[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 786
  • Last Modified:

Event ID 5774

I have a Window 2000 Server that is generating a series of 5774 errs every two hours. I have added a record to the DNS reverse lookup pointing to itself (it is the only recordin the reverse lookup), but the errs continue. The machine is a Domain Contoller with no other domains attached. The error generates about 12-16 entries over a period of about 5 minutes and then goes dormant for another two hours. This machine is being used mainly as a file server and there are hardly any programs installed on it. For some reason DHCP has NOT been installed/enabled, as there is no msc for it in the admin tools. Here is the actual error decription:

Source: Netlogon
Event ID: 5774

Registration of the DNS record '_kpasswd._tcp.cityname.companyname.com. 600 IN SRV 0 100 464 server.cityname.companyname.com.' failed with the following error:
DNS operation refused.  
0
evault
Asked:
evault
  • 4
  • 4
  • 3
1 Solution
 
grsteedCommented:
Have you seen this article

http://support.microsoft.com/?kbid=284963

Basically, it says that the Authoritative DNS server needs to be added to the list of DNS servers in the TCP/IP settings.

Cheers,

Gary
0
 
evaultAuthor Commented:
I have tried all of the articles referenced with no positve results. The error reimains in the event log. This is a windows 2000 server acting as a domain controller running AD, but not DHCP.
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
grsteedCommented:
Can you post the results of ipconfig /all?  And can you confirm the address of the DNS server?

Gary

0
 
Mohammed HamadaSenior IT ConsultantCommented:
SYMPTOMS
On a Windows 2000-based or Windows Server 2003-based domain controller that has Domain Name System (DNS) installed and integrated with Active Directory to allow secure dynamic updates, you may find that Event Viewer records the Netlogon error Event ID 5774 approximately every 70 seconds.
      Back to the top      
CAUSE
This behavior can occur when the DNS server that is authoritative for the Active Directory domain name is not listed on the DNS tab of the Advanced TCP/IP Settings dialog box.
      Back to the top      
RESOLUTION
To resolve this behavior, add the Internet Protocol (IP) address of the DNS server that is authoritative for the Active Directory domain name to the IP Protocol (TCP/IP) Properties, and then move it to the top of the list:


1.      On the desktop, right-click My Network Places, and then click Properties.      
2.      Right-click the appropriate connection object, and then click Properties.      
3.      Click Internet Protocol (TCP/IP), and then click Properties.      
4.      Click Advanced.      
5.      Click DNS.      
6.      Click Add, type the IP address of the DNS server in the DNS server box, and then click Add.      
7.      Click the arrows to move the IP address of the Active Directory DNS server to the top of the list.      
8.      Click OK in the open dialog boxes to close them and save the new settings.      
9.      Stop and then restart the Netlogon Service. The Event ID 5774 error messages should no longer occur.

Have you tried this ???? This is exactl error that you have, the only difference is that your log is generated every 5 mins..!
0
 
Mohammed HamadaSenior IT ConsultantCommented:
Try this also.. in the second link i posted.

Configure the Netlogon service to depend on the DNS service. This will cause the Netlogon service to start after the DNS service starts. To do this, run REGEDT32, and go to:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon
In the right pane, double-click the value DependOnService and add DNS to the next available blank line. Click OK
0
 
evaultAuthor Commented:
smoh10ly:

As I mentioned I tried every article and suggestion posted in this question; adding the ip address to the DNS tab of the advacned TCP/IP properties crashed the network. I did it exactly as described in the MS article you referenced.

I modified the registry at this location: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon and had to do it in hex because the registry entry did not have an option to modify in ASCII as did my windows 2003 server entry of the same location. After modifying the registry I restarted and received the same errs. Also I am not seeing this err every 5 minutes, I am seeing it every two hours.

To grsteed: Microsoft Windows 2000 [Version 5.00.2195]
(C) Copyright 1985-2000 Microsoft Corp.

C:\Documents and Settings\Administrator>ipconfig /all

Windows 2000 IP Configuration

        Host Name . . . . . . . . . . . . : server
        Primary DNS Suffix  . . . . . . . : city.company.com
        Node Type . . . . . . . . . . . . : Broadcast
        IP Routing Enabled. . . . . . . . : No
        WINS Proxy Enabled. . . . . . . . : No
        DNS Suffix Search List. . . . . . : city.company.com
                                            company.com

Ethernet adapter Local Area Connection:

        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : Intel(R) PRO/1000 XT Network Connect
ion
        Physical Address. . . . . . . . . : 00-06-5B-F2-B3-F9
        DHCP Enabled. . . . . . . . . . . : No
        IP Address. . . . . . . . . . . . : 192.168.254.2
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 192.168.254.254
        DNS Servers . . . . . . . . . . . : 64.xxx.172.26
                                            64.xxx.163.106

C:\Documents and Settings\Administrator>
0
 
evaultAuthor Commented:
grsteed: ipaddress of the DNS server is external, the domain controller is the internal IP Address as shown in the previous posting: 192.168.254.2. I did not set this up so I cannot tell you why things are set up the way they are.
0
 
evaultAuthor Commented:
to all: here is the actual error message as recorded by the event log: Event Type:      
Event Type:      Error
Event Source:      NETLOGON
Event Category:      None
Event ID:      5774
Date:            6/12/2006
Time:            10:49:21 AM
User:            N/A
Computer:      SERVER
Description:
Registration of the DNS record '_kpasswd._tcp.cityname.companyname.com. 600 IN SRV 0 100 464 server.cityname.companyname.com.' failed with the following error:
DNS operation refused.  
Data:
0000: 2d 23 00 00               -#..    

PRECEEDED BY:

Error
Event Source:      NETLOGON
Event Category:      None
Event ID:      5774
Date:            6/12/2006
Time:            10:49:21 AM
User:            N/A
Computer:      SERVER
Description:
Registration of the DNS record '_gc._tcp.cityname.companyname.com. 600 IN SRV 0 100 3268 server.cityname.companyname.com.' failed with the following error:
DNS operation refused.  
Data:
0000: 2d 23 00 00               -#..    

PRCEEDED BY

Event Type:      Error
Event Source:      NETLOGON
Event Category:      None
Event ID:      5774
Date:            6/12/2006
Time:            10:49:20 AM
User:            N/A
Computer:      SERVER
Description:
Registration of the DNS record '_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.cityname.companyname.com. 600 IN SRV 0 100 88 server.cityname.companyname.com.' failed with the following error:
DNS operation refused.  
Data:
0000: 2d 23 00 00               -#..    


PRECEEDED BY

Event Type:      Error
Event Source:      NETLOGON
Event Category:      None
Event ID:      5774
Date:            6/12/2006
Time:            10:49:20 AM
User:            N/A
Computer:      SERVER
Description:
Registration of the DNS record '28c47b56-bc73-412a-b4a0-29d6c65cb70d._msdcs.cityname.companyname.com. 600 IN CNAME server.cityname.companyname.com.' failed with the following error:
DNS operation refused.  
Data:
0000: 2d 23 00 00               -#..    

And it goes on for another 12 or so errs
0
 
grsteedCommented:
What do you mean by "crashed the network".  Did you lose network access by name AND IP?

What's probably happening is that your DNS Server(s) aren't configured with forwarders using the addresses above for DNS.

Normally DNS in a Domain environment is set up with everyone using the internal DNS server for the Domain, and that server is set up with forwarders to the external (your ISP's) DNS servers.

The error says "DNS operation refused" makes me wonder if there is a dynamic update or Zone transfer trying to go to the external DNS servers.


Hmmm just foud this link. It shows event 5744 and not 5774. I see that you made another comment while I was typing this one up that shows the Event ID as 5774. Maybe a typo on Microsoft's part. Anyway check out this link.

http://support.microsoft.com/default.aspx?scid=kb;en-us;316239

 
Also, here's some links for MS DNS server setup.

For Win2k
http://www.microsoft.com/windows2000/en/advanced/help/default.asp?url=/windows2000/en/advanced/help/sag_DNS_pro_ConfigServer.htm

For Win2k3

http://support.microsoft.com/default.aspx?scid=kb;en-us;814591

Cheers,

Gary
0
 
Mohammed HamadaSenior IT ConsultantCommented:
I have read this Ms article and it says that "One or more of the DC Locator DNS records are not registered in the DNS database"..

The crashes are probably happens due to the Services script which is used by AD for monitoring the DC locator..

Have alook Here at the Netlogon information..
http://www.microsoft.com/technet/prodtechnol/mom/mom2000/maintain/admptech/admptr05.mspx

Try disabling the Netlogon service and restart it to see if the DNS records will be registered after you enable it the second time, To see how to enable Netlogon see under "The Net Logon Service" in the following MS-KB:

http://support.microsoft.com/default.aspx?scid=kb;en-us;Q246804
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

  • 4
  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now