• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 3036
  • Last Modified:

Netlogon event id 5719

Hi,

We are using Windows Server 2003 Doamin controllers. All the member servers are running on Windows 2000 and Windows 2003 OS. We are getting lot of  netlogon errors event id 5719 on the member servers. Please suggest me how to resolve this. I would like to know what is the root cause of this error.

The error is given as follows.
This computer was not able to set up a secure session with the domain controller in the domain "domain name".

Summary=MS eventlog alert: Log name System - source NETLOGON - event ID 5719 - descrition This computer was not able to set up a secure session with a domain controller in domain "Domain name" due to the following:  %%1311  This may lead to authentication problems.

The same error is coming for some doamin controllers also.

Please suggest me how to resolve this error. Thanks in advance.
0
gaddam01
Asked:
gaddam01
  • 3
  • 3
  • 2
  • +1
1 Solution
 
RaneeshIT SupportCommented:
please check your domain controllers pointing to itself as primary DNS?
0
 
gaddam01Author Commented:
Yes, all the domain controllers are pointing to themself as a primary DNS. What else need to be done to resolve this issue?
0
 
RaneeshIT SupportCommented:
read this link and give a try

http://support.microsoft.com/kb/247922
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

 
gaddam01Author Commented:
Thanks. This we had already done but still no luck.
0
 
RaneeshIT SupportCommented:
also could you please remove those giving error from domain and re-join?
0
 
gaddam01Author Commented:
Without rejoining is there any alternative solution that we can resolve the issue??
0
 
ashutoshsapreCommented:
Follow the steps below (You need to install the support tools first):

1).Download the klist tool
Windows 2000 Resource Kit Tool: Klist.exe

(This will require genuine windows check)

2). run NET STOP NETLOGON & NET STOP KDC

3).Install the tool and then browse to the directory from cmd and run

klist purge (or is it klist /purge)

4). REN C:\WINDOWS\SYSTEM32\CONFIG\NETLOGON.DNB C:\WINDOWS\SYSTEM32\CONFIG\NETLOGON.DNB.OLD

5). REN C:\WINDOWS\SYSTEM32\CONFIG\NETLOGON.DNS C:\WINDOWS\SYSTEM32\CONFIG\NETLOGON.DNS.OLD

6). NET START NETLOGON

7). NETDOM RESETPWD /server:YourOtherdomain-contoller /UserD:<administrator> /PasswordD:*

replace YourOtherdomain-contoller with name of any other domain controller preferably PDC.
replace <administrator> with the name of adminitrative privilege account

8). You will prompted to provide the password for the administrator account.

9). After the command finishes no need to start the KDC service now.. restart the server.. KDC will start at boot up.

0
 
ashutoshsapreCommented:
Hey sorry I forgot while typing the solution that this is for member serevrs, and I specified the steps for domain controller.
For member servers you can skip the command  NET STOP KDC
Also you can skip the klist step, but It wouldn't harm. Rest of the steps are same.
0
 
FemSteenkampCommented:
make sure that times are properly in sync between Dc's and servers ( verify the timezones etc)
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

  • 3
  • 3
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now