asked on
domain controller error id: 5807
central(main domain controller) London DC1------------------DC2(s
------------------DC3(seco
I am a central DC1 admin and i have two more DCs other cities.All are windows 2008 domain controller servers.
I get error
I controlled %SystemRoot%\debug\netlogo
I use C Class IP addreses and wanted one more subnet for my new building computers.for that i did MASK: 255.255.240.0
current network IP: 192.168.100.0 255.255.255.0
after create new subnet i changed all current IP and Device IPs :
192.168.100.0 -255.255.240.0
and i created a new subnet under DC1 192.168.96.0/20
but get this error. I do not correct something?
Thanks for your comments
------------------DC3(seco
I am a central DC1 admin and i have two more DCs other cities.All are windows 2008 domain controller servers.
I get error
ID:5807
Description:
During the past 4.04 hours there have been 1000 connections to this Domain Controller from client machines whose IP addresses don't map to any of the existing sites in the enterprise. Those clients, therefore, have undefined sites and may connect to any Domain Controller including those that are in far distant locations from the clients. A client's site is determined by the mapping of its subnet to one of the existing sites. To move the above clients to one of the sites, please consider creating subnet object(s) covering the above IP addresses with mapping to one of the existing sites. The names and IP addresses of the clients in question have been logged on this computer in the following log file '%SystemRoot%\debug\netlogon.log' and, potentially, in the log file '%SystemRoot%\debug\netlog on.bak' created if the former log becomes full. The log(s) may contain additional unrelated debugging information. To filter out the needed information, please search for lines which contain text 'NO_CLIENT_SITE:'. The first word after this string is the client name and the second word is the client IP address. The maximum size of the log(s) is controlled by the following registry DWORD value 'HKEY_LOCAL_MACHINE\SYSTEM \CurrentCo ntrolSet\S ervices\Ne tlogon\Par ameters\Lo gFileMaxSi ze'; the default is 20000000 bytes. The current maximum size is 20000000 bytes. To set a different maximum size, create the above registry value and set the desired maximum size in bytes.
I controlled %SystemRoot%\debug\netlogo
10/21 18:01:55 TREND: NO_CLIENT_SITE: NB016 10.242.2.38
I use C Class IP addreses and wanted one more subnet for my new building computers.for that i did MASK: 255.255.240.0
current network IP: 192.168.100.0 255.255.255.0
after create new subnet i changed all current IP and Device IPs :
192.168.100.0 -255.255.240.0
and i created a new subnet under DC1 192.168.96.0/20
but get this error. I do not correct something?
Thanks for your comments
Windows Server 2008Active DirectoryNetworking
Last Comment
apollo-13
ASKER
thank you so much for promt answer
i do not use any A class IP :10.x.x.x on my network
I use only 192.168.100.0/20 and for clients computer DCHP 192.168.99.0/20
i do not use any A class IP :10.x.x.x on my network
I use only 192.168.100.0/20 and for clients computer DCHP 192.168.99.0/20
ASKER
something on your network somewhere is talking to your servers from that address
need to find out what that NB016 device is
1,000 connections in a 4 hour period i would find very suspicious
need to find out what that NB016 device is
1,000 connections in a 4 hour period i would find very suspicious
ASKER
ohhhhhhhhhhhhhhhhhhhh i see this is the VPN user .
if one of my vpn user login our system firewall give a 10.x.x.x IP.
if one of my vpn user login our system firewall give a 10.x.x.x IP.
well, there you go
whatever location that vpn server is, then create a new subnet in AD and associate that with that site
whatever location that vpn server is, then create a new subnet in AD and associate that with that site
ASKER
is that mean is I need to create a new subnet with ip :10.242.2.0/? in AD(dc1) sites and services.?
This address comes out hardware Firewall(VPN DHCP) when our user uses VPN connection.
after creating new subbnet under DC1 do i need to dc1 RESTART?
This address comes out hardware Firewall(VPN DHCP) when our user uses VPN connection.
after creating new subbnet under DC1 do i need to dc1 RESTART?
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
i got this info from my VPN connection to central
DHCP IP/netmask of 10.242.2.22/255.255.255.25
DHCP IP/netmask of 10.242.2.22/255.255.255.25
ASKER
thank you so much ,no error any more
you stated you are using a 192.168.x.x network though that error states the source machine is on a 10.x.x.x network meaning in AD you don't have a site associated with that 10.x.x.x network
because of that, that machine will try to locate any available domain controller in london/manchester/liverpoo
if that machine on that 10.x.x.x network is in one of those sites, you need to create a subnet in AD sites and services and associate that with one of your 3 sites