dnsapi id:11163 Varoitus

Event ID virheet ja varoitukset
eero
Site Admin
Viestit: 329
Liittynyt: 07 Marras 2007 20:17

dnsapi id:11163 Varoitus

Viesti Kirjoittaja eero »

Event ID 11163 DnsApi Error

Troubleshooting a PC today, that had numerous DnsApi errors in the System event log. The WinXP client was unable to update its host record on the DNS server. The whole error message is listed below. The error was caused by a host record security problem. Our DNS is Active Directory integrated. We allow only secure updates. When a client boots up, gets an IP via DHCP, it then sends a request to the DNS server to create a host record. The reason why it fails, is because the host record already exists, but the WinXP client doesn't have permissions to change it. This particular machine had been imaged recently, and after running sysprep, the machines old domain account was deleted, and a new one was created with a different SID. When I open the DNS console, then the machine's host record, on the security tab was one of those ? {1-5-512-5464} type SID entries, that you commonly see on a security tab in Windows, when the account no longer exists. Well, in this case, it was a computer account, not a user account. After I deleted the host record and reverse-lookup records, I rebooted the client and no more errors in the System event log. Of course, you can also use the ipconfig /registerdns command and get the same results. Note that in the error message below, there is a line that says "Sent update to server: 172.1.1.1", which I thought was important, but its not, its just a red herring. I have no idea why it says that, but that is not the root of the error.

*************************************************************
Warning
Source: DnsApi
Event ID: 11163
Event Time: 5/23/2006 9:00:44 AM
User: n/a
Computer: Somecomputer
Description:
The system failed to register host (A) resource records (RRs) for
network adapter
with settings:
Adapter Name : {28442B0F-5CC5-4833-B293-823C9FF43614}
Host Name : somecomputer
Primary Domain Suffix : Domain.local
DNS server list :
172.27.0.100, 172.27.0.101
Sent update to server : 172.1.1.1
IP Address(es) :
172.27.1.132
The reason the system could not register these RRs was because the
DNS server failed the update request. The most likely cause of this
is that the authoritative DNS server required to process this update
request has a lock in place on the zone, probably because a zone
transfer is in progress.
You can manually retry DNS registration of the network adapter and
its settings by typing "ipconfig /registerdns" at the command prompt.
If problems still persist, contact your DNS server or network systems administrator.
*****************************************************