Event ID 4002 — DNS Server Active Directory Integration

Applies To: Windows Server 2008 R2

You can configure the DNS Server service to use Active Directory Domain Services (AD DS) to store zone data. This makes it possible for the DNS server to rely on directory replication, which enhances security, reliability, and ease of administration.

Event Details

Product: Windows Operating System
ID: 4002
Source: Microsoft-Windows-DNS-Server-Service
Version: 6.1
Symbolic Name: DNS_EVENT_DS_ZONE_ADD_FAILED
Message: The DNS server was unable to add zone %1 to the Active Directory. Check that the Active Directory is available. Note that the zone will not be be added to and written to the directory unless you re-attempt adding the zone using the DNS console. The event data contains the error. For more information see "Add and Remove Zones" in the online Help.

Resolve

Troubleshoot AD DS and retry adding the zone

AD DS is not responding to requests from the DNS Server service. The DNS Server service relies on Active Directory Domain Services (AD DS) to store and retrieve information for AD DS-integrated zones. Ensure that AD DS is functioning properly, troubleshoot any problems, and then try to create the zone again.

For information about troubleshooting AD DS, see Active Directory Troubleshooting Topics (https://go.microsoft.com/fwlink/?LinkId=95789).

To perform this procedure, you must have membership in Administrators, or you must have been delegated the appropriate authority.

Create the zone after resolving any problems with AD DS.

To create a zone:

  1. On the DNS server, start Server Manager. To start Server Manager, click Start, click Administrative Tools, and then click Server Manager.
  2. In the console tree, expand Roles, expand DNS Server, and then expand DNS.
  3. Expand the DNS server, right-click the zone folder for the type of zone that you want to add, and then click New Zone to open the New Zone Wizard.
  4. Follow the instructions in the wizard to create the zone.

Verify

Ensure that Event IDs 4523 and 4524 are being logged and that no events in the range 4000 to 4019 appear in the Domain Name System (DNS) event log.

DNS Server Active Directory Integration

DNS Infrastructure