Problem : Error event id 4010 on the domain controller
I get in the Dns Server event log an error message “source dns” “category none” “event id 4010” “The DNS server was unable to create a resource record for 65.10.2.10.in-addr.arpa. in zone 2.10.in-addr.arpa.
The active Directory deficition of the resource record is corrupt or contains and invalid DNS name. The event data contins the error.” DATA= 000: 7b 00 00 00
This happens about 50 times in the same second and then the server writes an event id 3000 saying it will stop write event 4010 because it occurs too many time a second.
It then blank for a couple of days before restarting to rights the error in the event log.
This is the same on both my DC controllers.
Solution: Error event id 4010 on the domain controller
I found the correct method (from Microsoft) which will be usefull to others and the good thing is that it is really fast and without impact:
“Based on my research and experience, this symptom mostly happens when the reverse lookup zone is corrupted.
To solve the issue, please first try the following steps:
1. Change the zone “2.10.in-addr-arpa.” to a standard primary DNS zone. This will initiate a delete of the zone from the AD.
Note: I understand that we have two DC\DNS servers on the network, this operation should only be needed on one DNS server. The change of the DNS zone will overwrite the previous instances of the DNS zone during AD replication between DNS servers.
a. In DNS management console, expand the DNS server, expand “Reverse Lookup Zones”.
b. Right-click “2.10.in-addr-arpa.”, click “Properties”.
c. In the new opened window, on “General” tab, in “Type” section, click “Change”.
d. In “Change Zone Type” window, uncheck the checkbox “Store the zone in Active Directory”, click “OK”.
2. Wait for a while (15 minutes single, 180 minutes multiple sites), after the change been replicated to other DNS servers. Change the zone “2.10.in-addr-arpa.” back to Active Directory-Integrated DNS zone. This will initiate a full-rewrite of the zone data to AD.
a. In DNS management console, expand the DNS server, expand “Reverse Lookup Zones”.
b. Right-click “2.10.in-addr-arpa.”, click “Properties”.
c. In the new opened window, on “General” tab, in “Type” section, click “Change”.
d. In “Change Zone Type” window, check the checkbox “Store the zone in Active Directory”, click “OK”.
You may follow the steps below to ensure that the change has been replicated to another DC:
a. After you make the change on the first DC. Please logon the second DC.
b. Click “Start”->”Administrative Tools”->”Active Directory Users and Computers”.
c. In “Active Directory Users and Computers” window, on the menu bar, click “View”->”Advanced Features”.
d. In the left panel, expand “System”, expand “MicrosoftDNS”. If the DNS zone “2.10.in-addr-arpa.” does not exist under “MicrosoftDNS”, we can say that the change has been replicated to the second DC.
Note: Following the 20 event id 4010 there was a event id 3000 which tells that DNS will suppress any further error messages as to not fill the event log, so to see if the fix worked, just restart the DNS Server services on both DC”
