Event ID 1014 & 5719: logged when domain member retarted

Hi Windows Experts,

Existing environment:
Windows Server 2008 R2
Domain Functional Level at Windows server 2003

I am in the process of migrating to Windows Server 2012 R2. I just built a Windows Server 2012 R2 member server so that I can promote it to a DC. When I reboot the server, following events are being logged. I tried to google and troubleshoot for last couple of hours with all the suggestions put out there but I am heading nowhere.

Warning Event ID 1014: Name resolution for the name _ldap._tcp.dc._msdcs.mydomain.com timed out after none of the configured DNS servers responded.

Error Event ID 5719: This computer was not able to set up a secure session with a domain controller in domain "my domain" due to the following:
There are currently no logon servers available to service the logon request.
This may lead to authentication problems. Make sure that this computer is connected to the network. If the problem persists, please contact your domain administrator.

Above error occurs only when the W2K12 R2 is rebooted. To me it looks like that  Netlogon service might be starting  before the network is ready, the computer might be unable to locate the logon domain controller.

Any suggestion or help will be highly appreciated.
LVL 1
DeoraliAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Mohammed KhawajaManager - Infrastructure:  Information TechnologyCommented:
Have you run DCPROMO and if so, did it succeed or fail?  This seems like a DNS issue.  I would like you to do the following:

- On the DC, ensure primary DNS IP address is pointing to itself
- Reboot the DC
- Ping name _ldap._tcp.dc._msdcs.mydomain.com and it should reply with the IP of your DNS
- Try promote the new server again after ensuring primary DNS IP address is pointing to the DC

If DCPROMO ran and the domain is promoted but you are getting errors then you have to do the following:

- Set primary DNS server IP to the other DC and secondary to itself and reboot
- If problem persists then run DCPROMO and demote the new DC and then try again
DeoraliAuthor Commented:
Yes, on the DC, Primary DNS is pointing to itself
 pinging _ldap._tcp.dc._msdcs.mydomain.com replies with DNS IP.

I haven't ran DCPROMO on the new Windows Server 2012 yet . This is a new install and don't want any error.
Mohammed KhawajaManager - Infrastructure:  Information TechnologyCommented:
Remove the server from the domain, reboot and then join the server back to the domain and see if you get any errors.  If all is well then run dcpromo.
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

DeoraliAuthor Commented:
Done that already but errors still registered. Don't want to run dcpromo until I resolve the errors.
Mohammed KhawajaManager - Infrastructure:  Information TechnologyCommented:
What is your DC name?
What is the IP for your DC?
Post the output for "ipconfig /all" for both the DC and new server
Post a copy of the error
DeoraliAuthor Commented:
The existing windows server 2008 R2 environment has been running with two DCs with no  issues for years.  Errors exactly posted on my first post and shows up only on the newly added Windows Server 2012 R2.
 
  DC : NIIPM-DC01
  IPv4 Address. . : 192.168.1.20(Preferred)
  Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.1.1
   DNS Servers . . . . . . . . . . . : 192.168.2.21
                                                   192.168.2.20

New Server name :W2K12-DC01
IPv4 Address. . : 192.168.1.30(Preferred)
  Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.1.1
   DNS Servers . . . . . . . . . . . : 192.168.2.20
                                                   192.168.2.21
Mohammed KhawajaManager - Infrastructure:  Information TechnologyCommented:
On both servers set DNS to 192.168.2.20.  The only time you change DNS to 192.168.2.20 (primary) and 192.168.2.21 (secondary) is only after W2K12-DC01 has been promoted and working correctly and DNS on that should be changed to 192.168.2.21 (primary) and 192.168.2.20 (secondary).  Just remember that the rule of thumb is that after DCs are promoted and working, their primary DNS should point to itself.  Until then it should point to a working DC.
DeoraliAuthor Commented:
I am little confused here.  Here is my scenario:

Existing working Windows Server 2008 R2 Domain Controllers IPs:

DC 1 : NIIPM-DC01
   IPv4 Address. . : 192.168.1.20(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Default Gateway . . . . . . . . . : 192.168.1.1
    DNS Servers . . . . . . . . . . . : 192.168.2.21
                                                    192.168.2.20
DC2: NIIPM-DC02
   IPv4 Address. . : 192.168.1.21(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Default Gateway . . . . . . . . . : 192.168.1.1
    DNS Servers . . . . . . . . . . . : 192.168.2.20
                                                    192.168.2.21
New Server name :W2K12-DC01
 IPv4 Address. . : 192.168.1.30(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Default Gateway . . . . . . . . . : 192.168.1.1
    DNS Servers . . . . . . . . . . . : 192.168.2.20
                                                    192.168.2.21

should I point the Primary DNS IP to 192.168.2.20 on all the servers above ?
DeoraliAuthor Commented:
One more error
Event ID: 8015

 The system failed to register host (A or AAAA) resource records (RRs) for network adapter
 with settings:

Adapter Name : {DB7F73CE-E011-4F3C-BEBC-2CE7A871DF51}
 Host Name : W2K12-DC01
 Primary Domain Suffix : somedomain.com
 DNS server list :
 192.168.1.20, 192.168.1.21
 Sent update to server : <?>
IP Address(es) :
 192.168.1.30
Mohammed KhawajaManager - Infrastructure:  Information TechnologyCommented:
Is W2K12-DC01 joined to the domain?  If it is not and your DNS registration option is set to secure then non- domain joined computers will not be able to register A records in the DNS and this is by design.  Could you validate if W2K12-DC01 is joined to the domain or not.
DeoraliAuthor Commented:
W2K12-DC01 is already joined to the domain.  Server's A record is registered in DNS . Still have to resolve the first two errors.
compdigit44Commented:
You 192.168.2.x DNS servers appear to be on a different subnet than the IP of your 2012 server. Is this correct?
DeoraliAuthor Commented:
Sorry,  my typo. IP od DNS server should be 192.168.1.20 and 192.168.1.21

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
DeoraliAuthor Commented:
Migrated to Windows server 2012 R2 and retired 2008.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2008

From novice to tech pro — start learning today.