Resolving Event ID 40961 LSASRV – DNS/

This was an interesting problem I was discussing with a customer today. The customer had a concerning looking error appearing periodically in the event log:

Event ID: 40961
Source: LSASRV
Version: 5.2
Message: The Security System could not establish a secured connection with the server DNS/  No authentication protocol was available

The concerning part to this is the word “prisoner” which may set alarm bells ringing initially in some peoples minds. As it happens, this is perfectly legitimate, just the name of a DNS server run by

After some diagnosis and looking up, I found a few articles on the Internet which relate to this problem, and found the root cause. has a 192.x.x.x IP address. This is a big clue as it’s one of the non-routable reserved address spaces commonly used in smaller organisations. The customers internal address space turned out to be 192.168.x.x. The cause of the error was simply that there was no reverse lookup zone configured on their internal DNS server.

Remember, a quick check from a client by running “nslookup” from a command prompt and seeing a timeout error also will point immediately to a reverse DNS lookup zone missing problem.

Once the zone has been created, it may be worth doing the following on your DCs (if you can’t afford a reboot and have a small environment):
– ipconfig /registerdns
– net stop netlogon followed immediately by net start netlogon

Comments (6)

  1. Mike Dimmick says:

    Just a quick note: is not reserved for private networks. is. This is sometimes mistakenly misconfigured by network administrators, either by using other subblocks of the 192/8 network for private addresses, or by blocking the
    whole of 192/8 at the router.

    The three blocks of private addresses are defined in RFC 1918 – Address Allocation for Private Internets at

    The network is already allocated to BBN, as you can see with a whois query (e.g. at

  2. Ben says:

    thank you very much for this!  Having installed many many SBS servers and having DNS all set up automatically for me (flippin’ lazy mans server) I didnt realise you had to set up reverse lookup manually.  We have been having computer browser problems for a while now and this seems to have sorted it.  

    Thank you.


  3. Mark says:

    Just disable reverse lookups, as MS recommends it:

  4. Leon says:

    Hi, we have the same problem

  5. Leon says:

    We have the same problem,
    Sometimes one a day, several users cannot use outlook. We have contacted with microsoft but they are changes a lot on the exchanger server. But nothing helps.

  6. Nitin says:

    After following mention step still issue is not resolved,if posible please provide the other trubleshooting step and screen shot