Article ID: 316685 - View products that this article applies to.
This article was previously published under Q316685
NoticeThis article applies to Windows 2000. Support for Windows 2000 ends on July 13, 2010. The Windows 2000 End-of-Support Solution Center
(http://support.microsoft.com/?scid=http%3a%2f%2fsupport.microsoft.com%2fwin2000)is a starting point for planning your migration strategy from Windows 2000. For more information see the Microsoft Support Lifecycle Policy
You may experience the following symptoms:
Event ID 4000
Description: The DNS server was unable to open Active Directory. This DNS server is configured to obtain and use information from the directory for this zone and is unable to load the zone without it. Check that the Active Directory is functioning properly and reload the zone. The event data is the error code.
Event ID 4013Furthermore, if you try to add an Active Directory-integrated zone to DNS, you may receive the following error message:
The DNS server was unable to open the Active Directory. This DNS server is configured to use directory service information and cannot operate without access to the directory. The DNS server will wait for the directory to start. If the DNS server is started but the appropriate event has not been logged, then the DNS server is still waiting for the directory to start.
DNS The zone cannot be created. The Active Directory service is not available.
When you try to force Active Directory replication by using Active Directory Sites and Services, you receive the following error message:
The following error occurred during the attempt to synchronize naming context NC DN from domain controller DC1 to domain controller DC2: Access is denied. The operation will not continue
This problem can occur if all of the following conditions are true:
Important This section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs. For more information about how to back up and restore the registry, click the following article number to view the article in the Microsoft Knowledge Base:
(http://support.microsoft.com/kb/322756/ )How to back up and restore the registry in Windows
To resolve this issue:
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
If you set the Shut down system immediately if unable to log security audits Group Policy setting, the CrashOnAuditFail registry value is automatically set to 1. However, if you shut down the server and then restart it, the CrashOnAuditFail registry data type is set to REG_NONE and the data value is set to 2. If you change the CrashOnAuditFail data type to REG_DWORD and set the data value to 0, the DNS snap-in can gain access to the Active Directory-integrated DNS. If you set the CrashOnAuditFail data value to 0 (disable), after you reapply the Group Policy setting, the data value is set to 1 again.
Even if you set the Security log size to 4 gigabytes (GB), the symptoms that are described in the "Summary" section of this article can occur if the Security log size reaches 200 to 300 megabytes (MB).
For more information about the problem that is described in this article, click the following article numbers to view the articles in the Microsoft Knowledge Base:
(http://support.microsoft.com/kb/232564/ )STOP 0xC0000244 when security log full
(http://support.microsoft.com/kb/140058/ )How to prevent auditable activities when security log is full
(http://support.microsoft.com/kb/178208/ )CrashOnAuditFail with Logon/Logoff auditing causes blue screen
(http://support.microsoft.com/kb/149393/ )CrashOnAuditFail activates on shutdown with ProcessTracking
(http://support.microsoft.com/kb/160783/ )Error message: Users cannot log on to a workstation
(http://support.microsoft.com/kb/312571/ )The event log stops logging events before reaching the maximum log size