Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Windows 2012 boot up Event ID 5719 Netlogon

Posted on 2014-01-08
10
Medium Priority
?
4,239 Views
Last Modified: 2014-01-21
This computer was not able to set up a secure session with a domain controller in domain <domain name> due to the following:
There are currently no logon servers available to service the logon request.
This may lead to authentication problems. Make sure that this computer is connected to the network. If the problem persists, please contact your domain administrator.  

ADDITIONAL INFO
If this computer is a domain controller for the specified domain, it sets up the secure session to the primary domain controller emulator in the specified domain. Otherwise, this computer sets up the secure session to any domain controller in the specified domain.
0
Comment
Question by:bergquistcompany
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 4
10 Comments
 
LVL 12

Expert Comment

by:aindelicato
ID: 39765411
Is the DNS server the IP of your domain controller?
0
 

Author Comment

by:bergquistcompany
ID: 39765448
There is a static IP assigned and the DNS is configured to the IP of the domain controller in that domain.  It is happening on reboot, but I still think it shouldn't be :)
0
 
LVL 12

Expert Comment

by:aindelicato
ID: 39765474
You are correct, it shouldnt be.  This error usually indicates a dns resolution error when it can't find the domain controller.

Make sure in DNS that you have proper records for your DCs.  Is it only this one machine that is having this issue?
0
Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

 

Author Comment

by:bergquistcompany
ID: 39765491
No I installed Windows 2012 on 3 new servers that will be replacing the 2003 DCs eventually but after installing the OS and rebooting they all get this error on reboot of the server.
0
 
LVL 12

Expert Comment

by:aindelicato
ID: 39765497
Was this an older domain?  2012 servers can't see domains that aren't at least at a 2003 Domain Functional Level.
0
 

Author Comment

by:bergquistcompany
ID: 39765518
They are 2003 functional level and I have one with nothing in the static DNS and is DHCP as it's just a fresh 2012 install no promotions yet and that too gets error on reboot.
0
 
LVL 12

Expert Comment

by:aindelicato
ID: 39765564
Seems like the Netlogon service is starting before the network is actually ready.

See this article:
http://support.microsoft.com/kb/938449


Resolution 1

To resolve this issue, install the most current driver for the Gigabit network adapter. Another approach may be to enable the "PortFast" option on the network switches.


Resolution 2

Set this registry entry to a value that is safely beyond the time it takes to retrieve a working IP address:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters
Value Name: ExpectedDialupDelay
Data Type: Reg_Dword
Data Value is in seconds (default = 0)
Data Range is between 0 and 600 seconds (10 minutes)


Also configure this setting (details in KB 244474):

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\ Kerberos\Parameters
MaxPacketSize to 1

Resolution 3

Acconrding to KB 239924, disable media sense for TCP/IP:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters
Add the following registry value:
Value Name: DisableDHCPMediaSense
Data Type: REG_DWORD -Boolean
Value Data: 1 (False, True)
Default: 0 (False)


Resolution 4

There is a known problem with DHCP client code in Windows 7. A hotfix is going to be released using this KB article: http://support.microsoft.com/?kbid=2459530

Resolution 5

To resolve this issue, reduce the Netlogon negative cache period (the NegativeCachePeriod registry entry). When you do this, the Netlogon service does not behave as if the domain controllers are offline for 45 seconds. The event 5719 is still logged, but there is little negativ eside-effect from that. The setting enables domain controllers to connect earlier.

For more information, click the following article number to view the article in the Microsoft Knowledge Base:
819108 Settings for minimizing periodic WAN traffic
0
 

Author Comment

by:bergquistcompany
ID: 39765952
Ok tried 1, 2 & 3 yet same event on reboot.
Didn't do 4 as I'm on windows 2012.  
I don't have the NegativeCachePeriod key

Any other suggestions?
0
 

Accepted Solution

by:
bergquistcompany earned 0 total points
ID: 39785424
called Microsoft and they made registry change and lost all networking so had to run restore to recover.  Going to rebuild it at this point.
0
 

Author Closing Comment

by:bergquistcompany
ID: 39796404
too much time and recovery it would be easier to reimage at this point and run.
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
Windows Server 2003 introduced persistent Volume Shadow Copies and made 2003 a must-do upgrade.  Since then, it's been a must-implement feature for all servers doing any kind of file sharing.
This tutorial will walk an individual through the process of installing the necessary services and then configuring a Windows Server 2012 system as an iSCSI target. To install the necessary roles, go to Server Manager, and select Add Roles and Featu…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question