Event ID 5719. DNS is still searching for the old DC I retired

Hello,
 We've recently retired an old DC from an old network. Our current DC's were once communicating with this old one until our migration was complete. The old DC is now gone and I have deleted the forward lookup zone in DNS that was referring to it yet I still get the Event ID 5719 NETLOGON error of: This computer was not able to set up a secure session with a domain controller in domain (the old domain)...
Is there some other place where I need to clean up things?
Thanks,
B
bwinkworthAsked:
Who is Participating?
 
Darius GhassemConnect With a Mentor Commented:
Make sure you delete all DNS records for the demoted DC.

Run metada cleanup on AD to remove any lingering objects for this demoted DC.

http://www.petri.co.il/delete_failed_dcs_from_ad.htmv

Make sure you are not pointing to the DNS server anyomore.

Did you change domains? Or just added a DC then removed this DC?

You need to make sure that trusts are removed as well if you moved to a different domain.
0
 
bwinkworthAuthor Commented:
We were running 2 domains together until the migration was complete. Then I just shut down the old DC on the old network and removed it from DNS. I have read the link you provided and checked all other locations of where it still may be residing but it seems to be gone. The old network was 192.168.x.x and our current network is 10.10.x.x. So both domains were actually running at the same time and talking to each other.
Thanks dariousg

B
0
 
Darius GhassemCommented:
You can't shutdown the system down you must demote(dcpromo) the server. This is what your problem is.
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

 
bwinkworthAuthor Commented:
Whoops. Ok the old dc no longer exists as it is now being used for something else and has been wiped. Ntdsutil did not report the server being there to remove.
0
 
Darius GhassemCommented:
Check again it is there if you didn't demote the server. Follow the instructions.
0
 
bwinkworthAuthor Commented:
I only have 2 DC's now on the 10.10.x.x network. The 1 (and only 1) DC that I killed was on the 192.168.x.x network. When I run the ntdsutil on either of the 2 existing DC's I get down in the instructions where I'm about to select the server to remove. The only 2 servers that show up are my DC01 and DC02 which are my 2 current DC's. I don't want to remove any of those. The old one does not show up to remove.
When I type 'list domains' it only shows my current domain. Within that domain it finds the 'default first name site'. I select that site and do a 'list servers in site' and only my 2 current DC's show up (DC01 & DC02). After that I type in which one I want to remove. I don't want to remove any of those so I'm stuck at this point.
Thanks d,
0
 
Darius GhassemCommented:
Alright then look over this and the links provided to check for next steps.

http://www.microsoft.com/technet/support/ee/transform.aspx?ProdName=Windows+Operating+System&ProdVer=5.2&EvtID=5719&EvtSrc=NetLogon&LCID=1033

What computer are you getting the Netlogon error on?
0
 
Darius GhassemCommented:
Check to make sure the servers or clients aren't pointing to the down DC for DNS.
0
 
bwinkworthAuthor Commented:
Ok I'll check out the link. Getting the error in the Event Viewer under System on both DC's (DC01 & DC02)
0
 
bwinkworthAuthor Commented:
It was the trust still in Active Directory Domains and Trusts from your first post. Thanks again for the help dariusq.

B
0
All Courses

From novice to tech pro — start learning today.