| Event Id | 4000 |
| Source | DNS |
| Description | The DNS server was unable to open Active Directory. This DNS server is configured to obtain and use information from the directory for this zone and is unable to load the zone without it. Check that the Active Directory is functioning properly and reload the zone. The event data is the error code. Data: 0000: f5 25 00 00 |
| Event Information | CAUSE: This behavior can occur if you lock the system partition and remove the Everyone group from various locations. RESOLUTION: To resolve the behavior, reset system default file permissions: 1. Set environment variables as follows: a. At a command prompt, type net share sysvol, and then press ENTER. Notice the path that is returned. b. Right-click My Computer, and then click Properties. c. On the Advanced tab, click Environment Variables. d. In the System Variables section, click New. e. In the Variable Name box, type Sysvol. f. In the Variable Value box, type the path that you noted in step a without the last \sysvol item. g. Repeat these steps to create the %DSDIT% variable and the %DSLOG% variable. To view the path for these variables, examine these variables in the registry under the following key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Parameters .For example, the default location for the Database log files path and for the DSA Working Directory is the following:C:\WINNT\NTDS 2. At a command prompt, run the following commands: cd \winnt\security\templates secedit /configure /cfg "setup security.inf" /db ss.sdb /log ss.log /verbose secedit /configure /cfg basicdc.inf /db basicdc.sdb /log basicdc.log /verbose 3. Restart the computer. Cause 2: This issue may occur if the DNS server address that is specified in the TCP/IP protocol settings of the DNS server is not correct. If you have two network adapters with more than one IP address configured on your computer, you can use the first IP address of only one of the network adapters to configure the DNS server address. You cannot configure the DNS server address on both the network adapters. Resolution: To resolve this issue, follow these steps: 1. Click Start, point to Programs, point to Administrative Tools, and then click DNS. 2. Right-click the DNS server that you want to |
| Reference Links | DNS, Intersite Messaging, Global Catalog, NTFRS, and "Invalid Credentials" Error Messages on Domain Controller DNS Server Does Not Start with DBCS Domain Names Event ID 4000 is generated every five minutes on a DNS server that is running Windows 2000 Server Active Directory-Integrated Domain Name Is Not Displayed in DNS Snap-in with Event ID 4000 and 4013 Messages |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.