Link to home
Start Free TrialLog in
Avatar of PCWoes
PCWoes

asked on

Netlogon event id error 5774

I'm getting the error 5774 repeatedly on our small office server 2008 RC1? Heres what the error reports:

The dynamic registration of the DNS record '56d6e28d-7c88-4144-b7c7-bac96dcefc47._msdcs.example.com. 600 IN CNAME Server1.example.com.' failed on the following DNS server:  

DNS server IP address: ::
Returned Response Code (RCODE): 0
Returned Status Code: 0  

For computers and users to locate this domain controller, this record must be registered in DNS.  

USER ACTION  
Determine what might have caused this failure, resolve the problem, and initiate registration of the DNS records by the domain controller. To determine what might have caused this failure, run DCDiag.exe. To learn more about DCDiag.exe, see Help and Support Center. To initiate registration of the DNS records by this domain  controller, run 'nltest.exe /dsregdns' from the command prompt on the domain controller or restart Net Logon service.
  Or, you can manually add this record to DNS, but it is not recommended.  

ADDITIONAL DATA
Error Value: DNS name does not exist.

This is causing a SQL app to not function correctly until I restart the Netlogon service? I have the TCP/IP pointing to the server IP for DNS. I'm also using the ISP IP as secondary.
Avatar of PCWoes
PCWoes

ASKER

These are TCP/IP screenshots attached.

User generated image
User generated image
How many DC's are in the domain?

Can you run this command and post results(results will be in the txt file, attach here thanks)

dcdiag /test:dns > dns.txt

Also run dcdiag on its own
dcdiag > dc.txt

Note the txt file will reside in the folder this command is run from which normally is c:\docs&settings\Administrator
Avatar of PCWoes

ASKER

Only 1 DC...

Here are the files as requested:
dc.txt
Avatar of PCWoes

ASKER

and:
dns.txt
Avatar of PCWoes

ASKER

I just removed the secondary DNS and now have this:
dns2.txt
Avatar of PCWoes

ASKER

Obviously this isn't good configuration...what is best solution?
Are you allowing Dynamic Updates on your DNS zone?

Having the original 205.171 IP as a secondary is wrong yes, normally you enter these details into the Forwarders tab on the DNS properties(Admin Tools - DNS, right click server name and select properties - check the forwarders tab for these entries)

Go into DNS in Admin Tools again
Go into Forward Lookup Zone
Right click on each zone - check that 'Dynamic Updates' are allowed - normally set to Secure Only

The record '56d6e28d-7c88-4144-b7c7-bac96dcefc47._msdcs.kcassociates.com' that it is saying hasn't a valid record - this will be in the _msdcs.kcassociates.com zone - check that it is pointing to the server name(i.e. its a CNAME record that should point to server1.kcassociate.com

Also check in the main forward lookup zone 'kcassociates.com' - what IP is listed in there for server1?

Is this a new server build? Or what was the last thing done before these issues started?
Avatar of PCWoes

ASKER

Yes...it is relatively a new build...all looks good except I'm not sure where to check that CNAME as described...on properties of the msdcs zone server1.kcassociates.com is listed as name server. I also see that each zone has an option after right click to Alias (CNAME) option which is blank in both zones? I dbl clk server1 in kcassociates.com main forward and I see the 192.168.1.150 which is correct? I guess I need to be sure about the CNAME? Otherwise it looks right? Dynamic Updates are allowed with Secure Only!

Thanks for walking through this with me...I got alarmed buit now feel better...just have to get the dcdiag to test correctly.

The build has been OK up until the new SQL requirements...it's a printer application that bills per sheet on each workstation and the SQL database is on the server of course. I have to restart NETLOGON service to get to work on each workstation. I'm assuming it's because of the errors the server is having now? After I restart the server all functions until this error pops up?
You check the CNAME in the zone itself(not right clicking, left click on zone name and in the main window will show the records for the zone)

See attached example of the msdcs zone and the main zone, can you check you have matching records on your end like my examples?(Obviously names and IP's will be different, but basic structure should look similar)
msdcs-zone.jpg
main-zone.jpg
Avatar of PCWoes

ASKER

Here's what I have...
msdcs.JPG
kcassociates.JPG
Right, but I don't see an A record in the main zone for

server1.kcassociate.com? There should be an A(host) record as well as what you have shown?
Is it present?
Avatar of PCWoes

ASKER

This is the full screen...
kcassociates2.JPG
Yes, its missing...you need to create an A record(host record) for server1

Right click in the zone, New Host (A or AAAA) record
Enter server1 as the name
Enter its IP as 192.168.1.150
Click ok to create...

This will take care of the issue I think, if not you may need to restart either the Netlogon service again, or just do a restart of the server...

Not sure why that record is missing though...
Avatar of PCWoes

ASKER

I'll try later now...the shift is coming in to work...thanks so much...I'm going to add the host record in the kcassocites zone, correct?
Correct...
Avatar of PCWoes

ASKER

trying a quick reboot...the netlogon restrated and then alarmed out...:(
Avatar of PCWoes

ASKER

Still have the alarm for Netlogon...I'll be back later to address this further ???
You mean NETLOGON won't start? When you say 'alarm' what do you mean exactly?

Can you verify that the host record has not been removed from the zone after the reboot?

Also if you run the same commands again(dcdiag tests) are they reporting the same errors?
Avatar of PCWoes

ASKER

Netlogon event id error 5774 repeatedly...I'm back for lunch and canj .log in now...

This is the event:

The dynamic registration of the DNS record '56d6e28d-7c88-4144-b7c7-bac96dcefc47._msdcs.kcassociates.com. 600 IN CNAME Server1.kcassociates.com.' failed on the following DNS server:  

DNS server IP address: ::
Returned Response Code (RCODE): 0
Returned Status Code: 0  

For computers and users to locate this domain controller, this record must be registered in DNS.  

USER ACTION  
Determine what might have caused this failure, resolve the problem, and initiate registration of the DNS records by the domain controller. To determine what might have caused this failure, run DCDiag.exe. To learn more about DCDiag.exe, see Help and Support Center. To initiate registration of the DNS records by this domain  controller, run 'nltest.exe /dsregdns' from the command prompt on the domain controller or restart Net Logon service.
  Or, you can manually add this record to DNS, but it is not recommended.  

ADDITIONAL DATA
Error Value: DNS name does not exist.
hostname.JPG
Avatar of PCWoes

ASKER

Here's the dcdiag again after everything:


Directory Server Diagnosis


Performing initial setup:

   Trying to find home server...

   Home Server = Server1

   * Identified AD Forest.
   Done gathering initial info.


Doing initial required tests

   
   Testing server: Default-First-Site-Name\SERVER1

      Starting test: Connectivity

         The host 56d6e28d-7c88-4144-b7c7-bac96dcefc47._msdcs.kcassociates.com

         could not be resolved to an IP address. Check the DNS server, DHCP,

         server name, etc.

         Got error while checking LDAP and RPC connectivity. Please check your

         firewall settings.

         ......................... SERVER1 failed test Connectivity



Doing primary tests

   
   Testing server: Default-First-Site-Name\SERVER1

   
      Starting test: DNS

         

         DNS Tests are running and not hung. Please wait a few minutes...

         ......................... SERVER1 passed test DNS

   
   Running partition tests on : ForestDnsZones

   
   Running partition tests on : DomainDnsZones

   
   Running partition tests on : Schema

   
   Running partition tests on : Configuration

   
   Running partition tests on : kcassociates

   
   Running enterprise tests on : kcassociates.com

      Starting test: DNS

         Test results for domain controllers:

           
            DC: Server1.kcassociates.com

            Domain: kcassociates.com

           

                 
               TEST: Basic (Basc)
                  Error: No LDAP connectivity
                  Warning: adapter

                  [00000007] Intel(R) 82567LM-3 Gigabit Network Connection has

                  invalid DNS server: 192.168.1.150 (server1.kcassociates.com.)

                  Error: all DNS servers are invalid

                  No host records (A or AAAA) were found for this DC

                 
               TEST: Delegations (Del)
                  Error: DNS server: server1.kcassociates.com. IP:192.168.1.150

                  [Broken delegated domain _msdcs.kcassociates.com.]

                 
               TEST: Dynamic update (Dyn)
                  Warning: Failed to add the test record dcdiag-test-record in zone kcassociates.com
               
            TEST: Records registration (RReg)
               Error: Record registrations cannot be found for all the network

               adapters

         
         Summary of test results for DNS servers used by the above domain

         controllers:

         

            DNS server: 192.168.1.150 (server1.kcassociates.com.)

               2 test failure on this DNS server

               Name resolution is not functional. _ldap._tcp.kcassociates.com. failed on the DNS server 192.168.1.150
               
         Summary of DNS test results:

         
                                            Auth Basc Forw Del  Dyn  RReg Ext
            _________________________________________________________________
            Domain: kcassociates.com

               Server1                      PASS FAIL PASS FAIL WARN FAIL n/a  
         
         ......................... kcassociates.com failed test DNS
Avatar of PCWoes

ASKER

This has escalated to an urgent request...I hope you're available?

Should I not have the DNS configured on the adapter itself? Always did as a workgroup fileserver?
Yes you should, haven't you created the A host record yet?

Ok you should have the DNS server set as 192.168.1.150 in the properties of your network card as you showed in your first screenshot in this post(but no second DNS server)

Once you've confirmed that can you also run this command

ipconfig /registerdns

Then in your DNS records the record should appear...
Avatar of PCWoes

ASKER

I did create the host record and then rebooted? I do have the DNS on the adapter set to 192.168.1.150...should I do host name again or do the ipconfig /registerdns?
Do the ipconfig /registerdns command now

Then check the DNS record has appeared in DNS Manager

If not then something is wrong, its not automatically registering the record for the server

If after the command nothing appears in your kcassociates.com zone in DNS, create the record again manually...this time don't reboot...

Once you've created the record, run dcdiag again, like so...

dcdiag > dc.txt

Attach results here again...
Avatar of PCWoes

ASKER

new screenshot:
hostname4.JPG
Sorry back up a bit...what is the name of your DC?
Avatar of PCWoes

ASKER

It's the same so I'll try the host name again now...
Hold on, I see a folder called 'server1' in your screenshot - this isn't correct

I want you to create a HOST RECORD, not a folder - not sure why that folder is in there...

To create a host record you right click in the white space on that screen, you should see an option called 'New Host (A or AAAA)'

Can you not see that option?
Avatar of PCWoes

ASKER

Computer Name: Server1
Full Compuiter Name: server1.kcassociates.com
Domain: kcassociates.com
Avatar of PCWoes

ASKER

I did click in the white space and create the host name? Should I delete the server1 folder?
Avatar of PCWoes

ASKER

That server1 folder has been in all screenshots? should I delete and create host name again?
Avatar of PCWoes

ASKER

and yes I do see 'New Host (A or AAAA)'
Yes, i don't know where that folder came from, it should'nt be there...

Also I still can't see your HOST record for the server1

This is what a hostname should look like(see attached)
My server hostname is - win-t2ioui...see that record?
Your end should look the same
main-zone.jpg
You create a 'New Domain' to create that folder - that is wrong, delete that folder yes
Avatar of PCWoes

ASKER

Yep...see it...will try again? Delete and new host name...
Avatar of PCWoes

ASKER

OK...it is there at end now !! What's next step? I don't know how I created folder? So many tries dizzy I think...seriously...next step?
ASKER CERTIFIED SOLUTION
Avatar of Shane McKeown
Shane McKeown
Flag of Ireland image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of PCWoes

ASKER

dcdiag > dc.txt?
dcdiag /test:dns>dns.txt?
ipconfig /registerdns ?
Avatar of PCWoes

ASKER

Enter IP where?
Avatar of PCWoes

ASKER

Never mind...did that! (IP)
Avatar of PCWoes

ASKER

dcdiag has passed all tests !!! You did it...how the folder got created I truly don't know...now I'll see if Netlogon is resolved...I hope so !!! Thanks for sticking with me... :o)
Good to hear, should be in good shape once dcdiag passes...no bother.
Avatar of PCWoes

ASKER

how could the host name have never been setup if this has been working?
It couldn't, it had to be there at some point, but its easy to delete as you can imagine - anyone else have access to the server?
Avatar of PCWoes

ASKER

smckeown777 was nothing short of awesome helping me with this...a novice in a true IT professional setup I was and he got me through it...just outstanding support !!!
Many thanks...glad to help ;)
Avatar of PCWoes

ASKER

Yes...1 actually and that has always scared me...especially with the SQL setups being done now...blows me away though that record was gone...odd place for anyone to be poking around.