Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net. The EventId.Net for Splunk Add-on assumes that Splunk is collecting information from Windows servers and workstation via the Splunk Universal Forwarder.
Registration of the DNS record '_ldap._tcp.SITENAME._sites.childdomain.parentdomain.com. 600 IN SRV 0 100 389 childdcname.childdomain.parentdomain.com.' failed with the following error: <error message>
|English: Request a translation of the event description in plain English.|
|Concepts to understand:|
What is the role of a DNS server?
What is LDAP?
What is the role of the Netlogon share?
Error message: DNS server unable to interpret format.
Error message: DNS operation refused.
This error was occuring every time a user logged on locally to the DC in a remote site. This DC was running DNS and was pointing to itself for name resolution. Sometimes this configuration cannot be avoided.
Two things solved this problem: first was to select "yes" for dynamic updates to the parent domain instead of secure updates, second was to set the netlogon service to be dependant on the DNS server service. Caution: be sure to backup the registry key prior to testing these changes.
See also ME259277 and ME316239 links below.
|Private comment: Subscribers only. See example of private comment|
|Links: ME316239, ME259277|
|Search: Google - Bing - Microsoft - Yahoo - EventID.Net Queue (0) - More links...|
Send comments or solutions
- Notify me when updated