Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net. The EventId.Net for Splunk Add-on assumes that Splunk is collecting information from Windows servers and workstation via the Splunk Universal Forwarder.
|Source: NTDS Replication|
Active Directory could not resolve the following DNS host name of the source domain controller to an IP address. This error prevents additions deletions and changes in Active Directory from replicating between one or more domain controllers in the forest. Security groups group policy users and computers and their passwords will be inconsistent between domain controllers until this error is resolved potentially affecting logon authentication and access to network resources.
Source domain controller: <DC>
Failing DNS host name: <name>
NOTE: By default only up to 10 DNS failures are shown for any given 12 hour period even if more than 10 failures occur. To log all individual failure events set the following diagnostics registry value to 1:
HKLM\System\CurrentControlSet\Services\NTDS\Diagnostics\22 DS RPC Client
1) If the source domain controller is no longer functioning or its operating system has been reinstalled with a different computer name or NTDSDSA object GUID remove the source domain controller's metadata with ntdsutil.exe using the steps outlined in MSKB article 216498.
2) Confirm that the source domain controller is running Active directory and is accessible on the network by typing "net view \\<source DC name>" or "ping <source DC name>".
3) Verify that the source domain controller is using a valid DNS server for DNS services and that the source domain controller's host record and CNAME record are correctly registered using the DNS Enhanced version of DCDIAG.EXE available on http://www.microsoft.com/dns
4) Verify that that this destination domain controller is using a valid DNS server for DNS services by running the DNS Enhanced version of DCDIAG.EXE command on the console of the destination domain controller as follows:
5) For further analysis of DNS error failures see KB 824449:
11004 The requested name is valid but no data of the requested type was found.
|English: Request a translation of the event description in plain English.|
The "Event ID 2087: DNS lookup failure caused replication to fail" link provides suggestions on the troubleshooting approach for this problem.
This event was cleared on my PDC by listing the BDC as the DNS on both NICs (it is a multi-homed PDC and originally had its own IP addresses listed as its DNS). Doing this also cleared event 1053 and 1054. In this case, at boot up I believe the DNS services on my PDC did not start fast enough to allow it to find the other domain controllers.
See the link to "Troubleshooting Active Directory Replication Problems" for details on solving this problem.
This event can be ignored if it occurred when Windows was started in Active Directory Restore mode or some other form of Safe Mode. Otherwise, investigate further.
|Private comment: Subscribers only. See example of private comment|
|Links: ME216498, ME824449, Troubleshooting Active Directory Replication Problems, Event ID 2087: DNS lookup failure caused replication to fail|
|Search: Google - Bing - Microsoft - Yahoo - EventID.Net Queue (0) - More links...|
Send comments or solutions
- Notify me when updated