• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1891
  • Last Modified:

Netlogon event 5781 - SBS 2008 _msdcs zone

I'm currently troubleshooting a SBS 2008 box we have recently been asked to take a look at - there are a host of issues, and I'm tackling them one by one.

I can see that there are periodic NETLOGON event 5781 which state that dynamic registration or deletion of DNS records fail associated with DNS domain 'myserver.local'

Running dcdiag to look at this, the first error is;

Doing initial required tests

   
   Testing server: Default-First-Site-Name\SERVER01

      Starting test: Connectivity

         The host

         0149ac32-4364-4527-8af0-0f7b9560d82a._msdcs.mydomain.local could

         not be resolved to an IP address. Check the DNS server, DHCP, server

         name, etc.

         ......................... SERVER01 failed test Connectivity

In my DNS manager I have the following forward lookup zones;

mydomain.local
mail.mydomain.co.uk
remote.mydomain.co.uk

Underneath the first lookup zone, is the following;

mydomain.local
_msdcs
_sites
_tcp
_udp
DomainDnsZones
ForestDnsZones

However, comparing this with another sbs 2008 box, I can see that the forward lookup zones are as follows;

_msdcs.mydomain.local
mydomain.local
remote.mydomain.com

So I'm thinking I need to delete the delegated _msdcs entry and create a new zone labelled _msdcs.mydomain.local.

I'm seeking guidance, that this is the correct approach to take, and preferably some further advice as how to go about doing this.
0
foxpc123
Asked:
foxpc123
  • 6
  • 5
1 Solution
 
Glen KnightCommented:
First thing to do is run te Fix My Network wizard, see here for how: http://blogs.technet.com/b/sbs/archive/2008/11/26/introduction-to-the-fix-my-network-wizard-fncw.aspx

F that all looks OK, then check the TCP/IP properties of the server and make sure it has 127.0.0.1 under DNS and no other entries.

Then, in the DNS Console, right click on the forward lookup zone for the internal domain and select properties.  On the first screen make sure it says status is started and that secure and insecure updates are allowed.

Then restart the NETLOGON service and run DCDIAG /FIX

Please post the output.
0
 
foxpc123Author Commented:
I've ran the Fix My Network Wizard and corrected a couple of issues there - I have four issues left;

Primary gateway is not configured correctly
Network router was not found
DNS is using a DNS forwarder

Addressing each issue in turn;

I have only one NIC and the default gateway is addressed to the router - I've checked this and checked again and cannot see anything wrong here.

IPConfig all is as follows;

Windows IP Configuration

   Host Name . . . . . . . . . . . . : SERVER01
   Primary Dns Suffix  . . . . . . . : mydomain.local
   Node Type . . . . . . . . . . . . : Broadcast
   IP Routing Enabled. . . . . . . . : Yes
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : mydomain.local

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet
   Physical Address. . . . . . . . . : 00-19-99-41-5F-94
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::6dba:a8be:5213:35b5%10(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.2(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.1.1
   DNS Servers . . . . . . . . . . . : 192.168.1.2
   Primary WINS Server . . . . . . . : 192.168.1.2
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 8:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.{2E08175D-DF7F-4BFB-8FE7-A81DE0701
988}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Network router was not found - strange one this as all is pointing at the router - it's possible that this had been changed in the past perhaps

DNS is using a forwarder by design - so can choose to ignore this.

Looking at the TCp/IP properties for the network connection this is set to the server IP address 192.168.1.2 in both the DNS address and also under the DNS tab itself specifically.

Are you saying that this shouldbe changed to 127.0.0.1 in both placves, have always set this to be the IP address of the SBS box itself before.
0
 
foxpc123Author Commented:
Have changed DNS entries to be 127.0.0.1 and restarted NETLOGON and ran dcdiag /fix here are the results;

Directory Server Diagnosis


Performing initial setup:

   Trying to find home server...

   Home Server = SERVER01

   * Identified AD Forest.
   Done gathering initial info.


Doing initial required tests

   
   Testing server: Default-First-Site-Name\SERVER01

      Starting test: Connectivity

         The host

         0149ac32-4364-4527-8af0-0f7b9560d82a._msdcs.mydomain.local could

         not be resolved to an IP address. Check the DNS server, DHCP, server

         name, etc.

         ......................... SERVER01 failed test Connectivity

0
Protect Your Employees from Wi-Fi Threats

As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!

 
Glen KnightCommented:
Did you check the DNS update settings on the properties of the server?
0
 
Glen KnightCommented:
I would then delete the zones (forward lookup and _msdcs) and recreate the forward lookup zone.  Making sure it's an AD integrated zone and then go back and confirm the updates setting is secure and non secure, restart NETLOGON again and run DCDIAG /FIX what do you get back?

Also checkout this previous question: http://www.experts-exchange.com/Networking/Protocols/DNS/Q_24349599.html
0
 
foxpc123Author Commented:
Did these steps and also reloaded the zone which populated it o.k. I'm assuming I'll need to recreate CNAME records for companyweb, connect, Sahepoint etc. -

The dcdiag tests now passes connectivity (so _msdcs is now set-up correctly), however, I now have some other errors as well;


Directory Server Diagnosis


Performing initial setup:

   Trying to find home server...

   Home Server = SERVER01

   * Identified AD Forest.
   Done gathering initial info.


Doing initial required tests

   
   Testing server: Default-First-Site-Name\SERVER01

      Starting test: Connectivity

         ......................... SERVER01 passed test Connectivity



Doing primary tests

   
   Testing server: Default-First-Site-Name\SERVER01

      Starting test: Advertising

         ......................... SERVER01 passed test Advertising

      Starting test: FrsEvent

         ......................... SERVER01 passed test FrsEvent

      Starting test: DFSREvent

         ......................... SERVER01 passed test DFSREvent

      Starting test: SysVolCheck

         ......................... SERVER01 passed test SysVolCheck

      Starting test: KccEvent

         ......................... SERVER01 passed test KccEvent

      Starting test: KnowsOfRoleHolders

         ......................... SERVER01 passed test KnowsOfRoleHolders

      Starting test: MachineAccount

         ......................... SERVER01 passed test MachineAccount

      Starting test: NCSecDesc

         ......................... SERVER01 passed test NCSecDesc

      Starting test: NetLogons

         [SERVER01] User credentials does not have permission to perform this

         operation.

         The account used for this test must have network logon privileges

         for this machine's domain.

         ......................... SERVER01 failed test NetLogons

      Starting test: ObjectsReplicated

         ......................... SERVER01 passed test ObjectsReplicated

      Starting test: Replications

         [Replications Check,SERVER01] DsReplicaGetInfo(PENDING_OPS, NULL)

         failed, error 0x2105 "Win32 Error 8453"

         ......................... SERVER01 failed test Replications
0
 
foxpc123Author Commented:
Please disregard above - needed to run the dcdiag as an elevated cmd promt
0
 
Glen KnightCommented:
Excellent, so now is all working?

Running the Fix My Network wizard should replace the CNAME records.
0
 
foxpc123Author Commented:
This now looks all o.k dcdiag /fix now passes all checks thanks for your help

0
 
Glen KnightCommented:
Excellent! Glad I could help!
0
 
foxpc123Author Commented:
Yes it did, thanks very much for your help - all CNAME records populated o.k. - thanks very much for your help.

I ahve another issue with a domain name error which I'll raise separately - thanks a lot once agian.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: SQL Server Core 2016

This course will introduce you to SQL Server Core 2016, as well as teach you about SSMS, data tools, installation, server configuration, using Management Studio, and writing and executing queries.

  • 6
  • 5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now