How can I resolve netlogon worning event 5781?

aldahan
aldahan used Ask the Experts™
on
I have netlogon worning event 5781 with with three discription which are:
1:
Dynamic registration or deletion of one or more DNS records associated with DNS domain 'DomainDnsZones.aldahanco.com.' failed.  These records are used by other computers to locate this server as a domain controller (if the specified domain is an Active Directory domain) or as an LDAP server (if the specified domain is an application partition).  

Possible causes of failure include:  
- TCP/IP properties of the network connections of this computer contain wrong IP address(es) of the preferred and alternate DNS servers
- Specified preferred and alternate DNS servers are not running
- DNS server(s) primary for the records to be registered is not running
- Preferred or alternate DNS servers are configured with wrong root hints
- Parent DNS zone contains incorrect delegation to the child zone authoritative for the DNS records that failed registration  




2:
Dynamic registration or deletion of one or more DNS records associated with DNS domain 'ForestDnsZones.aldahanco.com.' failed.  These records are used by other computers to locate this server as a domain controller (if the specified domain is an Active Directory domain) or as an LDAP server (if the specified domain is an application partition).  

Possible causes of failure include:  
- TCP/IP properties of the network connections of this computer contain wrong IP address(es) of the preferred and alternate DNS servers
- Specified preferred and alternate DNS servers are not running
- DNS server(s) primary for the records to be registered is not running
- Preferred or alternate DNS servers are configured with wrong root hints
- Parent DNS zone contains incorrect delegation to the child zone authoritative for the DNS records that failed registration  

USER ACTION  
Fix possible misconfiguration(s) specified above and initiate registration or deletion of the DNS records by running 'nltest.exe /dsregdns' from the command prompt on the domain controller or by restarting Net Logon service on the domain controller.



3:
Dynamic registration or deletion of one or more DNS records associated with DNS domain 'aldahanco.com.' failed.  These records are used by other computers to locate this server as a domain controller (if the specified domain is an Active Directory domain) or as an LDAP server (if the specified domain is an application partition).  

Possible causes of failure include:  
- TCP/IP properties of the network connections of this computer contain wrong IP address(es) of the preferred and alternate DNS servers
- Specified preferred and alternate DNS servers are not running
- DNS server(s) primary for the records to be registered is not running
- Preferred or alternate DNS servers are configured with wrong root hints
- Parent DNS zone contains incorrect delegation to the child zone authoritative for the DNS records that failed registration  

USER ACTION  
Fix possible misconfiguration(s) specified above and initiate registration or deletion of the DNS records by running 'nltest.exe /dsregdns' from the command prompt on the domain controller or by restarting Net Logon service on the domain controller.



I had 2 DC before, when I have moved every thing to one of them and turn of the second these worning appear and I cannot log new computers to the domain.
How can I solve this problem?
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Naga Bhanu Kiran KotaCloud Architecture Manager

Commented:
hi,

the possible reason might that the machines are still trying to connect to the old DC. follow this on one of the computer that is not working and check if the same fixes the issue.

http://support.microsoft.com/kb/311354

check this MS article to get this working

http://support.microsoft.com/kb/259277

if the warnings persist revert back

bhanu

Author

Commented:
I have done both but still I have the worning.
Naga Bhanu Kiran KotaCloud Architecture Manager

Commented:
flush the DNS settings on the workstations and then try and check on the DNS server if the old server entries are deleted.

bhanu
Why Diversity in Tech Matters

Kesha Williams, certified professional and software developer, explores the imbalance of diversity in the world of technology -- especially when it comes to hiring women. She showcases ways she's making a difference through the Colors of STEM program.

Top Expert 2012

Commented:
Go through DNS look for any SRV, A, or NS records that exist for the old DC then if you find any delete them. Do metadata cleanup. Also, do a dcdiag and post results.

http://www.petri.co.il/delete_failed_dcs_from_ad.htm

Author

Commented:
attached dcdiag
DCDIAG.JPG
Naga Bhanu Kiran KotaCloud Architecture Manager

Commented:
hi,

seems you have ipv6 enabled on the windows 2008 box, and it is trying to resolve to the IPv6 address of the DC.please disable ipv6 and then try to run dcdiag.

refer to this article and also make the registry changes.

http://support.microsoft.com/kb/929852


bhanu

Author

Commented:
even after disabling ipv6 and restarting the server, still the worning is there.
Naga Bhanu Kiran KotaCloud Architecture Manager

Commented:
pls confirm if you have made the recommended changes as per the ms article.

try running the dcdiag and confirm if the results are the same as posted earlier. Stop the netlogon service and restart the service and flush the dns cache and then run a dcdiag if it tries to resolve the dc with the ipv4 then we are going in the right direction.

bhanu

Author

Commented:
I have used the value 0xffffffff.
I have done that but still dcdiag not changed.

Author

Commented:
there is no change in the output but I takes time to complete dcdiag.

Author

Commented:
note that in forward lookup zone _msdcs when I double click same as parent then click edit button I found the DC name and its IP address with a note in validate which is:
The server with this IP address is not authoritative for the required zone.
Top Expert 2012

Commented:
Can you expand  the DNS zone then do a screen shot and post.

Author

Commented:
attached DNS zone screen shot
zone.JPG
Naga Bhanu Kiran KotaCloud Architecture Manager

Commented:
hi,

check this article and if the 192.168.10.2 is the right dns server then set it to authoritative for the zone

http://technet.microsoft.com/en-us/library/cc735720.aspx

bhanu

Author

Commented:
it is the DNS server, and it is set to the start of athority tap. But there is not transfer zone.
Naga Bhanu Kiran KotaCloud Architecture Manager

Commented:
please go ahead and restart the DNS service confirm if you have created a AD integrated DNS zone.


Author

Commented:
I have not do any change to restart the DNS service. what changes do i have to do?
Naga Bhanu Kiran KotaCloud Architecture Manager

Commented:
hi,

confirm if your DNS is set to listen only on the ipv4 address.

check the screen shot.

if not then set it to use only the IPV4 address.



dns-win20081.JPG

Author

Commented:
it was all IP addresses but in the list there is only one. I change it to be only the 192.168.10.2

Author

Commented:
after restart, still the worning is there.
Top Expert 2012
Commented:
Your msdcs folder is delegated which in your environment it shoudn't be. You can remove the delegation or just delete the zone msdcs zone and the domain.com zone then recreate them.

Author

Commented:
how can I delete the zone and recreate them? Is there any effect on the domain logins while doing that?
Top Expert 2012

Commented:
Right-click then delete. Once you have them deleted then you right-click the create a new zone with the correct domain.com which will put the msdcs folder under then zone.

Author

Commented:
after I delete the zone and create it, I found the errors attached using dcdiag
zone.JPG
Top Expert 2012

Commented:
Those could be old errors in the logs. Can  you expand your zone and post a screenshot again
Naga Bhanu Kiran KotaCloud Architecture Manager

Commented:
hi aldahan,

please confirm if you have restarted ur DNS services and also confirm if your DNS entries are identical to the screen shot i have posted.

seems that it is not able to identify the DNS server.

flus the DNS cache and then try

bhanu

Author

Commented:
screen shot
zone.JPG
Top Expert 2012

Commented:
The zone looks correct now. Run a netdiag and copy it to a txt file then post it please. The errors in the above netdiag could be old errors.

Author

Commented:

Directory Server Diagnosis


Performing initial setup:

   Trying to find home server...

   Home Server = WIN2008

   * Identified AD Forest.
   Done gathering initial info.


Doing initial required tests

   
   Testing server: Default-First-Site-Name\WIN2008

      Starting test: Connectivity

         ......................... WIN2008 passed test Connectivity



Doing primary tests

   
   Testing server: Default-First-Site-Name\WIN2008

      Starting test: Advertising

         ......................... WIN2008 passed test Advertising

      Starting test: FrsEvent

         ......................... WIN2008 passed test FrsEvent

      Starting test: DFSREvent

         ......................... WIN2008 passed test DFSREvent

      Starting test: SysVolCheck

         ......................... WIN2008 passed test SysVolCheck

      Starting test: KccEvent

         ......................... WIN2008 passed test KccEvent

      Starting test: KnowsOfRoleHolders

         ......................... WIN2008 passed test KnowsOfRoleHolders

      Starting test: MachineAccount

         ......................... WIN2008 passed test MachineAccount

      Starting test: NCSecDesc

         Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have

            Replicating Directory Changes In Filtered Set
         access rights for the naming context:

         DC=ForestDnsZones,DC=aldahanco,DC=com
         Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have

            Replicating Directory Changes In Filtered Set
         access rights for the naming context:

         DC=DomainDnsZones,DC=aldahanco,DC=com
         ......................... WIN2008 failed test NCSecDesc

      Starting test: NetLogons

         ......................... WIN2008 passed test NetLogons

      Starting test: ObjectsReplicated

         ......................... WIN2008 passed test ObjectsReplicated

      Starting test: Replications

         ......................... WIN2008 passed test Replications

      Starting test: RidManager

         ......................... WIN2008 passed test RidManager

      Starting test: Services

         ......................... WIN2008 passed test Services

      Starting test: SystemLog

         ......................... WIN2008 passed test SystemLog

      Starting test: VerifyReferences

         ......................... WIN2008 passed test VerifyReferences

   
   
   Running partition tests on : ForestDnsZones

      Starting test: CheckSDRefDom

         ......................... ForestDnsZones passed test CheckSDRefDom

      Starting test: CrossRefValidation

         ......................... ForestDnsZones passed test

         CrossRefValidation

   
   Running partition tests on : DomainDnsZones

      Starting test: CheckSDRefDom

         ......................... DomainDnsZones passed test CheckSDRefDom

      Starting test: CrossRefValidation

         ......................... DomainDnsZones passed test

         CrossRefValidation

   
   Running partition tests on : Schema

      Starting test: CheckSDRefDom

         ......................... Schema passed test CheckSDRefDom

      Starting test: CrossRefValidation

         ......................... Schema passed test CrossRefValidation

   
   Running partition tests on : Configuration

      Starting test: CheckSDRefDom

         ......................... Configuration passed test CheckSDRefDom

      Starting test: CrossRefValidation

         ......................... Configuration passed test CrossRefValidation

   
   Running partition tests on : aldahanco

      Starting test: CheckSDRefDom

         ......................... aldahanco passed test CheckSDRefDom

      Starting test: CrossRefValidation

         ......................... aldahanco passed test CrossRefValidation

   
   Running enterprise tests on : aldahanco.com

      Starting test: LocatorCheck

         ......................... aldahanco.com passed test LocatorCheck

      Starting test: Intersite

         ......................... aldahanco.com passed test Intersite

Author

Commented:
dcdiag output
dc.txt
Top Expert 2012

Commented:
You need to resolve one issue that is in the dcdiag.

http://smtp25.blogspot.com/2008/08/replicating-directory-changes-in.html

Author

Commented:
still I have the same error in dcdiag.
Top Expert 2012

Commented:
That command should have fixed the issue. Did you get the same results?

Author

Commented:
not the same result. attached the result.
adprep.txt
Top Expert 2012

Commented:
Can you post this log?

C:\Windows\debug\adprep\logs\20090106122414

Author

Commented:
attached
ADPrep.log
Top Expert 2012

Commented:

Author

Commented:
I could not know which resolution I should use. can you help me?
Top Expert 2012

Commented:
Can you explain a little more what you need?

Author

Commented:
I cannot understand what should I by reading the artical.
Top Expert 2012

Commented:
What you want to do is copy the script then run the command with your domain to fix the issue.

Author

Commented:
after running the script and adprep again I have the result attached.
ADPrep.log
Top Expert 2012

Commented:
It looks like it ran successful.

Author

Commented:
thanks for help

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial