none
DNS Enhanced Logging and Diagnostics Hotfix kb2956577 cannot be installed RRS feed

  • Question

  • Per the below technet article, I want to enable DNS diagnostic logging on Server 2012 R2 Standard using the hotfix from kb2956577.

    https://technet.microsoft.com/en-us/library/dn800669%28v=ws.11%29.aspx 

    I downloaded the hotfix and ran it, however when run it gives the error that it was not applicable to the computer. I have other Server 2012 R2 Standard servers that I also tried to run this on and received the same error.

    I need to be able to enable Audit and Analytic events for DNS so we can log and audit what clients are making DNS requests to a blocked domain.

    Thanks!


    • Edited by Travis040 Wednesday, June 8, 2016 7:10 PM more info
    Wednesday, June 8, 2016 12:35 PM

Answers

  • Hi,

    Base on my research,KB2956577 update the 'DNS.exe' of x64 windows server 2012 R2 to version '6.3.9600.17231',please check your 'DNS.exe''s version,if it is higer than 17231,may be by other patch,you can't install it.And you should check if you have already had the function.

    ________________________________________
    Best Regards,
    Cartman
    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.


    Tuesday, July 5, 2016 7:51 AM

All replies

  • Hi,

    Please make sure you download matched version(x86orx64).

    And check this link for your reference:

    'The update is not applicable to your computer ' when you install windows update

    https://support.microsoft.com/en-us/kb/3057448

    ________________________________________
    Best Regards,
    Cartman
    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.

    Thursday, June 9, 2016 2:56 AM
  • It's a 64 bit OS and I'm trying to install the 64bit version.

    Option 1 doesn't appear to be it; I can't find anything about it being superseded.

    Option 2 is not it; I don't have the options I should.

    Option 3 Isn't is. It's 64bit like I said.

    Option 4 is not it, KB2919355 is the prerequisite and it's already installed.

    Any other ideas?

    Friday, June 10, 2016 1:03 AM
  • Hi,

    Please try to reset windows update compnoents and install again:

    How do I reset Windows Update components?

    https://support.microsoft.com/en-us/kb/971058

    ________________________________________
    Best Regards,
    Cartman
    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.

    Friday, June 10, 2016 8:00 AM
  • I followed the instructions and the update still errors out saying it's not applicable to my computer.
    Friday, July 1, 2016 12:47 AM
  • Hi,

    Base on my research,KB2956577 update the 'DNS.exe' of x64 windows server 2012 R2 to version '6.3.9600.17231',please check your 'DNS.exe''s version,if it is higer than 17231,may be by other patch,you can't install it.And you should check if you have already had the function.

    ________________________________________
    Best Regards,
    Cartman
    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.


    Tuesday, July 5, 2016 7:51 AM

    It's been a long while with no attention in this thread, but I thought I would add my experience and findings.

    • As in Travis040's case:
    • Running x64 Windows
    • Running Windows Server 2012 R2
    • Verified the update has not been superseded
    • Verified the correct prerequisite KB (KB2919355) is installed
    • Verified the KB in question (KB2956577) is not already installed by running 
    Get-HotFix -ID KB2919355

    and by checking Installed Updates in Programs and Features

    Despite those checks, I am unable to install Windows8.1-KB2956577-v2-x64.msu which is the unzipped installer provided at https://support.microsoft.com/en-us/hotfix/kbhotfix?kbnum=2956577&kbln=en-US due to encountering the error message "The update is not applicable to your computer." when attempting to install.

    As Cartmen Shen notes, although in pretty unclear fashion, if your version of DNS.exe is higher than 6.3.9600.17231 you can't install it. I think what your trying to say after that, Cartmen, is that we should check if the function is already available. I tried this and found that I am able to follow the instructions shown here in the documentation (as linked by Travis040) to enable the Analytic log under Event Viewer\Applications and Services Logs\Microsoft\Windows\DNS-Server. The problem thereafter, at least in my case, is that after Enabling logging and refreshing the log I encounter the error shown below:

    Query Error
    One or more logs in the query have errors
    Log: Microsoft-Windows-DNSServer/Analytical
    Error: The requested operation cannot be performed over an enabled direct channel. The channel must first be disabled before performing the requested operation

    There are no logs displayed in the Analytical log section, despite it being enabled. Interestingly enough, when I Disable logging for the Analytical log, the exact events I want to see are being logged, but are only viewable when logging is disabled for Analytical logs.

    I did some quick searching on this error message and found an article (https://support.microsoft.com/en-us/help/2488055/error-when-enabling-analytic-or-debug-event-log) that describes the issue and provides a resolution, albeit without really giving me what I want. The problem is that with Analytical logs (seemingly applying to any kind, not just DNS-Server) you cannot have the "Overwrite events as needed(oldest events first) setting enabled and also view logs at the same time. To be able to use this setting and view the log when needed, you must first disable Analytical logging and export the log using Wevtutil.exe, and then re-enable the log which will clear all log entries to begin collecting once again.

    All in all this was a painful process to say the least and I'm disappointed in how much time I had to spend to get this working. Hopefully someone else who comes across this post finds this helpful.

    • Edited by Arindo Bautista Wednesday, March 21, 2018 12:26 AM
    • Proposed as answer by Micmaher Tuesday, October 16, 2018 12:38 PM
    Wednesday, March 21, 2018 12:20 AM
  • Thanks Arindo saved me a lot of time there. I can understand your frustration too. A bit sloppy from MS
    Tuesday, October 16, 2018 12:40 PM