jnordeng
asked on
Are these Netlogon Errors a concern?
We have a Windows 2008 R2 domain functional and forest level and are primary FSMO role holders are Windows 2008 R2 Servers. We have introduced Windows 2016 DC's and are checking health so we can move FSMO roles.
I've noticed running DCDiag on the Windows 2008 systems give me a ton of Netlogon errors but I don't see this on the Windows 2016 Servers.
Event String:
The Netlogon service allowed a vulnerable Netlogon secure channel co
nnection because the machine account is allowed in the "Domain controller: Allo
w vulnerable Netlogon secure channel connections" group policy.
A warning event occurred. EventID: 0x000016C6
Time Generated: 05/04/2021 09:26:59
Event String:
The Netlogon service allowed a vulnerable Netlogon secure channel co
nnection because the machine account is allowed in the "Domain controller: Allo
w vulnerable Netlogon secure channel connections" group policy.
A warning event occurred. EventID: 0x000016C6
Time Generated: 05/04/2021 09:27:44
Event String:
The Netlogon service allowed a vulnerable Netlogon secure channel co
Should add, running the standard repadmin/showrepl and repadmin /replsummary does not show issues.
Googling a bit, I've seen some things indicating that Sysvol isn't replicating properly, but I do see it on the Windows 2016 servers and Windows 2008 R2 servers are the primaries. I have also read that this isn't an issue. Or is this rather a Group Policy issue?
We are trying to do our due diligence to make sure AD is healthy before we move FSMO roles.
Thanks
I've noticed running DCDiag on the Windows 2008 systems give me a ton of Netlogon errors but I don't see this on the Windows 2016 Servers.
Event String:
The Netlogon service allowed a vulnerable Netlogon secure channel co
nnection because the machine account is allowed in the "Domain controller: Allo
w vulnerable Netlogon secure channel connections" group policy.
A warning event occurred. EventID: 0x000016C6
Time Generated: 05/04/2021 09:26:59
Event String:
The Netlogon service allowed a vulnerable Netlogon secure channel co
nnection because the machine account is allowed in the "Domain controller: Allo
w vulnerable Netlogon secure channel connections" group policy.
A warning event occurred. EventID: 0x000016C6
Time Generated: 05/04/2021 09:27:44
Event String:
The Netlogon service allowed a vulnerable Netlogon secure channel co
Should add, running the standard repadmin/showrepl and repadmin /replsummary does not show issues.
Googling a bit, I've seen some things indicating that Sysvol isn't replicating properly, but I do see it on the Windows 2016 servers and Windows 2008 R2 servers are the primaries. I have also read that this isn't an issue. Or is this rather a Group Policy issue?
We are trying to do our due diligence to make sure AD is healthy before we move FSMO roles.
Thanks
Last Comment
ASKER CERTIFIED SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
Windows Server 2008
Windows Server 2008 and Windows Server 2008 R2, based on the Microsoft Vista codebase, is the last 32-bit server operating system released by Microsoft. It has a number of versions, including including Foundation, Standard, Enterprise, Datacenter, Web, HPC Server, Itanium and Storage; new features included server core installation and Hyper-V.
86K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
TRUSTED BY
ASKER