troubleshooting Question

NETLOGON errors, computers don't exist

Avatar of Metaltree
MetaltreeFlag for United States of America asked on
Active DirectoryWindows Server 2008
21 Comments2 Solutions3212 ViewsLast Modified:
Hello,

Active Directory in 2008 R2. vmware view is also on site with VDI's for thin clients.

I'm getting the following 3 errors respectively:

Log Name:      System
Source:        NETLOGON
Date:          12/20/2012 5:32:10 PM
Event ID:      5807
Task Category: None
Level:         Warning
Keywords:      Classic
User:          N/A
Computer:      computer.domain.local
Description:
During the past 4.12 hours there have been 3 connections to this Domain Controller from client machines whose IP addresses don't map to any of the existing sites in the enterprise. Those clients, therefore, have undefined sites and may connect to any Domain Controller including those that are in far distant locations from the clients. A client's site is determined by the mapping of its subnet to one of the existing sites. To move the above clients to one of the sites, please consider creating subnet object(s) covering the above IP addresses with mapping to one of the existing sites.  The names and IP addresses of the clients in question have been logged on this computer in the following log file '%SystemRoot%\debug\netlogon.log' and, potentially, in the log file '%SystemRoot%\debug\netlogon.bak' created if the former log becomes full. The log(s) may contain additional unrelated debugging information. To filter out the needed information, please search for lines which contain text 'NO_CLIENT_SITE:'. The first word after this string is the client name and the second word is the client IP address. The maximum size of the log(s) is controlled by the following registry DWORD value 'HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters\LogFileMaxSize'; the default is 20000000 bytes.  The current maximum size is 20000000 bytes.  To set a different maximum size, create the above registry value and set the desired maximum size in bytes.

Log Name:      System
Source:        NETLOGON
Date:          12/20/2012 5:39:06 PM
Event ID:      5723
Task Category: None
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      computer.domain.local
Description:
The session setup from computer 'VDI-4' failed because the security database does not contain a trust account 'VDI-4$' referenced by the specified computer.  

USER ACTION  
If this is the first occurrence of this event for the specified computer and account, this may be a transient issue that doesn't require any action at this time.  If this is a Read-Only Domain Controller and 'VDI-4$' is a legitimate machine account for the computer 'VDI-4' then 'VDI-4' should be marked cacheable for this location if appropriate or otherwise ensure connectivity to a domain controller  capable of servicing the request (for example a writable domain controller).  Otherwise, the following steps may be taken to resolve this problem:  

If 'VDI-4$' is a legitimate machine account for the computer 'VDI-4', then 'VDI-4' should be rejoined to the domain.  

If 'VDI-4$' is a legitimate interdomain trust account, then the trust should be recreated.  

Otherwise, assuming that 'VDI-4$' is not a legitimate account, the following action should be taken on 'VDI-4':  

If 'VDI-4' is a Domain Controller, then the trust associated with 'VDI-4$' should be deleted.  

If 'VDI-4' is not a Domain Controller, it should be disjoined from the domain.


Log Name:      System
Source:        NETLOGON
Date:          12/20/2012 8:46:03 PM
Event ID:      5805
Task Category: None
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      computer.domain.local
Description:
The session setup from the computer VDI-4 failed to authenticate. The following error occurred:
Access is denied.


The problem, is that these computers do not exist in Active Directory. I removed them from DNS, and they came back. What am I missing?
Join the community to see this answer!
Join our exclusive community to see this answer & millions of others.
Unlock 2 Answers and 21 Comments.
Join the Community
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 2 Answers and 21 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros