Monitor unlimited number of servers
Filter log events
Create email and web-based reports

Direct access to Microsoft articles
Customized keywords for major search engines
Access to premium content

Event ID: 414 Source: DNS

The DNS server machine currently has no DNS domain name. Its DNS name is asingle label hostname with no domain (example : "host" rather than "") You might have forgotten to configure a primary DNS domain for the server computer. For more information see either DNS server
log reference or To configure the primary DNS suffix for a client in the online Help. While the DNS server has only a single label name, all zones created will have default records (SOA and NS) created using only this single label name for the server's hostname. This can lead to incorrect and failed referrals when clients and other DNS servers use these records to locate this server by name.

As a solution the event further supplies the following :

To correct this problem:
  1. Open Control Panel.
  2. Start the System tool.
  3. Click the Network Identification tab.
  4. Click Properties.
  5. Type a domain name or work group name. This is used as your DNS domain name.
  6. Reboot the computer to initialize with new domain name. After the reboot, the DNS server will attempt to fix up default records, substituting new DNS name of this server, for old single label name. However, you should review to make sure zone's SOA and NS records now properly use correct domain name of this server.
The first thing to do for this event is to perform the steps described in the event itself and assign a DNS sufix. If that doesn't fix it then you can look for other solutions.

This event may show up on computers that are not part of a domain (stand-alone). In this case it is not that important to have a DNS domain so you can ignore it. The only drawback is that if you want to access a computer on the local network you may have to provide the entire host name. For example, vs. intranet - if you had "" as the primary DNS domain then the computer would automatically append the "" suffix to the "intranet" host name.

The ME259302 article provides more or less the same explanation as the event itself.

This event may olso occur if the PDC is no longer available (i.e. removed from the network without the proper transfer of its roles to other domain controllers). ME257623 may help in solving this problem.

From a newsgroup post: "The server is missing its primary DNS suffix. If the server is a member server or a stand alone server, right click on My Computer and choose properties. Click on the Network Identification tab and click properties. Then click the More button. In the Primary DNS suffix for this computer section, add the DNS suffix. If this machine is the member of an Active Directory, then the DNS suffix should be the AD domain name.

If this machine is a DC, open regedit. Go to HKLM\SYSTEM\CCS\Service\TCPIP\Parameters. In this key check for a value called "Domain". If it's there, it'll probably be blank. Open this value and add the AD domain name as the data. Next, check for the "NV Domain" key.  Again, this value may be blank. Open it and add the AD domain name as the data. Reboot the server. If these keys do not exist, then create the keys as string values."
This Event ID appeared once on the Application log of the first domain controller for a domain when it is was created with DCPROMO. Restart the computer and ignore this message if it does not appear again.
I had this error in DNS Event Log. I checked DNS and found that the _MSDSC folder was missing under my FWD Lookup Zone. I tried recreating to no avail. Finally, I found this fix from a newsgroup post: “Add this registry entry to fix this:
Key: HKLM\Systems\CurrentControlSet¬\Services\Netlogon\Parameters
New DWORD Value: DnsUpdateOnAllAdapters
Open and set Value to 1
Restart NETLOGON Service and the _MSDSC folders should appear".
If you have this error on a DNS server, you get this error because you did not append a DNS suffix to the name. So, your fully qualified domain name (FQDN) would be "server." instead of "" for example. This could be a major problem if this is a Windows 2000 Domain Controller. You cannot just go into System Properties and change the name of a DC in W2K. This could only be resolved with a demotion/re-promotion of a W2K DC.
See ME888048 for information on fixing this problem.

Windows Event Log Analysis Splunk App

Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to



Cisco ASA Log Analyzer Splunk App

Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.