Active Directory DNS Server Access Denied
Some times after administrator password changing or server that works long time with out reboot you might lose its secure channel to itself, eventID :
Event ID 4000:
The DNS server was unable to open Active Directory. This DNS server is configured to obtain and use information from the directory for this zone and is unable to load the zone without it. Check that the Active Directory is functioning properly and reload the zone. The event data is the error code.
Event ID 4007:
The DNS server was unable to open zone <zone> in the Active Directory from the application directory partition <partition name>. This DNS server is configured to obtain and use information from the directory for this zone and is unable to load the zone without it. Check that the Active Directory is functioning properly and reload the zone. The event data is the error code.
the fix is to re-establish the secure channel, from elevate command promp execute :
net stop kdc klist purge netdom resetpwd /server:127.0.0.1 /userd:domain.com\administrator /passwordd:* net start kdc
After that restart the active directory server
Good luck
Thanks! It worked perfectly on my 2019ess server
That worked for me! Many thanks
Hi, I’ve tried this, but I’m getting the following when I try to do the netdom command.
The machine account password for the local machine could not be reset.
An internal error occurred.
The command failed to complete successfully.
Looks like you having problem reaching the domain, try DCDIAG on the DC and make sure all is well with it
thank you issue resolved
Thanks a million, it worked for my additional DC.
hi im very very hapy for your solution .thanks a alot
Thanks.
Work fine
Thank you. My issue is resolved.
can’t thank you enough, you saved me multiple hours of searching in the wrong place
THX
This resolved my issue as well on my 2019 DC Thank you so much!
THX
That worked for me! Many thanks
Great
Thanks worked perfectly!