Loaded SP4, now have 4010 error, Unable to load RR (CNAME of SVR's

[Guest]

Hi All,

I loaded SP4 on my Windows 2000 domain controller, that has DNS on it.
Immediately after that, everytime that I reboot the servers, I get the 4010
error in the DNS log of the event viewer. It happens on all of the servers.
I can do a 'flush/register DNS' and a 'net stop/start netlogon' and it
doesn't log the error, only on a reboot. The error seems to be pointing at
the CNAMES of my servers, and the domain name. I recreated one of the
records but it didn't fix it. The error is:
*****
'The DNS server was unable to load a resource record (RR) from the directory
at xxx11xx1-xx11-1x11-1x1x-11x1x11xx1x1._msdcs.domain in zone domain. Use
the DNS console to recreate this RR or check that the Active Directory is
functioning properly and reload the zone.'
****

Before SP4, I was trying to fix a 5781 error, and in doing so I created a
new '_msdcs.domain' zone. It populated itself but didn't fix the 5781 error.
I also swapped the FSMO roles just before the SP4 but everything was working
without giving the 4010 errors. To add one more problem, I have a
single-label domain name.

DCDiag comes up with no errors. Netdiag comes up with a DNS error (This
seems to be associated with the 5781 error):
*****
'Cannot find primary authoritive DNS server [RCODE_SERVER_FAILURE]
No DNS servers have the DNS records for this DC registered.
****

The 5781 error comes every 2 hours. It is:
****
'Dynamic registration or deregistration of one or more DNS records failed
because no DNS servers are available.'
****

Please help?

Thanks.

 

[Kevin D. Goodknecht Sr. [MVP]]

Hi All,

I loaded SP4 on my Windows 2000 domain controller, that has DNS on it.
Immediately after that, everytime that I reboot the servers, I get
the 4010 error in the DNS log of the event viewer. It happens on all
of the servers. I can do a 'flush/register DNS' and a 'net stop/start
netlogon' and it doesn't log the error, only on a reboot. The error
seems to be pointing at the CNAMES of my servers, and the domain
name. I recreated one of the records but it didn't fix it. The
error is: *****
'The DNS server was unable to load a resource record (RR) from the
directory at xxx11xx1-xx11-1x11-1x1x-11x1x11xx1x1._msdcs.domain in
zone domain. Use the DNS console to recreate this RR or check that
the Active Directory is functioning properly and reload the zone.'
****

Before SP4, I was trying to fix a 5781 error, and in doing so I
created a new '_msdcs.domain' zone. It populated itself but didn't
fix the 5781 error. I also swapped the FSMO roles just before the
SP4 but everything was working without giving the 4010 errors. To
add one more problem, I have a single-label domain name.

DCDiag comes up with no errors. Netdiag comes up with a DNS error
(This seems to be associated with the 5781 error):
*****
'Cannot find primary authoritive DNS server [RCODE_SERVER_FAILURE]
No DNS servers have the DNS records for this DC registered.
****

The 5781 error comes every 2 hours. It is:
****
'Dynamic registration or deregistration of one or more DNS records
failed because no DNS servers are available.'
****

It appears you have a single-label domain name.
Follow this KB and add the required registry entries to all DCs and clients.
300684 - Information About Configuring Windows 2000 for Domains with
Single-Label DNS Names
http://support.microsoft.com/default.aspx?scid=kb;en-us;300684

 

[Guest]

Thank you Kevin for getting me 1 step closer. I seen the Microsoft KB page
before but I thought the group policy method would work. After reading it
again, it is only for Windows 2003 and XP, not for W2k servers...so I did the
reg change manually and now that fixed my 5781 errors and my netdiag errors.
Now I just have the 4010 errors in the event viewer. Is there anything else
I should try? I still have 1 server that can not reboot until tonight
because it is a license server so it can not update the reg changes. It was
the old Forest root server (Pretty much everything except for the
Infrastructure role).

Thanks again,
Steve

Hi All,

I loaded SP4 on my Windows 2000 domain controller, that has DNS on it.
Immediately after that, everytime that I reboot the servers, I get
the 4010 error in the DNS log of the event viewer. It happens on all
of the servers. I can do a 'flush/register DNS' and a 'net stop/start
netlogon' and it doesn't log the error, only on a reboot. The error
seems to be pointing at the CNAMES of my servers, and the domain
name. I recreated one of the records but it didn't fix it. The
error is: *****
'The DNS server was unable to load a resource record (RR) from the
directory at xxx11xx1-xx11-1x11-1x1x-11x1x11xx1x1._msdcs.domain in
zone domain. Use the DNS console to recreate this RR or check that
the Active Directory is functioning properly and reload the zone.'
****

Before SP4, I was trying to fix a 5781 error, and in doing so I
created a new '_msdcs.domain' zone. It populated itself but didn't
fix the 5781 error. I also swapped the FSMO roles just before the
SP4 but everything was working without giving the 4010 errors. To
add one more problem, I have a single-label domain name.

DCDiag comes up with no errors. Netdiag comes up with a DNS error
(This seems to be associated with the 5781 error):
*****
'Cannot find primary authoritive DNS server [RCODE_SERVER_FAILURE]
No DNS servers have the DNS records for this DC registered.
****

The 5781 error comes every 2 hours. It is:
****
'Dynamic registration or deregistration of one or more DNS records
failed because no DNS servers are available.'
****

It appears you have a single-label domain name.
Follow this KB and add the required registry entries to all DCs and clients.
300684 - Information About Configuring Windows 2000 for Domains with
Single-Label DNS Names
http://support.microsoft.com/default.aspx?scid=kb;en-us;300684



--Â
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================

 

[Kevin D. Goodknecht Sr. [MVP]]

Thank you Kevin for getting me 1 step closer. I seen the Microsoft
KB page before but I thought the group policy method would work.
After reading it again, it is only for Windows 2003 and XP, not for
W2k servers...so I did the reg change manually and now that fixed my
5781 errors and my netdiag errors. Now I just have the 4010 errors in
the event viewer. Is there anything else I should try? I still have
1 server that can not reboot until tonight because it is a license
server so it can not update the reg changes. It was the old Forest
root server (Pretty much everything except for the Infrastructure
role).

I suggest you read it again, it is for Win2kSP4 and later, Win2k3, and XP.
Can you post the entire details of the 4010 event?

 

[Guest]

Hi Kevin,

Here is the error:
***********
The DNS server was unable to load a resource record (RR) from the directory
at ecc51be0-ca63-4f41-8d3d-78e5e79bd8a5._msdcs.engineering. in zone
engineering. Use the DNS console to recreate this RR or check that the
Active Directory is functioning properly and reload the zone. The event data
contains the error.
***********

I get 6 errors like that one. One for each server (Domain Controller) and
one for the domain. It looks like the ‘CNAMES’ with the GUID. I tried to
recreate one of the records but it didn’t help. All of the servers are W2K.
One server has SP4 and the other 4 have SP3. Should I install SP4 on all of
them?

Thanks,

Steve

 

[Kevin D. Goodknecht Sr. [MVP]]

Hi Kevin,

Here is the error:
***********
The DNS server was unable to load a resource record (RR) from the
directory at ecc51be0-ca63-4f41-8d3d-78e5e79bd8a5._msdcs.engineering.
in zone engineering. Use the DNS console to recreate this RR or
check that the Active Directory is functioning properly and reload
the zone. The event data contains the error.
***********

I get 6 errors like that one. One for each server (Domain
Controller) and one for the domain. It looks like the 'CNAMES' with
the GUID. I tried to recreate one of the records but it didn't help.
All of the servers are W2K. One server has SP4 and the other 4 have
SP3. Should I install SP4 on all of them?

I would first add the registry entries, then install SP4. Your going to need
the registry entries after SP4 anyway.
Did you create a _msdcs.engineering. zone?
If you did, did you also create a delegation named _msdcs in the engineering
zone?
Does the zone have dynamic updates allowed?

 

[Guest]

Good Morning,
I have SP4 installed on 3 servers. The 2 production servers I am leaving on
SP3 (Once this all works, I will shut those 2 down.). The reg changes have
been made. The zones have dynamic updates allowed. I do have a zone called
'_msdcs.engineering', no period at the end. It was not setup for zone
transfer for some reason. I changed the zone transfer and I deleted the
CNAME record of one of the SP4 srv's. I did a net stop/start on the srv that
I deleted and it recreated the record. I rebooted the dns server but I still
received all 6, 4010 errors. I expected to only see the 5 because of the
recreated record. What now?

Thanks.

Steve