Windows 2008 DNS error when trying to create a DNS A Record, "The host record cannot be created. Refused”
March 9, 2011
Recently I ran into an issue where after promoting 2 new Windows 2008 R2 Servers to Domain Controllers in a Windows 2003 Active Directory Forest that I was experiencing issues trying to create DNS A records on the 2nd Windows 2008 R2 DC Server I promoted. I had no issues creating DNS A records on the 1st Windows 2008 R2 DC I deployed, it just seemed to be an issue with the 2nd one. The error I was receiving was,
"The host record “DC FQDN” cannot be created. Refused
After some digging, I found the following fix:
- Open Group Policy Management
- Expand Domain Controllers under the Domain you are experiencing the issue with
- Select Default Domain Controller Policy
- Verify that Link Enabled is on and choose edit.
- Expand Computer configuration
- Expand Policies
- Expand Windows Settings
- Expand Security Settings
- Expand Local Policies
- Select User Rights Assignment
- Locate Manage auditing and security log and add the Administrators Group from your domain
- Run gpupdate to update the Group Policy on the Windows 2008 R2 DC
- Stop and Restart the DNS Service
**You should now be able to create the DNS A Record
Advertisement
