Event ID 4006 — DNS Server Active Directory Integration
Applies To: Windows Server 2008
.jpg)
You can configure the DNS Server service to use Active Directory Domain Services (AD DS) to store zone data. This makes it possible for the DNS server to rely on directory replication, which enhances security, reliability, and ease of administration.
Event Details
| Product: | Windows Operating System |
| ID: | 4006 |
| Source: | Microsoft-Windows-DNS-Server-Service |
| Version: | 6.0 |
| Symbolic Name: | DNS_EVENT_DS_NODE_LOAD_FAILED |
| Message: | The DNS server could not load the records for the DNS name %1 found in the Active Directory integrated zone %2. A possible cause is that this DNS name contains character(s) not permitted by the name-checking setting on this DNS server. To allow these records to be loaded choose the appropriate name-checking setting on the DNS server. To delete these records from the Active Directory, first allow the DNS server to load them by changing the name-checking setting on this DNS server to allow all names. Then restart the DNS server service to cause the records to be loaded. The records will now appear in the DNS Manager and may be deleted. When the records have been deleted, restore the DNS server name-checking setting to the preferred value. |
Resolve
Change name-checking settings
The DNS server can be configured to permit names that contain characters that are not allowed by Domain Name System (DNS) standards in RFC 1123, including multibyte characters. This error indicates that a DNS name in an Active Directory Domain Services (AD DS)-integrated zone contains characters that are not allowed by the DNS server settings.
To perform this procedure, you must have membership in Administrators, or you must have been delegated the appropriate authority.
To correct a DNS name that contains unsupported characters:
- On the DNS server, start Server Manager. To start Server Manager, click Start, click Administrative Tools, and then click Server Manager.
- In the console tree, expand Roles, expand DNS Server, and then expand DNS.
- Right-click the DNS server, click Properties, and then click the Advanced tab.
- In the Name checking list, note the current setting, and then click All Names.
- In the console tree, right-click the DNS server, click All Tasks, and then click Restart.
- When the server has restarted and the items that had been blocked appear in Server Manager, right-click the items, and then click Delete.
- Right-click the DNS server, click Properties, and then click the Advanced tab.
- In the Name checking list, click the setting that had been changed in step 4.
Verify
Ensure that Event IDs 4523 and 4524 are being logged and that no events in the range 4000 to 4019 appear in the Domain Name System (DNS) event log.