DNS 4000 and 4013 Errors

  • Thread starter Thread starter Phillip
  • Start date Start date
P

Phillip

Ok...I have two DC's configured as winsrv01 and winsrv02, and both are
DNS servers as well. winsrv02 is the PDC and primary DNS, while
winsrv01 is the BDC and secondary DNS. winsrv01 (BDC) keeps getting
Event IDs 4000 and 4013 at the exact same time and almost every 5 or
10 minutes. Here are the Event IDs in a little more detail:

4000: The DNS server was unable to open Active Directory. This DNS
server is configured to obtain and use information from the directory
for this zone and is unable to load the zone without it. Check that
the Active Directory is functioning properly and reload the zone. The
event data is the error code.

4013: The DNS server was unable to open the Active Directory. This
DNS server is configured to use directory service information and can
not operate without access to the directory. The DNS server will wait
for the directory to start. If the DNS server is started but the
appropriate event has not been logged, then the DNS server is still
waiting for the directory to start.

I ran netdiag /fix and everything passed but...

Domain membership test . . . . . . : Failed
[WARNING] Ths system volume has not been completely replicated to
the local
machine. This machine is not working properly as a DC.

Any Ideas?

Also, how serious are these errors? It seems like everything is
working ok, but I would really like to resolve these.

TIA,
Phillip
 
In
Phillip said:
Ok...I have two DC's configured as winsrv01 and winsrv02, and both are
DNS servers as well. winsrv02 is the PDC and primary DNS, while
winsrv01 is the BDC and secondary DNS. winsrv01 (BDC) keeps getting
Event IDs 4000 and 4013 at the exact same time and almost every 5 or
10 minutes. Here are the Event IDs in a little more detail:

4000: The DNS server was unable to open Active Directory. This DNS
server is configured to obtain and use information from the directory
for this zone and is unable to load the zone without it. Check that
the Active Directory is functioning properly and reload the zone. The
event data is the error code.

4013: The DNS server was unable to open the Active Directory. This
DNS server is configured to use directory service information and can
not operate without access to the directory. The DNS server will wait
for the directory to start. If the DNS server is started but the
appropriate event has not been logged, then the DNS server is still
waiting for the directory to start.

I ran netdiag /fix and everything passed but...

Domain membership test . . . . . . : Failed
[WARNING] Ths system volume has not been completely replicated to
the local
machine. This machine is not working properly as a DC.

Any Ideas?

Also, how serious are these errors?
Click to expand...
Purdydam, serious.

In Win2k there are no PDCs or BDCs there are only DCs. One or the other will
be the operations master for these roles: RID, PDC, and Infrastructure,
there will also be a naming master and a Schema Master. You will also need
at least one DC acting as a Global Catalog.

All that being said, DNS is very important to Active Directory, if you have
AD integrated zones DNS gets its Data from Active Directory but AD won't
start without DNS, it is a catch 22 situation.
I assume DNS is installed on both DCs and the first DC is pointing to it own
address for DNS preferred then to the second DC Alternate, the second DC
should point to the First DC Preferred then to itself Alternate. No ISP's
DNS in your NICs on any machine.
Do not use ICS on a server with DNS or DHCP running.
I have also had this happen to me after I replaced a NIC and had to disable
and re-configure NAT in RRAS.

This is about all I can think of right off the bat, without seeing an
ipconfig /all. If you will post that from both DCs it will help me see what
happened.
 
Great Information!

-----Original Message-----
In
Phillip said:
Ok...I have two DC's configured as winsrv01 and winsrv02, and both are
DNS servers as well. winsrv02 is the PDC and primary DNS, while
winsrv01 is the BDC and secondary DNS. winsrv01 (BDC) keeps getting
Event IDs 4000 and 4013 at the exact same time and almost every 5 or
10 minutes. Here are the Event IDs in a little more detail:

4000: The DNS server was unable to open Active Directory. This DNS
server is configured to obtain and use information from the directory
for this zone and is unable to load the zone without it. Check that
the Active Directory is functioning properly and reload the zone. The
event data is the error code.

4013: The DNS server was unable to open the Active Directory. This
DNS server is configured to use directory service information and can
not operate without access to the directory. The DNS server will wait
for the directory to start. If the DNS server is started but the
appropriate event has not been logged, then the DNS server is still
waiting for the directory to start.

I ran netdiag /fix and everything passed but...

Domain membership test . . . . . . : Failed
[WARNING] Ths system volume has not been completely replicated to
the local
machine. This machine is not working properly as a DC.

Any Ideas?

Also, how serious are these errors?
Click to expand...
Purdydam, serious.

In Win2k there are no PDCs or BDCs there are only DCs. One or the other will
be the operations master for these roles: RID, PDC, and Infrastructure,
there will also be a naming master and a Schema Master. You will also need
at least one DC acting as a Global Catalog.

All that being said, DNS is very important to Active Directory, if you have
AD integrated zones DNS gets its Data from Active Directory but AD won't
start without DNS, it is a catch 22 situation.
I assume DNS is installed on both DCs and the first DC is pointing to it own
address for DNS preferred then to the second DC Alternate, the second DC
should point to the First DC Preferred then to itself Alternate. No ISP's
DNS in your NICs on any machine.
Do not use ICS on a server with DNS or DHCP running.
I have also had this happen to me after I replaced a NIC and had to disable
and re-configure NAT in RRAS.

This is about all I can think of right off the bat, without seeing an
ipconfig /all. If you will post that from both DCs it will help me see what
happened.






.
Click to expand...
 
Thanks for the reply and info. Im more of a Unix person and Im
helping one of our windows adminstrators try and get AD up and
running. Im at home right now but I will post that info for you.

Phillip
 
This is the primary DC, and does not show the errors.

Windows 2000 IP Configuration

Host Name . . . . . . . . . . . . : WINSRV02
Primary DNS Suffix . . . . . . . : ad.thearc.net
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : ad.thearc.net
thearc.net

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet
Physical Address. . . . . . . . . : 00-0B-DB-AC-E0-91
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 146.157.254.8
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 146.157.254.254
DNS Servers . . . . . . . . . . . : 146.157.254.8
146.157.254.9

This is the server that is generating the errors:
Windows 2000 IP Configuration

Host Name . . . . . . . . . . . . : WINSRV01
Primary DNS Suffix . . . . . . . : ad.thearc.net
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : ad.thearc.net

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet
Physical Address. . . . . . . . . : 00-0B-DB-AC-E0-97
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 146.157.254.9
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 146.157.254.254
DNS Servers . . . . . . . . . . . : 146.157.254.8
146.157.254.9



Phillip
 
Back
Top