Link to home
Start Free TrialLog in
Avatar of Michael Hemberger
Michael Hemberger

asked on

DNS Server Error Active Directory ID 4013

I have a Hyper-V VM with Server 2016 and added the role for AD.
I added my first user and tried to connect but that the AD Domain Controller could not be contacted.
... an error occurred when DNS was queried for the service location..... DNS name does not exist. BTW my domain name is AGHSRV.LOCAL    
Not sure if using local is good or not??

So in my VM under the DNS section is error id 4013 ,  The DNS server is waiting for Active Directory Domain Services to signal that the initial synchronization of the directory has been completed.

I'm not sure if this error is playing into it or not.
Avatar of Hello There
Hello There

Is your DNS service running? Can you restart the service?

Can you open the DNS console and check DNS settings? Check your DNS records for your DNS servers in a console and check DNS settings on the NIC.
Has your client got the correct DNS settings either in the Static, or DHCP-assigned IP Address?  Is this DNS Server running, and using NSLOOKUP, can you query that DNS server and resolve the address of the DC?
Avatar of Michael Hemberger


I’m not at the Server but I’ll check these things before I respond

Make sure the server is pointing to itself in the NIC config for primary DNS server. If there's another DNS server there, you can put that one in as the secondary.

Ok... so I noticed that the DNS of the NIC (HyperV Switch) on the VM running Server 2016 with AD was,
So I changed it to the IP of the NIC.

The rebooted the VM.
Still saw the 4013 Warning

Then went to the test laptop and put that DNS of the server NIC in the in the IPV4 properties for the NIC and  joining the domain worked.

Why the warning? How long does that initial sync take and how do I know if it has synced?


OK - I need a clarification on the message.  Does it occur on a continuing basis while the server is running? Or does it occur only when you reboot.  That error is normal if it occurs only when you reboot, especially on a stand-alone DC (no other DCs on the network).  It's part of the process that the AD services don't start up first, so when you reboot, you'll see that error but it's transient and doesn't affect the availability of AD services after the reboot is finished and all services are started.

If I click on DNS in the left in Server Manager, the error 4013 doesn't continue to appear.
It's looking like it happens on startup...

In that case, you're fine - nothing to worry about. DNS is just complaining because the AD services aren't started yet, but it resolves itself later in the startup process. You'll continue to see this event any time you restart the server, but if you see it at any other time, then you need to investigate because it indicates that there's a problem with Active Directory on this server.

So it seems that your DC is healthy and the original reason you couldn’t join the domain was your client wasn’t pointing to the DNS server on your 2016 DC.

Have you set up DHCP, and if so, have you set the scope options to set the dns server correctly, or are you using static IPs for all your clients at the moment?
I haven't setup DHCP and would prefer not to do static IP's
How do I set it up for DHCP?
Are you in a test environment separate from your live environment?

How did the laptop get an IP address previously?

If there are no other DHCP servers in your environment, you need to install the DHCP role on your server, and then go through the process to authorise it, and then set up a scope.

If you are wanting internet access, you should find your router IP address etc., as you will need to set up an IP scope that can access the router.

You also need to ensure that your dhcp scope excludes your router address, server address and any other static addresses in use.

Here’s a decent guide:
Yes this is test environment I’m going to take live. The laptop(s) weren’t doing anything before. The are to help work thru all issues before going live

I’ll add the role and check your link
I have added the DHCP Role, but now getting these errors:

Error 10200   This computer has at least one dynamically assigned IPv6 address. For reliable DHCPv6 server operation , you should only use static IPv6 address.

Error 1059 The DHCP service failed to see a directory server for authorization

Error 1046 The DHCP/BINL service on the local machine, belonging to Windows Administrative domain AGHSRV.local has determined that it it not authorized to start. It has stopped serving clients. The following are some possible reasons:

This machine is part of a directory service enterprise and is not authorized in the same domain

Did you authorize the DHCP server and set up a scope?  Usually the error 1049 and 1046 are caused by having the DHCP service role installed but not configured.  

The 10200 error is normal if you're not actively using IPv6 and haven't configured it with a static IP address.  If you're not using it, there's no reason to configure it and you can just ignore the error.

I saw it showed to authorize (yes did it),
Setting up scope now, but how long should the lease time be?
I took the default lease time of 8 days.
restarted the VM...

Still seeing error 1059

Yes default lease time is fine especially in a test environment.  Try restarting the DHCP server service.  Sometimes you need to do that after authorization.

Restarted service didn't see errors
restarted  the VM and then checked DNS for errors..
Same thing Error 1059. DHCP service failed to seem directory server for authorization

When you look at it in the DHCP console, does it show as authorized (green checkmark on IPv4 and IPv6)?  Does the error reoccur on a regular basis or show only during restart?

Yes both are green.

If I look under DHCP Events, I see the error after startup but after that I don't see it repeating.

Would it show under DHCP events in a repeating fashion?
Don't know if this will help but...

before I setup DHCP on the VM server

On my test laptop, In the ipv4 laptop settings, I could put under dns, the ip address of VM and the laptop would connect
Now it doesn't...

So on the laptop I set the ipv4 back to receive ip and dns automatically by default.
Still doesn't connect to the server

If I open a command prompt on the laptop
an ifconfig shows NO gateway

One more thing...
I have my ethernet connection coming off of one of the four ports on the back of my wifi router..... not sure if this playing havoc

What scope did you create in DHCP?  If you can please open the DHCP management console and expand the view so that you can see the scope address pool, and then the scope and, if you set any, server options. Take screen captures and attach them to your message; something like this:

User generated image

User generated image

Avatar of Hello There
Hello There

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Thanks to all!
You are very welcome.

So misconfigured DHCP was the issue here?
Actually the first big problem was because of connecting to an ethernet port off of our wireless.
I called our firewall company and had them setup the third port on the hardware firewall(unused) to get the whole dhcp able to be used.