Solved

Event ID 5774

Posted on 2006-06-09
11
739 Views
Last Modified: 2007-12-19
I have a Window 2000 Server that is generating a series of 5774 errs every two hours. I have added a record to the DNS reverse lookup pointing to itself (it is the only recordin the reverse lookup), but the errs continue. The machine is a Domain Contoller with no other domains attached. The error generates about 12-16 entries over a period of about 5 minutes and then goes dormant for another two hours. This machine is being used mainly as a file server and there are hardly any programs installed on it. For some reason DHCP has NOT been installed/enabled, as there is no msc for it in the admin tools. Here is the actual error decription:

Source: Netlogon
Event ID: 5774

Registration of the DNS record '_kpasswd._tcp.cityname.companyname.com. 600 IN SRV 0 100 464 server.cityname.companyname.com.' failed with the following error:
DNS operation refused.  
0
Comment
Question by:evault
  • 4
  • 4
  • 3
11 Comments
 
LVL 23

Expert Comment

by:Mohammed Hamada
ID: 16871754
0
 
LVL 11

Expert Comment

by:grsteed
ID: 16871767
Have you seen this article

http://support.microsoft.com/?kbid=284963

Basically, it says that the Authoritative DNS server needs to be added to the list of DNS servers in the TCP/IP settings.

Cheers,

Gary
0
 
LVL 1

Author Comment

by:evault
ID: 16882976
I have tried all of the articles referenced with no positve results. The error reimains in the event log. This is a windows 2000 server acting as a domain controller running AD, but not DHCP.
0
Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

 
LVL 11

Expert Comment

by:grsteed
ID: 16883293
Can you post the results of ipconfig /all?  And can you confirm the address of the DNS server?

Gary

0
 
LVL 23

Expert Comment

by:Mohammed Hamada
ID: 16886121
SYMPTOMS
On a Windows 2000-based or Windows Server 2003-based domain controller that has Domain Name System (DNS) installed and integrated with Active Directory to allow secure dynamic updates, you may find that Event Viewer records the Netlogon error Event ID 5774 approximately every 70 seconds.
      Back to the top      
CAUSE
This behavior can occur when the DNS server that is authoritative for the Active Directory domain name is not listed on the DNS tab of the Advanced TCP/IP Settings dialog box.
      Back to the top      
RESOLUTION
To resolve this behavior, add the Internet Protocol (IP) address of the DNS server that is authoritative for the Active Directory domain name to the IP Protocol (TCP/IP) Properties, and then move it to the top of the list:


1.      On the desktop, right-click My Network Places, and then click Properties.      
2.      Right-click the appropriate connection object, and then click Properties.      
3.      Click Internet Protocol (TCP/IP), and then click Properties.      
4.      Click Advanced.      
5.      Click DNS.      
6.      Click Add, type the IP address of the DNS server in the DNS server box, and then click Add.      
7.      Click the arrows to move the IP address of the Active Directory DNS server to the top of the list.      
8.      Click OK in the open dialog boxes to close them and save the new settings.      
9.      Stop and then restart the Netlogon Service. The Event ID 5774 error messages should no longer occur.

Have you tried this ???? This is exactl error that you have, the only difference is that your log is generated every 5 mins..!
0
 
LVL 23

Expert Comment

by:Mohammed Hamada
ID: 16886135
Try this also.. in the second link i posted.

Configure the Netlogon service to depend on the DNS service. This will cause the Netlogon service to start after the DNS service starts. To do this, run REGEDT32, and go to:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon
In the right pane, double-click the value DependOnService and add DNS to the next available blank line. Click OK
0
 
LVL 1

Author Comment

by:evault
ID: 16887669
smoh10ly:

As I mentioned I tried every article and suggestion posted in this question; adding the ip address to the DNS tab of the advacned TCP/IP properties crashed the network. I did it exactly as described in the MS article you referenced.

I modified the registry at this location: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon and had to do it in hex because the registry entry did not have an option to modify in ASCII as did my windows 2003 server entry of the same location. After modifying the registry I restarted and received the same errs. Also I am not seeing this err every 5 minutes, I am seeing it every two hours.

To grsteed: Microsoft Windows 2000 [Version 5.00.2195]
(C) Copyright 1985-2000 Microsoft Corp.

C:\Documents and Settings\Administrator>ipconfig /all

Windows 2000 IP Configuration

        Host Name . . . . . . . . . . . . : server
        Primary DNS Suffix  . . . . . . . : city.company.com
        Node Type . . . . . . . . . . . . : Broadcast
        IP Routing Enabled. . . . . . . . : No
        WINS Proxy Enabled. . . . . . . . : No
        DNS Suffix Search List. . . . . . : city.company.com
                                            company.com

Ethernet adapter Local Area Connection:

        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : Intel(R) PRO/1000 XT Network Connect
ion
        Physical Address. . . . . . . . . : 00-06-5B-F2-B3-F9
        DHCP Enabled. . . . . . . . . . . : No
        IP Address. . . . . . . . . . . . : 192.168.254.2
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 192.168.254.254
        DNS Servers . . . . . . . . . . . : 64.xxx.172.26
                                            64.xxx.163.106

C:\Documents and Settings\Administrator>
0
 
LVL 1

Author Comment

by:evault
ID: 16887686
grsteed: ipaddress of the DNS server is external, the domain controller is the internal IP Address as shown in the previous posting: 192.168.254.2. I did not set this up so I cannot tell you why things are set up the way they are.
0
 
LVL 1

Author Comment

by:evault
ID: 16887757
to all: here is the actual error message as recorded by the event log: Event Type:      
Event Type:      Error
Event Source:      NETLOGON
Event Category:      None
Event ID:      5774
Date:            6/12/2006
Time:            10:49:21 AM
User:            N/A
Computer:      SERVER
Description:
Registration of the DNS record '_kpasswd._tcp.cityname.companyname.com. 600 IN SRV 0 100 464 server.cityname.companyname.com.' failed with the following error:
DNS operation refused.  
Data:
0000: 2d 23 00 00               -#..    

PRECEEDED BY:

Error
Event Source:      NETLOGON
Event Category:      None
Event ID:      5774
Date:            6/12/2006
Time:            10:49:21 AM
User:            N/A
Computer:      SERVER
Description:
Registration of the DNS record '_gc._tcp.cityname.companyname.com. 600 IN SRV 0 100 3268 server.cityname.companyname.com.' failed with the following error:
DNS operation refused.  
Data:
0000: 2d 23 00 00               -#..    

PRCEEDED BY

Event Type:      Error
Event Source:      NETLOGON
Event Category:      None
Event ID:      5774
Date:            6/12/2006
Time:            10:49:20 AM
User:            N/A
Computer:      SERVER
Description:
Registration of the DNS record '_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.cityname.companyname.com. 600 IN SRV 0 100 88 server.cityname.companyname.com.' failed with the following error:
DNS operation refused.  
Data:
0000: 2d 23 00 00               -#..    


PRECEEDED BY

Event Type:      Error
Event Source:      NETLOGON
Event Category:      None
Event ID:      5774
Date:            6/12/2006
Time:            10:49:20 AM
User:            N/A
Computer:      SERVER
Description:
Registration of the DNS record '28c47b56-bc73-412a-b4a0-29d6c65cb70d._msdcs.cityname.companyname.com. 600 IN CNAME server.cityname.companyname.com.' failed with the following error:
DNS operation refused.  
Data:
0000: 2d 23 00 00               -#..    

And it goes on for another 12 or so errs
0
 
LVL 11

Expert Comment

by:grsteed
ID: 16887994
What do you mean by "crashed the network".  Did you lose network access by name AND IP?

What's probably happening is that your DNS Server(s) aren't configured with forwarders using the addresses above for DNS.

Normally DNS in a Domain environment is set up with everyone using the internal DNS server for the Domain, and that server is set up with forwarders to the external (your ISP's) DNS servers.

The error says "DNS operation refused" makes me wonder if there is a dynamic update or Zone transfer trying to go to the external DNS servers.


Hmmm just foud this link. It shows event 5744 and not 5774. I see that you made another comment while I was typing this one up that shows the Event ID as 5774. Maybe a typo on Microsoft's part. Anyway check out this link.

http://support.microsoft.com/default.aspx?scid=kb;en-us;316239

 
Also, here's some links for MS DNS server setup.

For Win2k
http://www.microsoft.com/windows2000/en/advanced/help/default.asp?url=/windows2000/en/advanced/help/sag_DNS_pro_ConfigServer.htm

For Win2k3

http://support.microsoft.com/default.aspx?scid=kb;en-us;814591

Cheers,

Gary
0
 
LVL 23

Accepted Solution

by:
Mohammed Hamada earned 500 total points
ID: 16888178
I have read this Ms article and it says that "One or more of the DC Locator DNS records are not registered in the DNS database"..

The crashes are probably happens due to the Services script which is used by AD for monitoring the DC locator..

Have alook Here at the Netlogon information..
http://www.microsoft.com/technet/prodtechnol/mom/mom2000/maintain/admptech/admptr05.mspx

Try disabling the Netlogon service and restart it to see if the DNS records will be registered after you enable it the second time, To see how to enable Netlogon see under "The Net Logon Service" in the following MS-KB:

http://support.microsoft.com/default.aspx?scid=kb;en-us;Q246804
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Migration of Exchange mailbox can be done with the ExProfre.exe tool. But at times, when the ExProfre.exe tool migrates the Exchange Server user profile, it results in numerous synchronization problems. Synchronization error messages appear in the e…
For both online and offline retail, the cross-channel business is the most recent pattern in the B2C trade space.
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…

778 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question