Solved

Event 5782 DNS Record Failed, NETLOGON Error TCP/IP nertowrk protocol not installed

Posted on 2013-06-08
10
7,131 Views
Last Modified: 2013-06-11
We just added 2 new 2012 DCs with DNS and demoted the old 2003 DCs and DSN servers. We are now getting error NETLOGON 5782 every few hours which says "Dynamic registration or deregistration of one or more DNS records failed with the following error:
TCP/IP network protocol not installed."

Also some NETLOGON 5782 errors report "Dynamic registration or deregistration of one or more DNS records failed with the following error:
No DNS servers configured for local system."

As a side note the network icon on in the system tray on DC1 says there is no internet access.  However there is internet access and all DC functions seem to be working ok.

DC network configs are as follows:
DC1 (IP address 10.2.0.11)
DNS1 - 127.0.0.1
DNS2 - 10.2.0.12

DC2 - (IP address 10.2.0.12)
DNS1- 127.0.0.1
DNS2 - 10.2.0.11

Any help would be greatly appreciated!
0
Comment
Question by:Tonygret
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
  • 2
  • +2
10 Comments
 
LVL 21

Expert Comment

by:Radhakrishnan R
ID: 39232633
Hi,

You mentioned that you demoted 2 old DC's? have you performed the metadata cleanup against the old DC's? if already not done, please perform the metadata cleanup and remove the old DC entries completely.
0
 
LVL 9

Expert Comment

by:Zenvenky
ID: 39232863
First thing first...howmany DCs are there in the domain now?

Is replication working fine, I'm sure it is not. However run repadmin /replsum and repadmin /showreps. Run DCDiag in verbose mode on all DCs to know exact error.

I would suggest you to remove 127 loop back adapter address and replace with DNS IP. Check this link fir better understanding.

DNS Best Practices


Note: Once you correct DNS settings restart DNS and Netlogon and clear DNS resolvers cache.
0
 

Author Comment

by:Tonygret
ID: 39233084
I have a total of 2 DCSs now and replication is working OK. I have not run metadata cleanup, but I do not see any old entries for the old DCs. What is the procedure for metadata cleanup?  Also what is the prefered DNS entries, I have seen many conflicting answers to that question.  Thanks!

Here is a simple DC Diag Run:

Doing primary tests

   Testing server: Default-First-Site-Name\VISTA01
      Starting test: Advertising
         ......................... VISTA01 passed test Advertising
      Starting test: FrsEvent
         ......................... VISTA01 passed test FrsEvent
      Starting test: DFSREvent
         ......................... VISTA01 passed test DFSREvent
      Starting test: SysVolCheck
         ......................... VISTA01 passed test SysVolCheck
      Starting test: KccEvent
         ......................... VISTA01 passed test KccEvent
      Starting test: KnowsOfRoleHolders
         ......................... VISTA01 passed test KnowsOfRoleHolders
      Starting test: MachineAccount
         ......................... VISTA01 passed test MachineAccount
      Starting test: NCSecDesc
         ......................... VISTA01 passed test NCSecDesc
      Starting test: NetLogons
         ......................... VISTA01 passed test NetLogons
      Starting test: ObjectsReplicated
         ......................... VISTA01 passed test ObjectsReplicated
      Starting test: Replications
         ......................... VISTA01 passed test Replications
      Starting test: RidManager
         ......................... VISTA01 passed test RidManager
      Starting test: Services
         ......................... VISTA01 passed test Services
      Starting test: SystemLog
         ......................... VISTA01 passed test SystemLog
      Starting test: VerifyReferences
         ......................... VISTA01 passed test VerifyReferences


   Running partition tests on : ForestDnsZones
      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test
         CrossRefValidation

   Running partition tests on : DomainDnsZones
      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test
         CrossRefValidation

   Running partition tests on : Schema
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation

   Running partition tests on : Configuration
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation

   Running partition tests on : mydomain
      Starting test: CheckSDRefDom
         ......................... mydomain passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... mydomain passed test CrossRefValidation

   Running enterprise tests on : mydomain.com
      Starting test: LocatorCheck
         ......................... mydomain.com passed test LocatorCheck
      Starting test: Intersite
         ......................... mydomain.com passed test Intersite

C:\Windows\system32>
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
LVL 9

Expert Comment

by:VirastaR
ID: 39233316
0
 
LVL 9

Expert Comment

by:Zenvenky
ID: 39234166
If you see my DNS Best Practices article you'll understand what shall be the preferred DNS and Secondary DNS. As you have 2 DCs in the domain I would suggest both the DCs itself as preferred DNS and other DC as secondary DNS. Remove 127.0.0.1 from the DNS list whoch is not required.
0
 
LVL 24

Expert Comment

by:Sandeshdubey
ID: 39234570
0
 

Author Comment

by:Tonygret
ID: 39234720
The following MS article seems to suggest the exact opposite for NIC DNS setting of some of the postings above: http://technet.microsoft.com/en-us/library/ff807362(v=ws.10).aspx

"If the loopback IP address is the first entry in the list of DNS servers, Active Directory might be unable to find its replication partners.

The inclusion of its own IP address in the list of DNS servers improves performance and increases availability of DNS servers. However, if the DNS server is also a domain controller and it points only to itself, or points to itself first for name resolution, this can cause a delay during startup. For this reason, use caution when configuring the loopback address on an adapter if the server is also a domain controller. The loopback address should be configured only as a secondary or tertiary DNS server on a domain controller."
0
 
LVL 24

Accepted Solution

by:
Sandeshdubey earned 500 total points
ID: 39234862
You should not set loop backip ip address(127.0.0.1) as primary if you required you can set the same as alternate dns setting on DC the choice is yours.
0
 

Author Comment

by:Tonygret
ID: 39236559
So it appears the DNS Best Practices article "zenvenky" posted are opposite of what the MS article states to do.  Today I made the DNS setting as shown below on the two DCs per the MS article. I then restarted the DNS server and Netlogon Service. Since the error occured every 3 to 4 hours I am waiting to see if the problem is corrected.  One thing it did correct was the NIC icon in the tray showing no internet access.  I will post anohter update tomorrow.

DC1 (IP address 10.2.0.11)
DNS1 - 10.2.0.12
DNS2 - 10.2.0.11
DNS3 - 127.0.0.1

DC2 - (IP address 10.2.0.12)
DNS1 - 10.2.0.11
DNS2 - 10.2.0.12
DNS3 - 127.0.0.1
0
 

Author Closing Comment

by:Tonygret
ID: 39240053
Setting the DNS addresses as described below at the suggestion of "Sandeshdubey" has cleared all errors. Both DCs have been error free and boot times are about 1 minute.  I am very please with the results.  Thank you.

DC1 (IP address 10.2.0.11)
DNS1 - 10.2.0.12
DNS2 - 10.2.0.11
DNS3 - 127.0.0.1

DC2 - (IP address 10.2.0.12)
DNS1 - 10.2.0.11
DNS2 - 10.2.0.12
DNS3 - 127.0.0.1
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The following article is comprised of the pearls we have garnered deploying virtualization solutions since Virtual Server 2005 and subsequent 2008 RTM+ Hyper-V in standalone and clustered environments.
Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question