Solved

Event 5782 DNS Record Failed, NETLOGON Error TCP/IP nertowrk protocol not installed

Posted on 2013-06-08
10
5,940 Views
Last Modified: 2013-06-11
We just added 2 new 2012 DCs with DNS and demoted the old 2003 DCs and DSN servers. We are now getting error NETLOGON 5782 every few hours which says "Dynamic registration or deregistration of one or more DNS records failed with the following error:
TCP/IP network protocol not installed."

Also some NETLOGON 5782 errors report "Dynamic registration or deregistration of one or more DNS records failed with the following error:
No DNS servers configured for local system."

As a side note the network icon on in the system tray on DC1 says there is no internet access.  However there is internet access and all DC functions seem to be working ok.

DC network configs are as follows:
DC1 (IP address 10.2.0.11)
DNS1 - 127.0.0.1
DNS2 - 10.2.0.12

DC2 - (IP address 10.2.0.12)
DNS1- 127.0.0.1
DNS2 - 10.2.0.11

Any help would be greatly appreciated!
0
Comment
Question by:Tonygret
  • 4
  • 2
  • 2
  • +2
10 Comments
 
LVL 20

Expert Comment

by:Radhakrishnan Rajayyan
Comment Utility
Hi,

You mentioned that you demoted 2 old DC's? have you performed the metadata cleanup against the old DC's? if already not done, please perform the metadata cleanup and remove the old DC entries completely.
0
 
LVL 9

Expert Comment

by:Zenvenky
Comment Utility
First thing first...howmany DCs are there in the domain now?

Is replication working fine, I'm sure it is not. However run repadmin /replsum and repadmin /showreps. Run DCDiag in verbose mode on all DCs to know exact error.

I would suggest you to remove 127 loop back adapter address and replace with DNS IP. Check this link fir better understanding.

DNS Best Practices


Note: Once you correct DNS settings restart DNS and Netlogon and clear DNS resolvers cache.
0
 

Author Comment

by:Tonygret
Comment Utility
I have a total of 2 DCSs now and replication is working OK. I have not run metadata cleanup, but I do not see any old entries for the old DCs. What is the procedure for metadata cleanup?  Also what is the prefered DNS entries, I have seen many conflicting answers to that question.  Thanks!

Here is a simple DC Diag Run:

Doing primary tests

   Testing server: Default-First-Site-Name\VISTA01
      Starting test: Advertising
         ......................... VISTA01 passed test Advertising
      Starting test: FrsEvent
         ......................... VISTA01 passed test FrsEvent
      Starting test: DFSREvent
         ......................... VISTA01 passed test DFSREvent
      Starting test: SysVolCheck
         ......................... VISTA01 passed test SysVolCheck
      Starting test: KccEvent
         ......................... VISTA01 passed test KccEvent
      Starting test: KnowsOfRoleHolders
         ......................... VISTA01 passed test KnowsOfRoleHolders
      Starting test: MachineAccount
         ......................... VISTA01 passed test MachineAccount
      Starting test: NCSecDesc
         ......................... VISTA01 passed test NCSecDesc
      Starting test: NetLogons
         ......................... VISTA01 passed test NetLogons
      Starting test: ObjectsReplicated
         ......................... VISTA01 passed test ObjectsReplicated
      Starting test: Replications
         ......................... VISTA01 passed test Replications
      Starting test: RidManager
         ......................... VISTA01 passed test RidManager
      Starting test: Services
         ......................... VISTA01 passed test Services
      Starting test: SystemLog
         ......................... VISTA01 passed test SystemLog
      Starting test: VerifyReferences
         ......................... VISTA01 passed test VerifyReferences


   Running partition tests on : ForestDnsZones
      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test
         CrossRefValidation

   Running partition tests on : DomainDnsZones
      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test
         CrossRefValidation

   Running partition tests on : Schema
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation

   Running partition tests on : Configuration
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation

   Running partition tests on : mydomain
      Starting test: CheckSDRefDom
         ......................... mydomain passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... mydomain passed test CrossRefValidation

   Running enterprise tests on : mydomain.com
      Starting test: LocatorCheck
         ......................... mydomain.com passed test LocatorCheck
      Starting test: Intersite
         ......................... mydomain.com passed test Intersite

C:\Windows\system32>
0
 
LVL 9

Expert Comment

by:VirastaR
Comment Utility
0
 
LVL 9

Expert Comment

by:Zenvenky
Comment Utility
If you see my DNS Best Practices article you'll understand what shall be the preferred DNS and Secondary DNS. As you have 2 DCs in the domain I would suggest both the DCs itself as preferred DNS and other DC as secondary DNS. Remove 127.0.0.1 from the DNS list whoch is not required.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 24

Expert Comment

by:Sandeshdubey
Comment Utility
0
 

Author Comment

by:Tonygret
Comment Utility
The following MS article seems to suggest the exact opposite for NIC DNS setting of some of the postings above: http://technet.microsoft.com/en-us/library/ff807362(v=ws.10).aspx

"If the loopback IP address is the first entry in the list of DNS servers, Active Directory might be unable to find its replication partners.

The inclusion of its own IP address in the list of DNS servers improves performance and increases availability of DNS servers. However, if the DNS server is also a domain controller and it points only to itself, or points to itself first for name resolution, this can cause a delay during startup. For this reason, use caution when configuring the loopback address on an adapter if the server is also a domain controller. The loopback address should be configured only as a secondary or tertiary DNS server on a domain controller."
0
 
LVL 24

Accepted Solution

by:
Sandeshdubey earned 500 total points
Comment Utility
You should not set loop backip ip address(127.0.0.1) as primary if you required you can set the same as alternate dns setting on DC the choice is yours.
0
 

Author Comment

by:Tonygret
Comment Utility
So it appears the DNS Best Practices article "zenvenky" posted are opposite of what the MS article states to do.  Today I made the DNS setting as shown below on the two DCs per the MS article. I then restarted the DNS server and Netlogon Service. Since the error occured every 3 to 4 hours I am waiting to see if the problem is corrected.  One thing it did correct was the NIC icon in the tray showing no internet access.  I will post anohter update tomorrow.

DC1 (IP address 10.2.0.11)
DNS1 - 10.2.0.12
DNS2 - 10.2.0.11
DNS3 - 127.0.0.1

DC2 - (IP address 10.2.0.12)
DNS1 - 10.2.0.11
DNS2 - 10.2.0.12
DNS3 - 127.0.0.1
0
 

Author Closing Comment

by:Tonygret
Comment Utility
Setting the DNS addresses as described below at the suggestion of "Sandeshdubey" has cleared all errors. Both DCs have been error free and boot times are about 1 minute.  I am very please with the results.  Thank you.

DC1 (IP address 10.2.0.11)
DNS1 - 10.2.0.12
DNS2 - 10.2.0.11
DNS3 - 127.0.0.1

DC2 - (IP address 10.2.0.12)
DNS1 - 10.2.0.11
DNS2 - 10.2.0.12
DNS3 - 127.0.0.1
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

I don't know if many of you have made the great mistake of using the Cisco Thin Client model with the management software VXC. If you have then you are probably more then familiar with the incredibly clunky interface, the numerous work arounds, and …
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
This tutorial will walk an individual through the process of installing the necessary services and then configuring a Windows Server 2012 system as an iSCSI target. To install the necessary roles, go to Server Manager, and select Add Roles and Featu…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now