Event ID 5719. DNS is still searching for the old DC I retired

Hello,
 We've recently retired an old DC from an old network. Our current DC's were once communicating with this old one until our migration was complete. The old DC is now gone and I have deleted the forward lookup zone in DNS that was referring to it yet I still get the Event ID 5719 NETLOGON error of: This computer was not able to set up a secure session with a domain controller in domain (the old domain)...
Is there some other place where I need to clean up things?
Thanks,
B
bwinkworthAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Darius GhassemCommented:
Make sure you delete all DNS records for the demoted DC.

Run metada cleanup on AD to remove any lingering objects for this demoted DC.

http://www.petri.co.il/delete_failed_dcs_from_ad.htmv

Make sure you are not pointing to the DNS server anyomore.

Did you change domains? Or just added a DC then removed this DC?

You need to make sure that trusts are removed as well if you moved to a different domain.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
bwinkworthAuthor Commented:
We were running 2 domains together until the migration was complete. Then I just shut down the old DC on the old network and removed it from DNS. I have read the link you provided and checked all other locations of where it still may be residing but it seems to be gone. The old network was 192.168.x.x and our current network is 10.10.x.x. So both domains were actually running at the same time and talking to each other.
Thanks dariousg

B
0
Darius GhassemCommented:
You can't shutdown the system down you must demote(dcpromo) the server. This is what your problem is.
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

bwinkworthAuthor Commented:
Whoops. Ok the old dc no longer exists as it is now being used for something else and has been wiped. Ntdsutil did not report the server being there to remove.
0
Darius GhassemCommented:
Check again it is there if you didn't demote the server. Follow the instructions.
0
bwinkworthAuthor Commented:
I only have 2 DC's now on the 10.10.x.x network. The 1 (and only 1) DC that I killed was on the 192.168.x.x network. When I run the ntdsutil on either of the 2 existing DC's I get down in the instructions where I'm about to select the server to remove. The only 2 servers that show up are my DC01 and DC02 which are my 2 current DC's. I don't want to remove any of those. The old one does not show up to remove.
When I type 'list domains' it only shows my current domain. Within that domain it finds the 'default first name site'. I select that site and do a 'list servers in site' and only my 2 current DC's show up (DC01 & DC02). After that I type in which one I want to remove. I don't want to remove any of those so I'm stuck at this point.
Thanks d,
0
Darius GhassemCommented:
Alright then look over this and the links provided to check for next steps.

http://www.microsoft.com/technet/support/ee/transform.aspx?ProdName=Windows+Operating+System&ProdVer=5.2&EvtID=5719&EvtSrc=NetLogon&LCID=1033

What computer are you getting the Netlogon error on?
0
Darius GhassemCommented:
Check to make sure the servers or clients aren't pointing to the down DC for DNS.
0
bwinkworthAuthor Commented:
Ok I'll check out the link. Getting the error in the Event Viewer under System on both DC's (DC01 & DC02)
0
bwinkworthAuthor Commented:
It was the trust still in Active Directory Domains and Trusts from your first post. Thanks again for the help dariusq.

B
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows 2000

From novice to tech pro — start learning today.