Microsoft KB Archive/252695

= DNS Server Generates Event 4011 =

Article ID: 252695

Article Last Modified on 2/28/2007

-

APPLIES TO


 * Microsoft Windows 2000 Server
 * Microsoft Windows 2000 Advanced Server

-



This article was previously published under Q252695



SYMPTOMS
In certain rare cases, you may find the following entries in the Event log on a Windows 2000-based Active Directory-integrated DNS server:

Event ID: 4011

The DNS server was unable to add or write an update of domain name _ldap in zone .com to the Active Directory. Check that the Active Directory is functioning properly and add or update this domain name using the DNS console. The event data contains the error.

The DNS server was unable to add or write an update of domain name _gc in zone .com to the Active Directory. Check that the Active Directory is functioning properly and add or update this domain name using the DNS console. The event data contains the error.

The DNS server was unable to add or write an update of domain name gc in zone .com to the Active Directory. Check that the Active Directory is functioning properly and add or update this domain name using the DNS console. The event data contains the error.

Note that the zone name varies depending on the domain name that you are using.

Additionally, the Netlogon service may log the following error message:

Event ID: 5781

Dynamic registration or deregistration of one or more DNS records failed because no DNS servers are available.

Note that 5781 events may denote a number of different registrations and deregistration issues. Most of these may not be resolved with the workaround listed in this article. This workaround is for 4011 events.



CAUSE
When a Windows 2000-based Active Directory-integrated DNS server that hosts a global catalog boots, the registration of specific SRV records may not succeed.

The service startup order prevents certain SRV records from being registered because those services start before DNS is ready to receive registrations on a global catalog server.



RESOLUTION
To work around this behavior, specify a different Windows 2000-based Active Directory-integrated DNS server on the DNS tab in the Advanced TCP/IP Settings dialog box.

Or, try the following methods:
 * Move the global catalog or the DNS server to a different domain controller.

NOTE: Before you move the Global Catalog functionality off of the server, ensure that the new FSMO owner does not hold the Infrastructure Master Role as well.
 * Do not integrate the DNS server that is hosting the global catalog with Active Directory.



MORE INFORMATION
The 4011 Event log entries appear only if all of the following conditions are met:
 * The Microsoft DNS server is integrated with Active Directory
 * Data that is stored in Active Directory is dynamically updated
 * The Microsoft DNS server hosts the global catalog
 * The DNS Resolver configuration points to the DNS server, which is installed on the same computer

Additional query words: gc ldap 1534

Keywords: kbdns kberrmsg kbprb KB252695

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.