ARCHIVED: At IU, why does my Windows XP computer always report an Event ID 40961 warning in the system log?

At Indiana University, computers running Windows XP will report the following warning in the system log:

Event Type:Warning
Event Source:LSASRV
Event Category:SPNEGO (Negotiator)
Event ID:40961
Date:X/XX/XXXX
Time:XX:XX:XX PM
User:N/A
Computer:XX-XXXX-XXXXX
Description:
The Security System could not establish a secured connection with the 
server DNS/ns.indiana.edu.  No authentication protocol was available.

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.

This warning occurs because of IU's mixed Unix and Windows DNS environment. By default, Windows XP will attempt to register its forward and reverse DNS records via DDNS. ADS will accept the forward registration (provided the computer has its primary DNS suffix set to ads.iu.edu); however, the Unix servers that handle the reverse DNS records do not accept DDNS updates. Updates to your reverse DNS lookup must be done manually; see Register a DNS reverse lookup (PTR) record for a computer in Indiana University's ADS domain

You can disable reverse DNS registration in Windows XP with a registry hack. Creating the key below, and then rebooting, will stop Windows XP from attempting a reverse DNS registration but will not affect your forward registration:

  DisableReverseAddressRegistrations 
  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters 
  Data type: REG_DWORD
  Range: 0 - 1
  Default value: 0

The default value of 0 allows the registration of PTR resource records. Setting the key value to 1 will disable reverse DNS registration.