Event ID 3 — DNS Server Service Status

Event ID 3 — DNS Server Service Status

Updated: November 13, 2007

Applies To: Windows Server 2008

The DNS Server service responds to requests from DNS client computers for name resolution services. Domain Name System (DNS) is a protocol that enables a computer to obtain the numeric IP address of another computer by submitting the target computer’s name to a DNS server. Problems with the DNS Server service can cause network performance to degrade or even prevent network computers from being able to locate each other.

Event Details

Product: Windows Operating System
ID: 3
Source: Microsoft-Windows-DNS-Server-Service
Version: 6.0
Symbolic Name: DNS_EVENT_SHUTDOWN
Message: The DNS server has shut down.

Resolve
Restart the DNS Server service

The DNS Server service is in an inconsistent state that requires that the service be restarted.

To perform this procedure, you must have membership in Administrators, or you must have been delegated the appropriate authority.

To restart the DNS Server service:

  1. On the DNS server, start Server Manager. To start Server Manager, click Start, and then click Server Manager.
  2. In the console tree, double-click Roles, double-click DNS Server, and then double-click DNS.
  3. Right-click the DNS server, click All Tasks, and then click Restart.

If the problem continues, restart the computer and then use Server Manager to verify that the DNS Server service has started.

To restart the computer:

  • Click Start, click the arrow next to the Lock button, and then click Restart.

To verify that the DNS Server service has started:

  1. On the DNS server, start Server Manager.
  2. In the console tree, expand Roles, and then click DNS Server.

The System Services list shows the state of the DNS Server service.

Verify

To verify that the DNS Server service is running properly, ensure that the DNS Server event log contains Event ID 2 and that the event log does not contain the following Domain Name System (DNS) error events:

  • 111
  • 403-407
  • 1001
  • 3151-3153
  • 6533
  • 7502-7504

Related Management Information

DNS Server Service Status

DNS Infrastructure

Related:

Event ID 3 Stored Password Configuration

Event ID 3 — Stored Password Configuration

Updated: November 30, 2007

Applies To: Windows Server 2008

A user account’s password or personal identification number (PIN) can be stored on the local computer, which allows the user to log on to the computer without entering a password or PIN.

Event Details

Product: Windows Operating System
ID: 3
Source: Microsoft-Windows-Security-Kerberos
Version: 6.0
Symbolic Name: KERBEVT_KERB_ERROR_MSG
Message: A Kerberos Error Message was received: on logon session %1 Client Time: %2 Server Time: %3 Error Code: %4 %5 Extended Error: %6 Client Realm: %7 Client Name: %8 Server Realm: %9 Server Name: %10 Target Name: %11 Error Text: %12 File: %13 Line: %14 Error Data is in record data.

Resolve
Change the stored password

If your password has changed and is stored on the local computer, you must change the stored password to the new password. You can change the stored password by using Stored User Names and Passwords.

To change the stored password by using Stored User Names and Passwords:

  1. Click Start, and then click Control Panel.
  2. Double-click User Accounts.
  3. Click Manage User Accounts.
  4. If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Continue.
  5. Click the Advanced tab, and then click Manage Passwords.
  6. In the Stored User Names and Passwords dialog box, click the appropriate user account, and then click Edit.
  7. In the Password box, type the correct password, and then click OK.
  8. Click Close.

Verify

To verify that the stored password is configured correctly:

  1. Log off of the computer and then log back on.
  2. Attempt to access a remote resource on a server that is using Kerberos authentication.
  3. If the resource can be accessed, the stored password has been configured correctly.

Related Management Information

Stored Password Configuration

Core Security

Related:

LDM – (ldm) Failed to start volume

Details
Product: Windows Operating System
Event ID: 3
Source: ldm
Version: 5.2.3790.1830
Message: LDM – (ldm) Failed to start volume
   
Explanation

This event indicates that the Logical Disk Manager could not start a volume because of configuration errors.

Cause

Possible causes include:

  • The volumes in a mirror set are not synchronized.
  • The volume is not fault tolerant, and a disk I/O error has occurred.
  • The volume is fault tolerant and multiple disk I/O errors have occurred.
  • A volume in the stripe set is missing.
   
User Action

Do one or more of the following:

  • Check the status of your hardware for any failures (for example, a disk, controller card, or cable failure).
  • Ensure all disks are present.
  • Rescan disks to ensure that Plug and Play can detect all disks.
  • Check if any disks have failed with bad sectors and need to be replaced.
  • Contact Microsoft Customer Service and Support.

Related:

A prohibited application setting is present in the Web.config file. This represents a potential security risk.

Details
Product: MapPoint Location Server
Event ID: 3
Source: Microsoft MapPoint Location Server
Version: 1.0.0.0
Message: A prohibited application setting is present in the Web.config file. This represents a potential security risk.
   
Explanation
If this error occurs the first time you start MapPoint Location Server, the installation may be corrupt; otherwise, someone may have tampered with the file.
   
User Action
If you receive this message after starting MapPoint Location Server for the first time, uninstall and then reinstall MapPoint Location Server Web Service.
If you have been running MapPoint Location Server successfully and then receive this message, check the message to determine which setting is prohibited, and then remove the prohibited setting from the Web.config file.
The default location for the Web.config file is C:\Program Files\Microsoft MapPoint Location Server\MMLS\Web Service\Web.config.
The default application settings are as follows:

yourSQLServerInstance]” />
YourMapPointLocationServerDatabase]” />
YourDomain]” />
YourMLSWebServiceAccountName]” />

   
Description
ProhibitedSettingPresent

Related:

A Kerberos Error Message was received: on logon session %1 Client Time: %2 Server Time: %3 Error Code: %4 %5 Extended Error: %6 Client Realm: %7 Client Name: %8 Server Realm: %9 Server Name: %10 Target Name: %11 Error Text: %12 File: %13 Line: %14 Error Data is in record data.

Details
Product: Windows Operating System
Event ID: 3
Source: Kerberos
Version: 5.2
Symbolic Name: KERBEVT_KERB_ERROR_MSG
Message: A Kerberos Error Message was received: on logon session %1 Client Time: %2 Server Time: %3 Error Code: %4 %5 Extended Error: %6 Client Realm: %7 Client Name: %8 Server Realm: %9 Server Name: %10 Target Name: %11 Error Text: %12 File: %13 Line: %14 Error Data is in record data.
   
Explanation

This error event is logged whenever Kerberos logging is enabled. For more details on the specific error see the Kerberos troubleshooting guide at Kerberos Authentication in Windows Server 2003.

   
User Action

Take the action recommended in the troubleshooting guide for this error.

Related:

Request with Basic Auth is received from HostAddress:”%1″, HostName:”%2″. Invalid Autodiscover site configuration. To fix the problem either remove Basic Auth or enable SSL.

Details
Product: Exchange
Event ID: 3
Source: MSExchange Autodiscover
Version: 8.0
Symbolic Name: ErrWebBasicAuthRequest
Message: Request with Basic Auth is received from HostAddress:”%1″, HostName:”%2″. Invalid Autodiscover site configuration. To fix the problem either remove Basic Auth or enable SSL.
   
Explanation

This Error event indicates that an Autodiscover client (for example, a Microsoft® Outlook® client) is connecting to the Microsoft Exchange Autodiscover service that has the Secure Sockets Layer (SSL) connection disabled and Basic authentication enabled. Autodiscover stops processing this request and returns an HTTP 403 error to the client. We recommend that the Autodiscover client and the Autodiscover service mutually connect by using SSL to prevent spammers from accessing corporate network information. ‘HostName’ in the error message text refers to the Domain Name System (DNS) name of the remote client.

   
User Action

To resolve this error, take one of these steps:

  • Enable SSL in the Autodiscover virtual directory on the Exchange Client Access server.

  • Use a more secure authentication scheme such as Integrated Windows authentication (also known as NTLM or Kerberos authentication).

For more information about the Autodiscover service, see Managing Autodiscover.

If you are not already doing so, consider running the tools that Microsoft Exchange offers to help administrators analyze and troubleshoot their Exchange environment. These tools can help you make sure that your configuration is in line with Microsoft best practices. They can also help you identify and resolve performance issues, improve mail flow, and better manage disaster recovery scenarios. Go to the Toolbox node of the Exchange Management Console to run these tools now. For more information about these tools, see Toolbox in the Exchange Server 2007 Help.

Related: