DNS Event ID 4010 on child domian

RSprott 1 Reputation point
2021-03-09T14:09:29.357+00:00

I have a parent child domain setup. We tried to do an Exchange schema update last night and were seeing some possible issues with AD. After some reboots of all the data center DCs the event logs for both domains appear clear and the logs state all issues have been cleared but I noticed DNS Event ID 4010 on both our parent DC's pointing to the record for the child domain. The DNS server was unable to create a resource record for 997a6da4-64bb-4a34-a65d-6766a2d1834a._msdcs.na.int-bn.com. in zone int-bn.com. The Active Directory definition of this resource record is corrupt or contains an invalid DNS name. The event data contains the error. I found a previous post stating to: Stop the netlogon service. Go to Windows\system32\config and rename the netlogon.dns and netlogon.dnb files to netlogon.dns_old and netlogon.dnb-old . From a command prompt type "ipconfig /flushdns" then run "ipconfig /registerdns" and then start netlogon again and check the event log if the error reoccurs. But their issue, it appears was for the primary domain and I'm curious if I should try the same steps for the my issue. Any help would be appreciated. I can't apply the Exchange patch until this is resolved.

Windows Server 2016
Windows Server 2016
A Microsoft server operating system that supports enterprise-level management updated to data storage.
2,368 questions
Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
5,838 questions
Windows DHCP
Windows DHCP
Windows: A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.DHCP: Dynamic Host Configuration Protocol (DHCP). A communications protocol that lets network administrators manage centrally and automate the assignment of Internet Protocol (IP) addresses in an organization's network.
1,021 questions

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Daisy Zhou 18,701 Reputation points Microsoft Vendor
    2021-03-10T06:11:42.813+00:00

    Hello @RSprott ,

    Thank you for posting here.

    Based on the deascrition above, I understand you have one root domain and one child domain.

    We can check as below:

    1.You can check how many DCs in both root domain and child domain by running command nltest /dclist:root.domain and nltest /dclist:child.domain .

    2.On all DCs, if there are only several DCs in the entire AD forest, we can check if there is the entry
    "997a6da4-64bb-4a34-a65d-6766a2d1834a._msdcs.na.int-bn.com" on al DCs one by one.

    For example:

    76067-domain1.png

    76108-domain2.png

    3.Check if the GUID 997a6da4-64bb-4a34-a65d-6766a2d1834a of the DC is actually existing or not, I mean maybe we have removed it, but not clear it completely.

    Hope the information above is helpful.

    Should you have any question or concern, please feel free to let us know.

    Best Regards,
    Daisy Zhou

  2. Daisy Zhou 18,701 Reputation points Microsoft Vendor
    2021-03-11T08:26:22.413+00:00

    Hello @hudson hery ,

    Thank you for your update.

    Do you know the DC name corresponding to the GUID 997a6da4-64bb-4a34-a65d-6766a2d1834a?

    We can check as below:

    repadmin /showrepl * >C:\repl.txt.

    Then check the information below.
    76663-d1.png

    For example:
    Default-First-Site-Name\VCHZHO720VM via RPC
    DSA object GUID: 42b23c41-9479-4d72-8667-5332444adacd

    DC name:VCHZHO720VM
    GUID: 42b23c41-9479-4d72-8667-5332444adacd
    Site:Default-First-Site-Name

    Best Regards,
    Daisy Zhou