Question

Urgent problem: Event ID 5781 in Win2003, and clients cannot log on.

Asked by: silent_waters

I've recently set up a new windows 2003 server at a new site in our business. I set up a dozen winXP client computers too. It is the 7th site in the business, and I've set the server up in the same way as all the others, it is running AD, DNS (AD integrated) and DHCP, and it was working perfectly, but this morning, when users tried to log on it took half an hour and didn't load their profiles. They have no access to their my documents folders which are on the server.
The server is showing error 5781 in the event log, and I can't find a solution that is relevent to Win2003 except after the server has been renamed, which mine hasn't.
Any ideas would be appreciated, I'm working against the clock to get the system back up.

Event Type:	Warning
Event Source:	NETLOGON
Event Category:	None
Event ID:	5781
Date:		12/03/2009
Time:		11:41:18
User:		N/A
Computer:	WLSPDC01
Description:
Dynamic registration or deletion of one or more DNS records associated with DNS domain 'wlmg.local.' failed.  These records are used by other computers to locate this server as a domain controller (if the specified domain is an Active Directory domain) or as an LDAP server (if the specified domain is an application partition).  
 
Possible causes of failure include:  
- TCP/IP properties of the network connections of this computer contain wrong IP address(es) of the preferred and alternate DNS servers 
- Specified preferred and alternate DNS servers are not running 
- DNS server(s) primary for the records to be registered is not running 
- Preferred or alternate DNS servers are configured with wrong root hints 
- Parent DNS zone contains incorrect delegation to the child zone authoritative for the DNS records that failed registration  
 
USER ACTION  
Fix possible misconfiguration(s) specified above and initiate registration or deletion of the DNS records by running 'nltest.exe /dsregdns' from the command prompt or by restarting Net Logon service. Nltest.exe is available in the Microsoft Windows Server Resource Kit CD.
 
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 2a 23 00 00               *#..

                                  
1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:

Select allOpen in new window

This Question has been solved and asker verified All Experts Exchange premium technology solutions are available to subscription members.

Subscribe now for full access to Experts Exchange and get

Instant Access to this Solution

  • Plus...
  • 30 Day FREE access, no risk, no obligation
  • Collaborate with the world's top tech experts
  • Unlimited access to our exclusive solution database
  • Never be left without tech help again

Subscribe Now

Asked On
2009-03-12 at 05:01:49ID24223382
Tags

Windows Server 2003 DNS Netlogon Windows XP

Topics

Windows 2003 Server

,

Active Directory

,

Domain Name Service (DNS)

Participating Experts
2
Points
0
Comments
21

Trusted by hundreds of thousands everyday for fast, accurate and reliable tech support.

  • "The time we save is the biggest benefit of Experts Exchange to Warner Bros. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange." Mike Kapnisakis, Warner Bros.
  • "Our team likes having a resource that is more secure than just using Google and most experts using this service really know their stuff. It's nice to look here first versus using Google." Dayna Sellner, Lockheed Martin
  • "Anytime that I've been stumped with a problem, 9 out of 10 times Experts Exchange has either the accepted solution or an open discussion of the potential solution to the problem." Kenny Red, eBay Inc.

See what Experts Exchange can do for you.

Got a question?

We've got the answer.

Experts Exchange has been collecting answers to technology questions since 1996…3 million and counting! If you have a question, chances are we already have your answer.

Screenshot of Experts Exchange Knowledgebase

Need individual assistance?

Our experts are ready to help.

If you can't find the exact answer you're looking for, ask our exclusive community of 50,000 experts. You’ll get a personalized answer from a trusted professional.

Screenshot of Experts Exchange Knowledgebase

Want to learn from the best?

Read articles from industry experts.

Thousands of free tech tips, tricks, how-to’s and tutorials are available in our peer reviewed articles section. See for yourself how smart our experts are, no login required.

Screenshot of an Article

Working on a long term project?

Store your work and research.

Save solutions to your questions, answers you’ve discovered through searching plus helpful articles in your personal knowledgebase for easy future access.

Screenshot of Experts Exchange Knowledgebase

Access the answers to your technology questions today.

Subscribe Now

30-day free trial. Register in 60 seconds.

What Makes Experts Exchange Unique?

Members of the expert community talk about why the experience at Experts Exchange is different than what you will find anywhere else.

Trusted by the world's most respected brands.

image of each brand's logo

Faithfully serving IT professionals since 1996.

Experts Exchange Logo

Try it out and discover for yourself.

Subscribe Now

30-day free trial. Register in 60 seconds.

Related Solutions

  1. VPN on Win2003
    Hello everybody! I'm trying to test VPN connection at home. I have a little kind of lab. Here it comes: two phone lines,on both ends DSL enabled. Different ISPs. Through AOL DSL internet trying to connect to another DSL line through RRAS(VPN) enabled on Win2003. I have links...
  2. Win2003 Domain clock syncing issues
    Hi, Some clock syncing issues: I have a quite new Win2003 domain. 1. How do I sync my domain controller with an external official clock? 2. Can I point the clients workstations to sync with a specific machine? Thanks, Od
  3. DHCP Server problem on WIN2003
    I have a Win2003 box running DHCP services. It used to be able to dish out IP addresses, but recently, it does not seem to work. Is there anyway I can test that the DHCP is working properly other than using a client machine with ipconfig/release, renew? On the server, there ...
  4. Win2003 domain users need to see old Win98 server U…
    Hello, This is my second week as Network Administrator on this job, and I just finished converting the network from a Win98Se workgroup server (not kidding) to a Win2003 server with active directory. Here's my problem: this place uses an archaic database software ("Ro...
  5. DHCP Split-Scope in Win2003
    Assuming both DHCP servers are available, what would happen if one Win2003 DHCP server ran out of addresses. Would the requesting client(s) receive an IP from the alternate automatically???

Free Tech Articles

  1. WARNING: 5 Reasons why you should NEVER fix a computer for free.
    It is in our nature to love the puzzle. We are obsessed. The lot of us. We love puzzles. We love the challenge. We thrive on finding the answer. We hate disarray. It bothers us deep in our soul. W...
  2. SCCM OSD Basic troubleshooting
    SCCM 2007 OSD is a fantastic way to deploy operating systems, however, like most things SCCM issues can sometimes be difficult to resolve due to the sheer volume of logs to sift through and the dispe...
  3. Migrate Small Business Server 2003 to Exchange 2010 and Windows 2008 R2
    This guide is intended to provide step by step instructions on how to migrate from Small Business Server 2003 to Windows 2008 R2 with Exchange 2010. For this migration to work you will need the fo...
  4. Create a Win7 Gadget
    This article shows you how to create a simple "Gadget" -- a sort of mini-application supported by Windows 7 and Vista. Gadgets can be dropped anywhere on the desktop to provide instant information, ...
  5. Outlook continually prompting for username and password
    There have been a lot of questions recently regarding Outlook prompting for a username and password whilst using Exchange 2007. There are a few reasons why this would happen and I will try to cover t...
  6. Backup Exchange 2010 Information Store using Windows Backup
    There seems to be quite a lot of confusion around the ability to backup Exchange 2010 using the built in Windows Backup feature. This stems from the omission of this feature prior to Exchange 2007 s...

Cloud Class Webinars

  1. Avoiding Bugs in Microsoft Access
    Alison Balter takes and in-depth look at avoiding bugs in Access. In this webinar you will learn about using the immediate window to debug your applications, invoking the debugger, using breakpoints to troubleshoot, stepping through code, setting the next statement to execute, ...
  2. Top 10 Best New Features in Visio 2010
    Scott Helmers gives live demonstrations of the top 10 new features in Visio 2010. This webinar will teach you how to create compelling diagrams by adding shapes to the page with a single click, linking the shapes in a diagram to data in Excel (or SQL Server, or SharePoint), ...
  3. IT Consultant Business Secrets Revealed
    Michael Munger, Experts Exchange tech pro and IT consultant, pulls back the curtain on his very successful businesses and answers question on every IT consultant and business owner should know about. He shares secrets on what he did to solve the 5 most common problems in IT, ...
  4. Disaster Recovery and Business Continuity
    Quest CTO, Mike Billon, gives an overview of the steps involved in building a dunamic disaster recovery plan. Through case studies and an examination of software/hardware tooles for monitoring and testing, you'll gain a better understandin of where you are, where you want ...
  5. Organize Your Visio Diagrams with Containers and Lists
    Scott Helmers uses cross functional flowcharts, wireframe diagrams, data graphic legends and seating charts to teach you: how to ustilize all three new structured diagram components in Visio 2010, the best practices for organizeing shapes in previous version of Visio, how to organize ...
  6. How to Us Objects, Properties, Events and Methods in Microsoft Access
    Alison Dalter gives an in-depbth look at objects, properties, events and methods in Microsoft Access. In this webinar you will learn about using the object browser, referring to objects, working with properties and methods, working with object variables, understanding the ...

Join the Community

Give a Little. Get a Lot.

Join the community of experts here and help other tech pros by answering question in your area of expertise. You can earn FREE access to all Experts Exchange's premium features and resources.

Join the Community

Answers

 

by: silent_watersPosted on 2009-03-12 at 05:05:24ID: 23867216

Clients are showing error 5719, no domain controller available.

 

by: Admin3kPosted on 2009-03-12 at 05:09:43ID: 23867251

http://www.eventid.net/display.asp?eventid=5781&eventno=167&source=NETLOGON&phase=1

this should provide some possible solutions on the server side.

 

by: EnclosAdminPosted on 2009-03-12 at 05:15:04ID: 23867288

Look at the servers event viewer and the event viewer on the root domain server as well.

Look at your Active Directory Sites & Services and see if your domain is generating a lot of KCC errors.

Generally in a well connected network the sites will set themselves up with the root server but you want to check that with each domain controller that you bring up, especially from a remote site.

 

by: silent_watersPosted on 2009-03-12 at 05:26:05ID: 23867368

Admin3k, I've signed up to this site for help, I don't want to sign up to eventid.net too, and it won't let me look at any of the links without doing so.

Enc, I've taken a look and there are no KCC errors. I've got a couple of new 2088 errors that have just apopeared in the Directory Service Log though. Does that tell you anything?

Thanks

 

by: EnclosAdminPosted on 2009-03-12 at 05:30:58ID: 23867412

For the 2088 error look here:
http://technet.microsoft.com/en-us/library/cc949121.aspx

For resolution of what might be causing the DNS problem look here:
http://technet.microsoft.com/en-us/library/cc949127.aspx

 

by: Admin3kPosted on 2009-03-12 at 05:32:49ID: 23867430

you do not have to sign up , just read through the comments & proposed solutions on that main page.

 

by: EnclosAdminPosted on 2009-03-12 at 05:32:51ID: 23867432

When you promote the servers in these remote sites to DCs are you installing DNS first and then promoting them or are you just allowing the DC to install the DC DNS with promotion?

 

by: Admin3kPosted on 2009-03-12 at 05:34:20ID: 23867442

Please allow MBAM to fix the problems , currently no Action taken , MBAM just detected the infections , you have to let it fix it.

 

by: Admin3kPosted on 2009-03-12 at 05:35:38ID: 23867456

Please ignore my last post :)

This issue is mainly mainly a DNS server configuration issue if you will refer to the Event ID link.

 

by: silent_watersPosted on 2009-03-12 at 05:37:11ID: 23867480

Admin: What?

Enc: I promote them and allow the DC to install DNS. The thing is it was working perfectly for a couple of days, and then after a reboot of the server it started coming up with this.

 

by: EnclosAdminPosted on 2009-03-12 at 05:54:57ID: 23867632

I now have about 40 remote sites around the world.  I generally install DNS first as a secondary zone and then promote the server to a DC.  I used to do what you're doing but I had problems too which is why I began installing DNS first.

Have you run dcdiag on both the root server and the affected Domain Controller?

 

by: silent_watersPosted on 2009-03-12 at 06:08:44ID: 23867760

DCdiag can resolve and ping the server name, but not the GUID DNS CNAME. Also it says the server is not responding to directory requests, although it didn't say that earlier. It also can't find the PDC. I'm getting out of my depth here, it seems to be getting worse by the minute!

 

by: silent_watersPosted on 2009-03-12 at 06:11:07ID: 23867786

That is on the DC on the problem site btw. The others, including the one with the PDC role are passing all tests.

 

by: EnclosAdminPosted on 2009-03-12 at 06:25:13ID: 23867934

You could demote it back to a member server - then install DNS as a secondary from the root DC and then re-promote it.  That will require a couple of reboots but it will clean everything up.

It seems to be having problems communicating with the root server.

Actually you could attempt to install DNS as a secondary to the root server as well and see if that helps the server to communicate properly with the root DC.

Either of those might be quicker that trying to diagnose the internal communication problem the remote DC is having.

From the Primary root server - under sites and services - is the new DC in the root servers NTDS settings?

 

by: silent_watersPosted on 2009-03-12 at 06:43:51ID: 23868131

New development: I was wondering why the Remote desktop connection to the server was slow, and upon investigating I found that the link to the site is dodgy. ping times are between 300 and 3000ms, and packets keep dropping.

I'm guessing that this is at least partly responisible for the issues? What can I do to solve this once the ISP stabilises the connection, or will everything magically start working again?

I can't demote the Controller because it can't contact another DC to verify the account or upload its data to.

 

by: EnclosAdminPosted on 2009-03-12 at 07:08:31ID: 23868431

Well that depends - if the connection is lousy then proper replication between the sites could be a factor.  Especially if there are drops occasionally.

Is the ISP involved in the case for the degraded connection?

 

by: silent_watersPosted on 2009-03-12 at 07:23:52ID: 23868638

Yes, I'm waiting for a call back at the moment.

Assuming that is the problem, is it likely to resolve once the conection is better?

 

by: EnclosAdminPosted on 2009-03-12 at 07:33:45ID: 23868763

Well it will make everything a whole lot easier that's for sure.  The connection would have had to be degraded for awhile though but if it is restored it is quite possible that the replication will clean itself up.

Interesting that from the root DC side everything seems well and good to the root DC.  I would imagine you'd see a few warnings about communication but perhaps from its perspective it is getting enough response through the dirty connection that it thinks things are fine.

There is enough degradation to cause the DC to have problems authenticating the users permissions properly though.  It's not getting the full AD database updated properly which is why your users cannot get to local shares.  I have seen that before.  I changed the default to 7 days so that if a remote site loses connectivity the users on that site can at least log on and get to their local shares off of the server.


 

by: silent_watersPosted on 2009-03-12 at 07:38:55ID: 23868831

Sorry, changed the default what?

 

by: silent_watersPosted on 2009-03-12 at 08:40:29ID: 23869688

Ok, the site link is fixed and I've rebooted the server but it still has the same issues. Netlogon logs three 5781 errors whenever it starts. DNS has no errors, everything else seems absolutely fine. SYSVOL is shared, Netlogon is running and users can sometimes log on with no problems, but still the server often won't find the profiles, or group policies won't be applied.

dcdiag output is atached. despite the problems reported with resolving the GUID entry for the server, there is an entry for it in DNS and an nslookup produces the correct result. The server is a GC server.

Help!!


Domain Controller Diagnosis
 
Performing initial setup:
   * Verifying that the local machine wlspdc01, is a DC. 
   * Connecting to directory service on server wlspdc01.
   * Collecting site info.
   * Identifying all servers.
   * Identifying all NC cross-refs.
   * Found 7 DC(s). Testing 1 of them.
   Done gathering initial info.
 
Doing initial required tests
   
   Testing server: Shepperton\WLSPDC01
      Starting test: Connectivity
         * Active Directory LDAP Services Check
         The host fb82ba6a-dceb-4878-81a7-0f0ab138eda9._msdcs.wlmg.local could not be resolved to an
         IP address.  Check the DNS server, DHCP, server name, etc
         Although the Guid DNS name
 
         (fb82ba6a-dceb-4878-81a7-0f0ab138eda9._msdcs.wlmg.local) couldn't be
 
         resolved, the server name (wlspdc01.wlmg.local) resolved to the IP
 
         address (10.169.149.1) and was pingable.  Check that the IP address is
 
         registered correctly with the DNS server. 
         ......................... WLSPDC01 failed test Connectivity
 
Doing primary tests
   
   Testing server: Shepperton\WLSPDC01
      Skipping all tests, because server WLSPDC01 is
      not responding to directory service requests
      Test omitted by user request: Topology
      Test omitted by user request: CutoffServers
      Test omitted by user request: OutboundSecureChannels
      Test omitted by user request: VerifyReplicas
      Test omitted by user request: VerifyEnterpriseReferences
      Test omitted by user request: CheckSecurityError
   
   Running partition tests on : DomainDnsZones
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom
   
   Running partition tests on : ForestDnsZones
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom
   
   Running partition tests on : Schema
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom
   
   Running partition tests on : Configuration
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom
   
   Running partition tests on : wlmg
      Starting test: CrossRefValidation
         ......................... wlmg passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... wlmg passed test CheckSDRefDom
   
   Running enterprise tests on : wlmg.local
      Starting test: Intersite
         Skipping site Shepperton, this site is outside the scope provided by
 
         the command line arguments provided. 
         Skipping site Ruislip, this site is outside the scope provided by the
 
         command line arguments provided. 
         Skipping site Slough, this site is outside the scope provided by the
 
         command line arguments provided. 
         Skipping site HighWycombe, this site is outside the scope provided by
 
         the command line arguments provided. 
         Skipping site Eastcote, this site is outside the scope provided by the
 
         command line arguments provided. 
         Skipping site Hanwell, this site is outside the scope provided by the
 
         command line arguments provided. 
         Skipping site WooburnMoor, this site is outside the scope provided by
 
         the command line arguments provided. 
         Skipping site MillHill, this site is outside the scope provided by the
 
         command line arguments provided. 
         ......................... wlmg.local passed test Intersite
      Starting test: FsmoCheck
         GC Name: \\wlspdc01.wlmg.local
         Locator Flags: 0xe00001fc
         Warning: DcGetDcName(PDC_REQUIRED) call failed, error 1355
         A Primary Domain Controller could not be located.
         The server holding the PDC role is down.
         Time Server Name: \\wlspdc01.wlmg.local
         Locator Flags: 0xe00001fc
         Preferred Time Server Name: \\wlspdc01.wlmg.local
         Locator Flags: 0xe00001fc
         KDC Name: \\wlspdc01.wlmg.local
         Locator Flags: 0xe00001fc
         ......................... wlmg.local failed test FsmoCheck
      Test omitted by user request: DNS
      Test omitted by user request: DNS
                                              
1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:
32:
33:
34:
35:
36:
37:
38:
39:
40:
41:
42:
43:
44:
45:
46:
47:
48:
49:
50:
51:
52:
53:
54:
55:
56:
57:
58:
59:
60:
61:
62:
63:
64:
65:
66:
67:
68:
69:
70:
71:
72:
73:
74:
75:
76:
77:
78:
79:
80:
81:
82:
83:
84:
85:
86:
87:
88:
89:
90:
91:
92:
93:
94:
95:
96:
97:
98:
99:
100:
101:
102:
103:
104:
105:
106:
107:
108:
109:
110:
111:
112:
113:
114:

Select allOpen in new window

 

by: silent_watersPosted on 2009-03-12 at 09:02:11ID: 23869991

This is all getting too convoluted. I'm closing this question and starting afresh.

http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/2003_Server/Q_24224414.html

20120131-EE-VQP-002

3 Ways to Join

30-Day Free Trial

The Experts

98% positive feedback on 31,087 answers since March 2000. angeliii is a Microsoft Most Valuable Professional for his work with MS SQL Server & Develoment.

He has also proven his knowledge of Visual Basic Programming, PHP Scripting and Oracle Databases.

The Experts

97% positive feedback on 10,752 answers since July 2000. lrmoore has more than 18 years experience in the networking industry.

The six-time Mircosoft MVPs specialties include firewalls, virtual private networking, and network management.

Testimonials

"...and excellent source for support... Kind of like having your very own IT dept." Electriciansnet

Testimonials

"I was apprehensive at signing up at first. However... it has already made my life as an IT administrator much easier." JaCrews

Testimonials

"WOW! You guys have great, active, and knowledgeable people on here." moore50

Business Clients

Business Clients

In the Press

"If you’ve got a question... Experts Exchange can supply an answer.”

In the Press

"...an invaluable aid for both IT professionals and those who require tech support."

In the Press

"where IT professionals provide quick answers on just about any topic"

Business Account Plans

Loading Advertisement...