Active Directory DNS Server Access Denied

Some times after administrator password changing or server that works long time with out reboot you might lose its secure channel to itself, eventID :

Event ID 4000:

The DNS server was unable to open Active Directory. This DNS server is configured to obtain and use information from the directory for this zone and is unable to load the zone without it. Check that the Active Directory is functioning properly and reload the zone. The event data is the error code.

Event ID 4007:

The DNS server was unable to open zone <zone> in the Active Directory from the application directory partition <partition name>. This DNS server is configured to obtain and use information from the directory for this zone and is unable to load the zone without it. Check that the Active Directory is functioning properly and reload the zone. The event data is the error code.

the fix is to re-establish the secure channel, from elevate command promp execute :

net stop kdc
klist purge
netdom resetpwd /server:127.0.0.1 /userd:domain.com\administrator /passwordd:*
net start kdc

After that restart the active directory server

Good luck

Leave a Reply

Your email address will not be published. Required fields are marked *