Home
  •  

Microsoft Windows Server DNS Configuration File Open Error

Microsoft.Windows.Server.DNS.Configuration.FileOpenError (Rule)

Alert generating rule for Configuration.

Knowledge Base article:

Summary

The DNS server configuration consists of the settings that determine how the DNS server will function on a network and how those settings are stored and retrieved when they are needed.

Causes

The DNS Server could not open a file.

Resolutions

Correct the file access problem

Confirm that the specified file exists in the %systemroot%\System32\DNS directory and that the attributes and permissions of the file allow read and write access by the DNS Server service account.

To perform this procedure, you must have membership in Administrators, or you must have been delegated the appropriate authority.

To confirm that the file exists:

Click Start, click Run, type %systemroot%\system32\dns\ (including the final \), and then click OK.

If the file is not listed, you must take steps to restore the file (for example, from backup) or recreate the file (for example, by deleting and recreating a zone).

If the file is listed, confirm that the DNS Server service account has read and write access to the file.

To confirm service account access to a file:

1.On the DNS server, start Services. To start Services, click Start, click Administrative Tools, and then click Services.

2.In the Services (local) list, right-click DNS Server, and then click Properties.

3.Click the Log On tab, and then note whether Local system account is selected, or if This account is selected, note the name of the account.

4.Click Cancel to close the dialog box.

5.Click Start, click Run, type %systemroot%\system32\dns\ (including the final \), and then click OK.

6.Right-click the file, and then click Properties.

7.If the Read-only check box is selected, clear the check box.

8.Click Security, and then determine whether the DNS Server service account is in the list.

If the DNS Server service account is not in the list, add the account and assign the appropriate permissions.

To add an account and assign permissions:

1.Click Edit.

[2.In the Permissions for "file" dialog box, click Add.

3.In the Select Users, Computers or Groups dialog box, type the name of the DNS Server service account. For example, if the DNS Server service account is the local system account, type system.

4.Click OK.

5.In the Permissions for "user" list, next to Full Control, click Allow, and then click OK.

If the DNS Server service account is already in the list, correct the permissions that are granted the account, if necessary.

To view and correct file permissions:

1.Click the DNS Server service account.

2.If a check mark does not appear next to Full Control under Allow, click Advanced.

3.In the Advanced Security Settings for "file" dialog box, and then click Edit.

4.If Include inheritable permissions from the object's parent is selected, clear the check box, and then click Copy.

5.Click the DNS Server service account, and then click Edit.

6.Next to Full Control, click the check box under Allow, and then click OK.

External

http://technet.microsoft.com/en-us/library/dd349581(v=ws.10).aspx

Element properties:

TargetMicrosoft.Windows.Server.DNS.Server
CategoryAlert
EnabledTrue
Alert GenerateTrue
Alert SeverityError
Alert PriorityNormal
RemotableTrue
Alert Message
Windows DNS - Configuration - File Open Error

Event ID: {0}
Event Source: {1}
Event Log: {2}

Event Description: {3}
Event LogDNS Server

Member Modules:

ID Module Type TypeId RunAs 
DS DataSource Microsoft.Windows.EventProvider Default
Alert WriteAction System.Health.GenerateAlert Default

Source Code:

<Rule ID="Microsoft.Windows.Server.DNS.Configuration.FileOpenError" Enabled="true" Target="Microsoft.Windows.Server.DNS.Server" ConfirmDelivery="true" Remotable="true" Priority="Normal" DiscardLevel="100">

  <Category>Alert</Category>

  <DataSources>

    <DataSource ID="DS" TypeID="Windows!Microsoft.Windows.EventProvider">

      <ComputerName>$Target/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</ComputerName>

      <LogName>DNS Server</LogName>

      <Expression>

        <SimpleExpression>

          <ValueExpression>

            <XPathQuery Type="UnsignedInteger">EventDisplayNumber</XPathQuery>

          </ValueExpression>

          <Operator>Equal</Operator>

          <ValueExpression>

            <Value Type="UnsignedInteger">1000</Value>

          </ValueExpression>

        </SimpleExpression>

      </Expression>

    </DataSource>

  </DataSources>

  <WriteActions>

    <WriteAction ID="Alert" TypeID="Health!System.Health.GenerateAlert">

      <Priority>1</Priority>

      <Severity>2</Severity>

      <AlertName/>

      <AlertDescription/>

      <AlertOwner/>

      <AlertMessageId>$MPElement[Name="Microsoft.Windows.Server.DNS.Configuration.FileOpenError.AlertMessage"]$</AlertMessageId>

      <AlertParameters>

        <AlertParameter1>$Data/EventDisplayNumber$</AlertParameter1>

        <AlertParameter2>$Data/EventSourceName$</AlertParameter2>

        <AlertParameter3>$Data/Channel$</AlertParameter3>

        <AlertParameter4>$Data/EventDescription$</AlertParameter4>

      </AlertParameters>

      <Suppression>

        <SuppressionValue>$Data/LoggingComputer$</SuppressionValue>

      </Suppression>

      <Custom1/>

      <Custom2/>

      <Custom3/>

      <Custom4/>

      <Custom5/>

      <Custom6/>

      <Custom7/>

      <Custom8/>

      <Custom9/>

      <Custom10/>

    </WriteAction>

  </WriteActions>

</Rule>