Microsoft KB Archive/256289

From BetaArchive Wiki
Knowledge Base

Article ID: 256289

Article Last Modified on 10/12/2007


  • Microsoft Windows 2000 Server
  • Microsoft Windows 2000 Advanced Server

This article was previously published under Q256289


Some or all of the following records may not be listed in the DNS Forward Lookup zone for your domain.

In the _tcp folder:


In the _udp folder:



The records are not registered if the Kerberos Key Distribution Center service is not started.


Change the startup type of the Kerberos Key Distribution Center service to Automatic:

  1. Click Start, point to Programs, point to Administrative Tools, and then click Services.
  2. Double-click Kerberos Key Distribution Center.
  3. On the General tab, click Automatic in the Startup Type box.
  4. In the Service Status section, click Start.
  5. Click OK.
  6. Right-click the Net Logon service, and then click Stop.
  7. After the Net Logon service stops, start it again by right-clicking it and then clicking Start. Stopping and starting the Net Logon service forces registration of SRV records.


Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article.


Not having the Kerberos Key Distribution Center service started does not generally cause any error messages in Event Viewer. However, some functions may not be available (such as updating the Active Directory schema). When the Kerberos Key Distribution Center service is disabled, domain authentication is performed by using the NTLM Authentication package. For more information about Kerberos authentication in Windows 2000, see the "Windows 2000 Kerberos Authentication" white paper on the following Microsoft Web site:

Keywords: kbenv kbkerberos kbprb KB256289