Solved

domain controller error id: 5807

Posted on 2013-11-21
10
1,063 Views
Last Modified: 2013-11-21
central(main domain controller) London DC1------------------DC2(secondary) Mancester
                                                                       ------------------DC3(secondary) Liverpool

I am a central DC1 admin and i have two more DCs other cities.All are windows 2008 domain controller servers.

I get error
ID:5807
Description:
During the past 4.04 hours there have been 1000 connections to this Domain Controller from client machines whose IP addresses don't map to any of the existing sites in the enterprise. Those clients, therefore, have undefined sites and may connect to any Domain Controller including those that are in far distant locations from the clients. A client's site is determined by the mapping of its subnet to one of the existing sites. To move the above clients to one of the sites, please consider creating subnet object(s) covering the above IP addresses with mapping to one of the existing sites.  The names and IP addresses of the clients in question have been logged on this computer in the following log file '%SystemRoot%\debug\netlogon.log' and, potentially, in the log file '%SystemRoot%\debug\netlogon.bak' created if the former log becomes full. The log(s) may contain additional unrelated debugging information. To filter out the needed information, please search for lines which contain text 'NO_CLIENT_SITE:'. The first word after this string is the client name and the second word is the client IP address. The maximum size of the log(s) is controlled by the following registry DWORD value 'HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters\LogFileMaxSize'; the default is 20000000 bytes.  The current maximum size is 20000000 bytes.  To set a different maximum size, create the above registry value and set the desired maximum size in bytes.

I controlled %SystemRoot%\debug\netlogon.log and there is :
10/21 18:01:55 TREND: NO_CLIENT_SITE: NB016 10.242.2.38

I use C Class IP addreses and wanted one more subnet for my new building computers.for that i did MASK: 255.255.240.0
  current network IP: 192.168.100.0 255.255.255.0
after create new subnet i changed all current IP and Device IPs :
     192.168.100.0 -255.255.240.0
and i created a new subnet under DC1 192.168.96.0/20

but get this error. I do not correct something?

Thanks for your comments
0
Comment
Question by:apollo-13
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 4
10 Comments
 
LVL 35

Expert Comment

by:Seth Simmons
ID: 39666677
NO_CLIENT_SITE means you have systems talking to those domain controllers to which the IP address is not associated with any AD site

you stated you are using a 192.168.x.x network though that error states the source machine is on a 10.x.x.x network meaning in AD you don't have a site associated with that 10.x.x.x network

because of that, that machine will try to locate any available domain controller in london/manchester/liverpool sites

if that machine on that 10.x.x.x network is in one of those sites, you need to create a subnet in AD sites and services and associate that with one of your 3 sites
0
 

Author Comment

by:apollo-13
ID: 39666706
thank you so much for promt answer
i do not use any A class IP :10.x.x.x on my network
I use only 192.168.100.0/20 and for clients computer DCHP 192.168.99.0/20
0
 

Author Comment

by:apollo-13
ID: 39666726
subnet
0
Simple, centralized multimedia control

Watch and learn to see how ATEN provided an easy and effective way for three jointly-owned pubs to control the 60 televisions located across their three venues utilizing the ATEN Control System, Modular Matrix Switch and HDBaseT extenders.

 
LVL 35

Expert Comment

by:Seth Simmons
ID: 39666727
something on your network somewhere is talking to your servers from that address
need to find out what that NB016 device is

1,000 connections in a 4 hour period i would find very suspicious
0
 

Author Comment

by:apollo-13
ID: 39666736
ohhhhhhhhhhhhhhhhhhhh i see this is the VPN user .
if one of my vpn user login our system firewall give a 10.x.x.x IP.
0
 
LVL 35

Expert Comment

by:Seth Simmons
ID: 39666747
well, there you go

whatever location that vpn server is, then create a new subnet in AD and associate that with that site
0
 

Author Comment

by:apollo-13
ID: 39666765
is that mean is I need to create a new subnet with ip :10.242.2.0/? in AD(dc1) sites and services.?
This address comes out hardware Firewall(VPN DHCP) when our user uses VPN connection.

after creating new subbnet under DC1 do i need to dc1 RESTART?
0
 
LVL 35

Accepted Solution

by:
Seth Simmons earned 500 total points
ID: 39666772
yes, create that subnet and add to that AD site; it's irrelevant what server or device hands out the addresses

no, no need to restart but those warnings should go away
0
 

Author Comment

by:apollo-13
ID: 39666780
i got this info from my VPN connection to central
DHCP IP/netmask of 10.242.2.22/255.255.255.252
0
 

Author Comment

by:apollo-13
ID: 39667981
thank you so much ,no error any more
0

Featured Post

U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.
This article is in regards to the Cisco QSFP-4SFP10G-CU1M cables, which are designed to uplink/downlink 40GB ports to 10GB SFP ports. I recently experienced this and found very little configuration documentation on how these are supposed to be confi…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

624 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question