This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(291.2, 38%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMT%3C/text%3E%3C/svg%3E)
Hi all, i have some problems with an AD Server apparently after applying the updates on december 27, 2021.
It is a single AD Server environment, so no replication processes, running on Windows Server 2019.
I have DNS error 4000 and 4007, i cannot open DNS Manager, it returns "Access was denied. Would you like to add it anyways?"
I've tried resetting netdom password with no results, both with kdc service on and off.
Testing the AD Services with dcdiag /fix it returns this, it cannot resolve the IP address cause of the problems mentioned before.
It seems like a loop problem, the DNS Server doesn't work because AD isn't working and vise versa.
Can anyone help me?
Thanks a lot!
Maybe this one.
https://learn.microsoft.com/en-us/troubleshoot/windows-server/networking/dns-zones-do-not-load-event-4000-4007
--please don't forget to upvote and Accept as answer if the reply is helpful--
@Dave Patrick please check the third image posted, i've tried with the kdc service on/off and got two different errors
If it's the only domain controller in the environment and there are no other DNS Servers available, follow the same steps but replace the PDC.Domain.com with the server's own IP address (since it itself is the PDC)
--please don't forget to upvote and Accept as answer if the reply is helpful--
Already tried it, i got the same error, i think it is related to the AD problems maybe? Also with the dns name of the server, the complete name doesn't work.
I forgot to specify that my DNS Settings are:
Primary: Server IP
Secondary: 127.0.0.1
What's the history here? has it ever worked? what has changed? Does it get the domain network profile?
It apparently worked since 27 dec 2021, when i patched the entire system.
No one noticed since today cause no one was working on it.
The first ever 4000/4007 error registered is on this date, but rolling back the updates doesn't resolve the issue unfortunately.
I've also updated all the Windows Client the next day, but i don't think it could be a problem.
As for the network profile, it's getting "Private" now
for the network profile, it's getting "Private" now
Try restarting the Network Location Awareness (NLA) service.
--please don't forget to upvote and Accept as answer if the reply is helpful--
Same, it's on Private again.
I've tried also rebooting the server a lot of times before.
If it can help, while starting, the "applying server configuration" takes much more time than usual
Might check the event logs for clues. Otherwise, you may need to restore from a recent backup (assumes a single domain controller)
--please don't forget to upvote and Accept as answer if the reply is helpful--
Can i send you some report logs? Which one do you need?
I'd start by checking the system event logs
I don't know how to attach it here, please check the wetransfer https://we.tl/t-vHKbcjdeni
You can just post event source and event ID's
It seems that these are the recurrent one:
Please run;
Dcdiag /v /c /d /e /s:%computername% >C:\dcdiag.log
repadmin /showrepl >C:\repl.txt
ipconfig /all > C:\dc1.txt
ipconfig /all > C:\dc2.txt
then put unzipped text files up on OneDrive and share a link.
The settings of my organization doesn't allow public share from OneDrive, as it's all small files, see the attachment below
Might check that all Auto start services have started up, failing that you may need to restore from a backup. Also going forward its always recommended to have at least two domain controllers for high availability and disaster mitigation (which could have helped here)
--please don't forget to upvote and Accept as answer if the reply is helpful--
I've tried restoring a backup to 27 dec, with no success.
Than restored to 20 dec, no success.
Now i've restored to 9 oct, no success.
Coming back in time, on september 9 we have migrated the DC from 2012 r2 to 2019, and in the same time we have changed the server, switching from HyperV to Esxi 7.0 virtualization.
My doubt now is that maybe something could have gone wrong in the process of the migration and that the problem started on 27th dec after the first reboot.
I have a backup of the old DC running 2012 r2, maybe it could help? Consider that it has been demoted after the migration.
Thanks