Solved

Event id 5807 Netlogon

Posted on 2011-09-07
4
5,294 Views
Last Modified: 2012-05-12
Hi guys hope you are all well and can assist.

We seem to be getting the following error a lot on our dcs..

System Log
Event ID: 5807
Source: NETLOGON
Type: Warning

During the past 4.25 hours there have been 522 connections to this Domain Controller from client machines whose IP addresses don't map to any of the existing sites in the enterprise. Those clients, therefore, have undefined sites and may connect to any Domain Controller including those that are in far distant locations from the clients. A client's site is determined by the mapping of its subnet to one of the existing sites. To move the above clients to one of the sites, please consider creating subnet object(s) covering the above IP addresses with mapping to one of the existing sites.  The names and IP addresses of the clients in question have been logged on this computer in the following log file '%SystemRoot%\debug\netlogon.log' and, potentially, in the log file '%SystemRoot%\debug\netlogon.bak' created if the former log becomes full. The log(s) may contain additional unrelated debugging information. To filter out the needed information, please search for lines which contain text 'NO_CLIENT_SITE:'. The first word after this string is the client name and the second word is the client IP address. The maximum size of the log(s) is controlled by the following registry DWORD value 'HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters\LogFileMaxSize'; the default is 20000000 bytes.  The current maximum size is 20000000 bytes.  To set a different maximum size, create the above registry value and set the desired maximum size in bytes.


Now, I have looked in the log:

'%SystemRoot%\debug\netlogon.log'

What I want to understand is are these machines attempting to logon to the domain, and as such, trying to contact a domain controller?

If they are remote machines that should not be trying to log on to the domain, then how can we stop them from trying?

Any help greatly appreciated.
0
Comment
Question by:Simon336697
  • 2
4 Comments
 
LVL 25

Accepted Solution

by:
Sekar Chinnakannu earned 250 total points
ID: 36500268
seems Clients that have IP addresses that do not map to any of the existing sites in the enterprise were connected to the specified domain controller.Map the client IP addresses to an existing site.

Try
1. Open Active Directory Sites and Services.
2. Expand Sites.
3. Right-click Subnets and press New Subnet.
4. Type the <Client IPaddress> into the Address box.
5. Type the subnet mask into the Mask box.
6. In the Site Name box, select the site object that contains the local domain controller and press OK.
7. Close Active Directory Sites and Services.

http://support.microsoft.com/kb/889031
0
 
LVL 1

Author Comment

by:Simon336697
ID: 36500441
Thanks for your kind help on this.
0
 
LVL 24

Assisted Solution

by:Sandeshdubey
Sandeshdubey earned 250 total points
ID: 36500472
Refer this link:http://support.microsoft.com/kb/889031 define the IP address of the client computer in the Subnets folder, and then map the IP address to the site that contains the local domain controller.

Note:The first thing that you need to know about Active Directory sites is that the sites themselves are a logical structure that mimics your network’s physical topology. Typically, each site will represent a well connected area of your network. Some administrators like to create a separate site for each network segment, but I tend to prefer to create sites based on connectivity speed. My rule of thumb is that there should be a site link for every WAN connector, and every part of your network that is separated from another part by a WAN link should be represented by a site.

0
 
LVL 1

Author Comment

by:Simon336697
ID: 36519983
Thanks guys to both of you.
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

[b]Ok so now I will show you how to add a user name to the description at login. [/b] First connect to your DC (Domain Controller / Active Directory Server) SET PERMISSIONS FOR SCRIPT TO UPDATE COMPUTER DESCRIPTION TO USERNAME 1. Open Active …
Resolve DNS query failed errors for Exchange
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

766 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question