PCWoes
asked on
Netlogon event id error 5774
I'm getting the error 5774 repeatedly on our small office server 2008 RC1? Heres what the error reports:
The dynamic registration of the DNS record '56d6e28d-7c88-4144-b7c7-b ac96dcefc4 7._msdcs.e xample.com . 600 IN CNAME Server1.example.com.' failed on the following DNS server:
DNS server IP address: ::
Returned Response Code (RCODE): 0
Returned Status Code: 0
For computers and users to locate this domain controller, this record must be registered in DNS.
USER ACTION
Determine what might have caused this failure, resolve the problem, and initiate registration of the DNS records by the domain controller. To determine what might have caused this failure, run DCDiag.exe. To learn more about DCDiag.exe, see Help and Support Center. To initiate registration of the DNS records by this domain controller, run 'nltest.exe /dsregdns' from the command prompt on the domain controller or restart Net Logon service.
Or, you can manually add this record to DNS, but it is not recommended.
ADDITIONAL DATA
Error Value: DNS name does not exist.
This is causing a SQL app to not function correctly until I restart the Netlogon service? I have the TCP/IP pointing to the server IP for DNS. I'm also using the ISP IP as secondary.
The dynamic registration of the DNS record '56d6e28d-7c88-4144-b7c7-b
DNS server IP address: ::
Returned Response Code (RCODE): 0
Returned Status Code: 0
For computers and users to locate this domain controller, this record must be registered in DNS.
USER ACTION
Determine what might have caused this failure, resolve the problem, and initiate registration of the DNS records by the domain controller. To determine what might have caused this failure, run DCDiag.exe. To learn more about DCDiag.exe, see Help and Support Center. To initiate registration of the DNS records by this domain controller, run 'nltest.exe /dsregdns' from the command prompt on the domain controller or restart Net Logon service.
Or, you can manually add this record to DNS, but it is not recommended.
ADDITIONAL DATA
Error Value: DNS name does not exist.
This is causing a SQL app to not function correctly until I restart the Netlogon service? I have the TCP/IP pointing to the server IP for DNS. I'm also using the ISP IP as secondary.
How many DC's are in the domain?
Can you run this command and post results(results will be in the txt file, attach here thanks)
dcdiag /test:dns > dns.txt
Also run dcdiag on its own
dcdiag > dc.txt
Note the txt file will reside in the folder this command is run from which normally is c:\docs&settings\Administr ator
Can you run this command and post results(results will be in the txt file, attach here thanks)
dcdiag /test:dns > dns.txt
Also run dcdiag on its own
dcdiag > dc.txt
Note the txt file will reside in the folder this command is run from which normally is c:\docs&settings\Administr
ASKER
ASKER
and:
dns.txt
dns.txt
ASKER
I just removed the secondary DNS and now have this:
dns2.txt
dns2.txt
ASKER
Obviously this isn't good configuration...what is best solution?
Are you allowing Dynamic Updates on your DNS zone?
Having the original 205.171 IP as a secondary is wrong yes, normally you enter these details into the Forwarders tab on the DNS properties(Admin Tools - DNS, right click server name and select properties - check the forwarders tab for these entries)
Go into DNS in Admin Tools again
Go into Forward Lookup Zone
Right click on each zone - check that 'Dynamic Updates' are allowed - normally set to Secure Only
The record '56d6e28d-7c88-4144-b7c7-b ac96dcefc4 7._msdcs.k cassociate s.com' that it is saying hasn't a valid record - this will be in the _msdcs.kcassociates.com zone - check that it is pointing to the server name(i.e. its a CNAME record that should point to server1.kcassociate.com
Also check in the main forward lookup zone 'kcassociates.com' - what IP is listed in there for server1?
Is this a new server build? Or what was the last thing done before these issues started?
Having the original 205.171 IP as a secondary is wrong yes, normally you enter these details into the Forwarders tab on the DNS properties(Admin Tools - DNS, right click server name and select properties - check the forwarders tab for these entries)
Go into DNS in Admin Tools again
Go into Forward Lookup Zone
Right click on each zone - check that 'Dynamic Updates' are allowed - normally set to Secure Only
The record '56d6e28d-7c88-4144-b7c7-b
Also check in the main forward lookup zone 'kcassociates.com' - what IP is listed in there for server1?
Is this a new server build? Or what was the last thing done before these issues started?
ASKER
Yes...it is relatively a new build...all looks good except I'm not sure where to check that CNAME as described...on properties of the msdcs zone server1.kcassociates.com is listed as name server. I also see that each zone has an option after right click to Alias (CNAME) option which is blank in both zones? I dbl clk server1 in kcassociates.com main forward and I see the 192.168.1.150 which is correct? I guess I need to be sure about the CNAME? Otherwise it looks right? Dynamic Updates are allowed with Secure Only!
Thanks for walking through this with me...I got alarmed buit now feel better...just have to get the dcdiag to test correctly.
The build has been OK up until the new SQL requirements...it's a printer application that bills per sheet on each workstation and the SQL database is on the server of course. I have to restart NETLOGON service to get to work on each workstation. I'm assuming it's because of the errors the server is having now? After I restart the server all functions until this error pops up?
Thanks for walking through this with me...I got alarmed buit now feel better...just have to get the dcdiag to test correctly.
The build has been OK up until the new SQL requirements...it's a printer application that bills per sheet on each workstation and the SQL database is on the server of course. I have to restart NETLOGON service to get to work on each workstation. I'm assuming it's because of the errors the server is having now? After I restart the server all functions until this error pops up?
You check the CNAME in the zone itself(not right clicking, left click on zone name and in the main window will show the records for the zone)
See attached example of the msdcs zone and the main zone, can you check you have matching records on your end like my examples?(Obviously names and IP's will be different, but basic structure should look similar)
msdcs-zone.jpg
main-zone.jpg
See attached example of the msdcs zone and the main zone, can you check you have matching records on your end like my examples?(Obviously names and IP's will be different, but basic structure should look similar)
msdcs-zone.jpg
main-zone.jpg
ASKER
Right, but I don't see an A record in the main zone for
server1.kcassociate.com? There should be an A(host) record as well as what you have shown?
Is it present?
server1.kcassociate.com? There should be an A(host) record as well as what you have shown?
Is it present?
ASKER
This is the full screen...
kcassociates2.JPG
kcassociates2.JPG
Yes, its missing...you need to create an A record(host record) for server1
Right click in the zone, New Host (A or AAAA) record
Enter server1 as the name
Enter its IP as 192.168.1.150
Click ok to create...
This will take care of the issue I think, if not you may need to restart either the Netlogon service again, or just do a restart of the server...
Not sure why that record is missing though...
Right click in the zone, New Host (A or AAAA) record
Enter server1 as the name
Enter its IP as 192.168.1.150
Click ok to create...
This will take care of the issue I think, if not you may need to restart either the Netlogon service again, or just do a restart of the server...
Not sure why that record is missing though...
ASKER
I'll try later now...the shift is coming in to work...thanks so much...I'm going to add the host record in the kcassocites zone, correct?
Correct...
ASKER
trying a quick reboot...the netlogon restrated and then alarmed out...:(
ASKER
Still have the alarm for Netlogon...I'll be back later to address this further ???
You mean NETLOGON won't start? When you say 'alarm' what do you mean exactly?
Can you verify that the host record has not been removed from the zone after the reboot?
Also if you run the same commands again(dcdiag tests) are they reporting the same errors?
Can you verify that the host record has not been removed from the zone after the reboot?
Also if you run the same commands again(dcdiag tests) are they reporting the same errors?
ASKER
Netlogon event id error 5774 repeatedly...I'm back for lunch and canj .log in now...
This is the event:
The dynamic registration of the DNS record '56d6e28d-7c88-4144-b7c7-b ac96dcefc4 7._msdcs.k cassociate s.com. 600 IN CNAME Server1.kcassociates.com.' failed on the following DNS server:
DNS server IP address: ::
Returned Response Code (RCODE): 0
Returned Status Code: 0
For computers and users to locate this domain controller, this record must be registered in DNS.
USER ACTION
Determine what might have caused this failure, resolve the problem, and initiate registration of the DNS records by the domain controller. To determine what might have caused this failure, run DCDiag.exe. To learn more about DCDiag.exe, see Help and Support Center. To initiate registration of the DNS records by this domain controller, run 'nltest.exe /dsregdns' from the command prompt on the domain controller or restart Net Logon service.
Or, you can manually add this record to DNS, but it is not recommended.
ADDITIONAL DATA
Error Value: DNS name does not exist.
hostname.JPG
This is the event:
The dynamic registration of the DNS record '56d6e28d-7c88-4144-b7c7-b
DNS server IP address: ::
Returned Response Code (RCODE): 0
Returned Status Code: 0
For computers and users to locate this domain controller, this record must be registered in DNS.
USER ACTION
Determine what might have caused this failure, resolve the problem, and initiate registration of the DNS records by the domain controller. To determine what might have caused this failure, run DCDiag.exe. To learn more about DCDiag.exe, see Help and Support Center. To initiate registration of the DNS records by this domain controller, run 'nltest.exe /dsregdns' from the command prompt on the domain controller or restart Net Logon service.
Or, you can manually add this record to DNS, but it is not recommended.
ADDITIONAL DATA
Error Value: DNS name does not exist.
hostname.JPG
ASKER
Here's the dcdiag again after everything:
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = Server1
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\SE RVER1
Starting test: Connectivity
The host 56d6e28d-7c88-4144-b7c7-ba c96dcefc47 ._msdcs.kc associates .com
could not be resolved to an IP address. Check the DNS server, DHCP,
server name, etc.
Got error while checking LDAP and RPC connectivity. Please check your
firewall settings.
......................... SERVER1 failed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\SE RVER1
Starting test: DNS
DNS Tests are running and not hung. Please wait a few minutes...
......................... SERVER1 passed test DNS
Running partition tests on : ForestDnsZones
Running partition tests on : DomainDnsZones
Running partition tests on : Schema
Running partition tests on : Configuration
Running partition tests on : kcassociates
Running enterprise tests on : kcassociates.com
Starting test: DNS
Test results for domain controllers:
DC: Server1.kcassociates.com
Domain: kcassociates.com
TEST: Basic (Basc)
Error: No LDAP connectivity
Warning: adapter
[00000007] Intel(R) 82567LM-3 Gigabit Network Connection has
invalid DNS server: 192.168.1.150 (server1.kcassociates.com. )
Error: all DNS servers are invalid
No host records (A or AAAA) were found for this DC
TEST: Delegations (Del)
Error: DNS server: server1.kcassociates.com. IP:192.168.1.150
[Broken delegated domain _msdcs.kcassociates.com.]
TEST: Dynamic update (Dyn)
Warning: Failed to add the test record dcdiag-test-record in zone kcassociates.com
TEST: Records registration (RReg)
Error: Record registrations cannot be found for all the network
adapters
Summary of test results for DNS servers used by the above domain
controllers:
DNS server: 192.168.1.150 (server1.kcassociates.com. )
2 test failure on this DNS server
Name resolution is not functional. _ldap._tcp.kcassociates.co m. failed on the DNS server 192.168.1.150
Summary of DNS test results:
Auth Basc Forw Del Dyn RReg Ext
__________________________ __________ __________ __________ _________
Domain: kcassociates.com
Server1 PASS FAIL PASS FAIL WARN FAIL n/a
......................... kcassociates.com failed test DNS
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = Server1
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\SE
Starting test: Connectivity
The host 56d6e28d-7c88-4144-b7c7-ba
could not be resolved to an IP address. Check the DNS server, DHCP,
server name, etc.
Got error while checking LDAP and RPC connectivity. Please check your
firewall settings.
......................... SERVER1 failed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\SE
Starting test: DNS
DNS Tests are running and not hung. Please wait a few minutes...
......................... SERVER1 passed test DNS
Running partition tests on : ForestDnsZones
Running partition tests on : DomainDnsZones
Running partition tests on : Schema
Running partition tests on : Configuration
Running partition tests on : kcassociates
Running enterprise tests on : kcassociates.com
Starting test: DNS
Test results for domain controllers:
DC: Server1.kcassociates.com
Domain: kcassociates.com
TEST: Basic (Basc)
Error: No LDAP connectivity
Warning: adapter
[00000007] Intel(R) 82567LM-3 Gigabit Network Connection has
invalid DNS server: 192.168.1.150 (server1.kcassociates.com.
Error: all DNS servers are invalid
No host records (A or AAAA) were found for this DC
TEST: Delegations (Del)
Error: DNS server: server1.kcassociates.com. IP:192.168.1.150
[Broken delegated domain _msdcs.kcassociates.com.]
TEST: Dynamic update (Dyn)
Warning: Failed to add the test record dcdiag-test-record in zone kcassociates.com
TEST: Records registration (RReg)
Error: Record registrations cannot be found for all the network
adapters
Summary of test results for DNS servers used by the above domain
controllers:
DNS server: 192.168.1.150 (server1.kcassociates.com.
2 test failure on this DNS server
Name resolution is not functional. _ldap._tcp.kcassociates.co
Summary of DNS test results:
Auth Basc Forw Del Dyn RReg Ext
__________________________
Domain: kcassociates.com
Server1 PASS FAIL PASS FAIL WARN FAIL n/a
......................... kcassociates.com failed test DNS
ASKER
This has escalated to an urgent request...I hope you're available?
Should I not have the DNS configured on the adapter itself? Always did as a workgroup fileserver?
Should I not have the DNS configured on the adapter itself? Always did as a workgroup fileserver?
Yes you should, haven't you created the A host record yet?
Ok you should have the DNS server set as 192.168.1.150 in the properties of your network card as you showed in your first screenshot in this post(but no second DNS server)
Once you've confirmed that can you also run this command
ipconfig /registerdns
Then in your DNS records the record should appear...
Ok you should have the DNS server set as 192.168.1.150 in the properties of your network card as you showed in your first screenshot in this post(but no second DNS server)
Once you've confirmed that can you also run this command
ipconfig /registerdns
Then in your DNS records the record should appear...
ASKER
I did create the host record and then rebooted? I do have the DNS on the adapter set to 192.168.1.150...should I do host name again or do the ipconfig /registerdns?
Do the ipconfig /registerdns command now
Then check the DNS record has appeared in DNS Manager
If not then something is wrong, its not automatically registering the record for the server
If after the command nothing appears in your kcassociates.com zone in DNS, create the record again manually...this time don't reboot...
Once you've created the record, run dcdiag again, like so...
dcdiag > dc.txt
Attach results here again...
Then check the DNS record has appeared in DNS Manager
If not then something is wrong, its not automatically registering the record for the server
If after the command nothing appears in your kcassociates.com zone in DNS, create the record again manually...this time don't reboot...
Once you've created the record, run dcdiag again, like so...
dcdiag > dc.txt
Attach results here again...
ASKER
new screenshot:
hostname4.JPG
hostname4.JPG
Sorry back up a bit...what is the name of your DC?
ASKER
It's the same so I'll try the host name again now...
Hold on, I see a folder called 'server1' in your screenshot - this isn't correct
I want you to create a HOST RECORD, not a folder - not sure why that folder is in there...
To create a host record you right click in the white space on that screen, you should see an option called 'New Host (A or AAAA)'
Can you not see that option?
I want you to create a HOST RECORD, not a folder - not sure why that folder is in there...
To create a host record you right click in the white space on that screen, you should see an option called 'New Host (A or AAAA)'
Can you not see that option?
ASKER
Computer Name: Server1
Full Compuiter Name: server1.kcassociates.com
Domain: kcassociates.com
Full Compuiter Name: server1.kcassociates.com
Domain: kcassociates.com
ASKER
I did click in the white space and create the host name? Should I delete the server1 folder?
ASKER
That server1 folder has been in all screenshots? should I delete and create host name again?
ASKER
and yes I do see 'New Host (A or AAAA)'
Yes, i don't know where that folder came from, it should'nt be there...
Also I still can't see your HOST record for the server1
This is what a hostname should look like(see attached)
My server hostname is - win-t2ioui...see that record?
Your end should look the same
main-zone.jpg
Also I still can't see your HOST record for the server1
This is what a hostname should look like(see attached)
My server hostname is - win-t2ioui...see that record?
Your end should look the same
main-zone.jpg
You create a 'New Domain' to create that folder - that is wrong, delete that folder yes
ASKER
Yep...see it...will try again? Delete and new host name...
ASKER
OK...it is there at end now !! What's next step? I don't know how I created folder? So many tries dizzy I think...seriously...next step?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
dcdiag > dc.txt?
dcdiag /test:dns>dns.txt?
ipconfig /registerdns ?
dcdiag /test:dns>dns.txt?
ipconfig /registerdns ?
ASKER
Enter IP where?
ASKER
Never mind...did that! (IP)
ASKER
dcdiag has passed all tests !!! You did it...how the folder got created I truly don't know...now I'll see if Netlogon is resolved...I hope so !!! Thanks for sticking with me... :o)
Good to hear, should be in good shape once dcdiag passes...no bother.
ASKER
how could the host name have never been setup if this has been working?
It couldn't, it had to be there at some point, but its easy to delete as you can imagine - anyone else have access to the server?
ASKER
smckeown777 was nothing short of awesome helping me with this...a novice in a true IT professional setup I was and he got me through it...just outstanding support !!!
Many thanks...glad to help ;)
ASKER
Yes...1 actually and that has always scared me...especially with the SQL setups being done now...blows me away though that record was gone...odd place for anyone to be poking around.
ASKER