Event ID 1000 — DNS Server Configuration

Applies To: Windows Server 2008

The DNS server configuration consists of the settings that determine how the DNS server will function on a network and how those settings are stored and retrieved when they are needed.

 

Event Details

Product: Windows Operating System
ID: 1000
Source: Microsoft-Windows-DNS-Server-Service
Version: 6.0
Symbolic Name: DNS_EVENT_FILE_OPEN_ERROR
Message: The DNS server could not open the file %1. Check that the file exists in the %SystemRoot%\System32\Dns directory and that it contains valid data. The event data is the error code.

Resolve

Correct the file access problem

Confirm that the specified file exists in the %systemroot%\System32\DNS directory and that the attributes and permissions of the file allow read and write access by the DNS Server service account.

To perform this procedure, you must have membership in Administrators, or you must have been delegated the appropriate authority.

To confirm that the file exists:

  • Click Start, click Run, type %systemroot%\system32\dns\ (including the final \), and then click OK.

If the file is not listed, you must take steps to restore the file (for example, from backup) or recreate the file (for example, by deleting and recreating a zone).

If the file is listed, confirm that the DNS Server service account has read and write access to the file.

To confirm service account access to a file:

  1. On the DNS server, start Services. To start Services, click Start, click Administrative Tools, and then click Services.
  2. In the Services (local) list, right-click DNS Server, and then click Properties.
  3. Click the Log On tab, and then note whether Local system account is selected, or if This account is selected, note the name of the account.
  4. Click Cancel to close the dialog box.
  5. Click Start, click Run, type %systemroot%\system32\dns\ (including the final \), and then click OK.
  6. Right-click the file, and then click Properties.
  7. If the Read-only check box is selected, clear the check box.
  8. Click Security, and then determine whether the DNS Server service account is in the list.

If the DNS Server service account is not in the list, add the account and assign the appropriate permissions.

To add an account and assign permissions:

  1. Click Edit.
  2. In the Permissions for <file> dialog box, click Add.
  3. In the Select Users, Computers or Groups dialog box, type the name of the DNS Server service account. For example, if the DNS Server service account is the local system account, type system.
  4. Click OK.
  5. In the Permissions for <user> list, next to Full Control, click Allow, and then click OK.

If the DNS Server service account is already in the list, correct the permissions that are granted the account, if necessary.

To view and correct file permissions:

  1. Click the DNS Server service account.
  2. If a check mark does not appear next to Full Control under Allow, click Advanced.
  3. In the Advanced Security Settings for <file> dialog box, and then click Edit.
  4. If Include inheritable permissions from the object's parent is selected, clear the check box, and then click Copy.
  5. Click the DNS Server service account, and then click Edit.
  6. Next to Full Control, click the check box under Allow, and then click OK.

Verify

To verify that the Domain Name System (DNS) configuration is correct, verify that all configuration settings are correct, check the event log for events that indicate continuing problems, and then verify that DNS client computers are able to resolve names properly.

To verify DNS configuration settings:

  1. On the DNS server, start Server Manager. To start Server Manager, click Start, click Administrative Tools, and then click Server Manager.
  2. In the console tree, double-click Roles, double-click DNS Server, and then double-click DNS.
  3. Right-click the DNS server, and then click Properties.
  4. Review the settings on each tab, and verify that they contain the intended values.
  5. Expand the DNS server.
  6. Expand a zone folder, right-click a zone, and then click Properties.
  7. Review the settings on each tab, and verify that they contain the intended values.
  8. Repeat steps 6 and 7 for each zone.

To verify that DNS client computers can resolve names properly:

  1. On a DNS client computer, open a command prompt. To open a command prompt, click Start, click Run, type cmd, and then click OK.
  2. At the command prompt, type pinghostname (where hostname is the DNS name of a computer with a known IP address), and then press ENTER.

If the client can resolve the name, the ping command responds with the following message:

Pinginghostname [ip_address]

Note: The name resolution is successful even if the ping command reports that the destination is unreachable.

If the client cannot resolve the name, the ping command responds with the following message:

Ping request could not find hosthostname

DNS Server Configuration

DNS Infrastructure