peer DNS servers that are integrated with Active Directory Domain Services (AD DS) by using dynamic update. As a result, this server will not be able to replicate with its peer DNS servers until their host resource records for this server are corrected.
This event can be logged even though this server has no replication partners, in which case it can be ignored. Otherwise, you should manually update the host resource records on one or more replication partners to ensure that the updated records will be replicated to all partners.
To perform this procedure, you must have membership in Domain Admins, or you must have been delegated the appropriate authority.
To ensure proper replication of this server's host records:
On the DNS server, open Active Directory Sites and Services. To open Active Directory Sites and Services, click Start, click Administrative Tools, and then click Active Directory Sites and Services.
In the console tree, expand the Sites container to display the list of sites.
Double-click the site that contains the domain controller for which you want to determine Connection objects.
Note: If you do not know the site in which the domain controller is located, open a command prompt, type ipconfig, and then press ENTER to get the IP address of the domain controller. Use the IP address to verify that an IP address maps to a subnet and to determine the site association.
Expand the Servers folder to display the list of servers in that site.
Expand the name of this server to display its NTDS settings.
Double-click NTDS Settings to display the list of connection objects in the details pane. (These objects represent inbound connections that are used for replication.) The From Server column displays the names of the domain controllers that are the replication partners.
Open DNS Manager. To open DNS Manager, click Start, click Administrative Tools, and then click DNS.
In the console tree, right-click DNS, and then click Connect to DNS Server.
Click The following computer, type the Domain Name System (DNS) name or IP address of one of the replication partners, and then click OK.
In the console tree, expand the replication partner, expand Forward Lookup Zones, and then click the domain's zone.
Right-click each host (A or AAAA) resource record for this server that contains an incorrect IP address, and then click Delete.
If there are no remaining host records for this server, do the following:
- Right-click the domain's zone, and then click New Host (A or AAAA).
- In Name (uses parent domain if left blank), type the name of this server, and then in IP address, type an address for this server that the replication partner can contact. In other words, if this DNS server has multiple IP addresses, specify an address that is on the same network as the AD DS-integrated DNS server that you are updating.
Repeat step 12 to add additional host records for this server, and repeat steps 8 through 12 for other replication partners. Note that it is not necessary to update every replication partner. It is only necessary to correct the records on enough replication partners so that every server that replicates with this server will receive (through replication) the new data.
Verify
To verify that the Domain Name System (DNS) configuration is correct, verify that all configuration settings are correct, check the event log for events that indicate continuing problems, and then verify that DNS client computers are able to resolve names properly.
To verify DNS configuration settings:
- On the DNS server, start Server Manager. To start Server Manager, click Start, click Administrative Tools, and then click Server Manager.
- In the console tree, double-click Roles, double-click DNS Server, and then double-click DNS.
- Right-click the DNS server, and then click Properties.
- Review the settings on each tab, and verify that they contain the intended values.
- Expand the DNS server.
- Expand a zone folder, right-click a zone, and then click Properties.
- Review the settings on each tab, and verify that they contain the intended values.
- Repeat steps 6 and 7 for each zone.
To verify that DNS client computers can resolve names properly:
- On a DNS client computer, open a command prompt. To open a command prompt, click Start, click Run, type cmd, and then click OK.
- At the command prompt, type pinghostname (where hostname is the DNS name of a computer with a known IP address), and then press ENTER.
If the client can resolve the name, the ping command responds with the following message:
Pinginghostname [ip_address]
Note: The name resolution is successful even if the ping command reports that the destination is unreachable.
If the client cannot resolve the name, the ping command responds with the following message:
Ping request could not find hosthostname