none
DNS Event Id: 4015, 4513 and 4514

    Question

  • Hello There,

                       i want to discuss my problem with you. i have a server 2008 standard edition Active directory domain controller. to avoid single point failure i installer additional domain controller in window server 2008 standard edition but in my DNS event log displaying event id: 4015, 4513 and 4514 after every 3 minutes. that's why when i start my additional domain controller after loading window login screen take a long time to display. how to fix these errors. need a help.......    

    Wednesday, January 9, 2013 4:00 AM

Answers

  • Hi,

    It seems the DNS pointing issue, Please set the DNS pointing as per the following article.

    Best practices for DNS client settings on DC and domain members.
    http://abhijitw.wordpress.com/2012/03/03/best-practices-for-dns-client-settings-on-domain-controller/

    Is this a multi-domain environment? If yes, see follwoing article for DNS configuration.

    How to create a Parent-Child DNS Delegation, and How to Configure DNS to create a new Tree in the Forest:
    http://msmvps.com/blogs/acefekay/archive/2010/10/01/dns-parent-child-dns-delegation-how-to-create-a-dns-delegation.aspx

    Once done restart the netlogon and DNS server service and run ipconfig /flushdns and ipconfig /registerdns.

    If issue reocurs, post dcdiag /q, repadmin /replsum and ipconfig /all result from both DC.


    Best regards,

    Abhijit Waikar.
    MCSA | MCSA:Messaging | MCITP:SA | MCC:2012
    Blog: http://abhijitw.wordpress.com
    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees and confers no rights.

    Wednesday, January 9, 2013 4:40 AM
  • Hi,

    Event id 4015, 4514, 4513 can be caused by either a replication problem with the domain controllers direct partner or the domain controller sourcing the ForestDNSZone or DomainDNSZone partitions from a server that has a problem with Active Directory replication.

    To fix the issue, please try the following steps:

    1. Logon to a domain controller with an Enterprise admin account (Prefer to logon to the replication partner of the problematic DC)
    2. Run ntdsutil in a Domain Controller
    3. Run "domain management" command in ntdsutil
    4. Run "Connections" command and then connect to local server by "Connect to server localdcname" command. (Replace localdcname with local DC's hostname)
    5. Hit Q and enter.
    6. Run the following command and you will see that your problematic server is not listed in the output, although it should since it has DNS server installed.
      If you are replicating a DNS zone to the forest then run "List NC Replicas DC=ForestDnsZones,DC=domain,DC=com"
      If you are replicating a DNS zone to the domain then run "List NC Replicas DC=DomainDnsZones,DC=domain,DC=com"
    7. Before continuing to the next step make sure that there is no object under "LostAndFoundConfig" (serves as a container for lost forestwide objects) container. You can check this with ADSIEDIT.msc under Configuration Partition. If there is an object first check its "lastKnownParent" attribute and if you decide if this is not an orphaned object then move it to its location. If you decide this is an orphaned object then delete it.
    8. Now add your problematic Domain Controller with DNS server install to the NC's you are replicating. By running following commands.
      For Forest wide DNS partition:
      "Add NC Replica DC=ForestDnsZones,DC=domain,DC=com problemdcname.domain.com" (problematic DC name must be in full DNS name format). For Domain wide DNS partition:
      "Add NC Replica DC=DomainDnsZones,DC=domain,DC=com problemdcname.domain.com" (problematic DC name must be in full DNS name format).
    9. Force replication on problematic DC from its partner (where follow the steps from 1 to 8).

    Event ID 4514 — DNS Server Active Directory Integration:http://technet.microsoft.com/en-us/library/cc735801(WS.10).aspx
    Event ID 4513 — DNS Server Active Directory Integration:http://technet.microsoft.com/en-us/library/cc735845(WS.10).aspx

    If duplicate zone is present see this:http://msmvps.com/blogs/acefekay/archive/2009/09/02/using-adsi-edit-to-resolve-conflicting-or-duplicate-ad-integrated-dns-zones.aspx

    Reference link:http://social.technet.microsoft.com/Forums/en-US/winserverDS/thread/a1925ab3-1a24-476b-b1d7-d9fa5798310b

    Note:Please take full backup and systemstate backup of the server before you proceed.

    Hope this helps


    Best Regards,

    Sandesh Dubey.

    MCSE|MCSA:Messaging|MCTS|MCITP:Enterprise Adminitrator | My Blog

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

    Wednesday, January 9, 2013 9:16 AM

All replies

  • Hi,

    It seems the DNS pointing issue, Please set the DNS pointing as per the following article.

    Best practices for DNS client settings on DC and domain members.
    http://abhijitw.wordpress.com/2012/03/03/best-practices-for-dns-client-settings-on-domain-controller/

    Is this a multi-domain environment? If yes, see follwoing article for DNS configuration.

    How to create a Parent-Child DNS Delegation, and How to Configure DNS to create a new Tree in the Forest:
    http://msmvps.com/blogs/acefekay/archive/2010/10/01/dns-parent-child-dns-delegation-how-to-create-a-dns-delegation.aspx

    Once done restart the netlogon and DNS server service and run ipconfig /flushdns and ipconfig /registerdns.

    If issue reocurs, post dcdiag /q, repadmin /replsum and ipconfig /all result from both DC.


    Best regards,

    Abhijit Waikar.
    MCSA | MCSA:Messaging | MCITP:SA | MCC:2012
    Blog: http://abhijitw.wordpress.com
    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees and confers no rights.

    Wednesday, January 9, 2013 4:40 AM
  • Hi,

    Event id 4015, 4514, 4513 can be caused by either a replication problem with the domain controllers direct partner or the domain controller sourcing the ForestDNSZone or DomainDNSZone partitions from a server that has a problem with Active Directory replication.

    To fix the issue, please try the following steps:

    1. Logon to a domain controller with an Enterprise admin account (Prefer to logon to the replication partner of the problematic DC)
    2. Run ntdsutil in a Domain Controller
    3. Run "domain management" command in ntdsutil
    4. Run "Connections" command and then connect to local server by "Connect to server localdcname" command. (Replace localdcname with local DC's hostname)
    5. Hit Q and enter.
    6. Run the following command and you will see that your problematic server is not listed in the output, although it should since it has DNS server installed.
      If you are replicating a DNS zone to the forest then run "List NC Replicas DC=ForestDnsZones,DC=domain,DC=com"
      If you are replicating a DNS zone to the domain then run "List NC Replicas DC=DomainDnsZones,DC=domain,DC=com"
    7. Before continuing to the next step make sure that there is no object under "LostAndFoundConfig" (serves as a container for lost forestwide objects) container. You can check this with ADSIEDIT.msc under Configuration Partition. If there is an object first check its "lastKnownParent" attribute and if you decide if this is not an orphaned object then move it to its location. If you decide this is an orphaned object then delete it.
    8. Now add your problematic Domain Controller with DNS server install to the NC's you are replicating. By running following commands.
      For Forest wide DNS partition:
      "Add NC Replica DC=ForestDnsZones,DC=domain,DC=com problemdcname.domain.com" (problematic DC name must be in full DNS name format). For Domain wide DNS partition:
      "Add NC Replica DC=DomainDnsZones,DC=domain,DC=com problemdcname.domain.com" (problematic DC name must be in full DNS name format).
    9. Force replication on problematic DC from its partner (where follow the steps from 1 to 8).

    Event ID 4514 — DNS Server Active Directory Integration:http://technet.microsoft.com/en-us/library/cc735801(WS.10).aspx
    Event ID 4513 — DNS Server Active Directory Integration:http://technet.microsoft.com/en-us/library/cc735845(WS.10).aspx

    If duplicate zone is present see this:http://msmvps.com/blogs/acefekay/archive/2009/09/02/using-adsi-edit-to-resolve-conflicting-or-duplicate-ad-integrated-dns-zones.aspx

    Reference link:http://social.technet.microsoft.com/Forums/en-US/winserverDS/thread/a1925ab3-1a24-476b-b1d7-d9fa5798310b

    Note:Please take full backup and systemstate backup of the server before you proceed.

    Hope this helps


    Best Regards,

    Sandesh Dubey.

    MCSE|MCSA:Messaging|MCTS|MCITP:Enterprise Adminitrator | My Blog

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

    Wednesday, January 9, 2013 9:16 AM