Monitor unlimited number of servers
Filter log events
Create email and web-based reports

Direct access to Microsoft articles
Customized keywords for major search engines
Access to premium content

Event ID: 11166 Source: DnsApi

Source
Level
Description
The system failed to register network adapter with settings:
Adapter Name : {89317B1A-C246-4C7B-81D5-2CA8930EB721}
Host Name : FileServer
Adapter-specific Domain Suffix : domain.local
DNS server list : 209.242.21.82, 209.242.0.2, 209.242.0.5
Sent update to server : None
IP Address(es) : 192.168.127.254

The reason the system could not register these RRs was because of a security related problem. The cause of this could be (a) your computer does not have permissions to register and update the specific DNS domain name set for this adapter, or (b) there might have been a problem negotiating valid credentials with the DNS server during the processing of the update request.

You can manually retry DNS registration of the network adapter and its settings by typing "ipconfig /registerdns" at the command prompt. If problems still persist, contact your DNS server or network systems administrator. For specific error code, see the record data displayed below.
Comments
 
I had removed the computer accounts from AD and rebuilt some Windows 2003 servers and joined them back to the domain. The DNS A and PTR records still had the computer object permissions for the old computer objects, which showed up as un-resolvable SIDs. I manually gave the new computer objects proper rights to the A and PTR records and the errors stopped.
The Host record in DNS cannot be updated by the server because it does not have enough rights. On your DC, open DNS and look for the Host record for the server. Open and check the Security tab. Make sure the server name is there with Write permissions. If not, add it, and give it Write permission. This error should now go away (the server can update its own Host record in DNS again).
This event was in my case generated due to missconfiguration in DNS where the DNS server is set to Dynamic Updates but servers "A" records have Static Configuration.
1. Reconfigure the DNS server to do not update records dynamically.
2. Configure Records to do not be added statically.

This issue could be also with NETLOGON, where the server cannot communicate with DNS via the security tunnel. Try restarting NETLOGON to fix the problem.
I received this error on an ISA Server that I had just setup on the network. The problem was that I forgot to uncheck the "register this connection's addresses in DNS" option in the TCP/IP settings of the WAN-facing network adapter.
1. If the DNS forward and reverse lookup zones are active directory integrated and only allow secure update, make sure the ACL for the zones have authenticated users with “Create ChildObjects” permission only.
2. If you are issuing the ipconfig /registerdns command and get this error message, make sure you are logged in with a domain account.


I have seen this in companies that run DNS on UNIX. Those machines do not support (or allow) dynamic DNS updates as Windows does, hence the permissions related problem message.
I received this error on a few member servers running Windows Server 2003. When I checked the security of the host record for the Server, I noticed that it did not have the Server listed in the permissions. Member Servers that did not have this event ID had the Server listed in the permissions with Full control. I added the Server to the host record and gave it full permissions, and I no longer received the 11166 Event.
- Data: 0000: 00002338 = (9016 decimal) =DNS_ERROR_RCODE_BADSIG = "DNS signature failed to verify" - These problems appear when a permission error occurs on the DNS record. See ME871111 for details on this issue.
I was able to clear this error by deleting the A record of the offending server and then running "ipconfig /registerdns" on that server. What led me to trying this was I saw the permissions on that A record were different from several other A records I looked at. It looks as if the "bad" A record had been manually created as the machinename$ user was listed on the security tab with write permissions for other A records but not on the A record that DDNS could not update.

Windows Event Log Analysis Splunk App

Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net.

Read more...

 

Cisco ASA Log Analyzer Splunk App

Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.

Read more...