Event 5782 from NETLOGON on server boot

[MyndPhlyp]

It is an old chestnut judging by the Google searches I've done, but I just
can't seem to find the majik to get this last warning out of my logs.

I'm getting a 5782 from NETLOGON, but only at boot on the server.

"Dynamic registration or deregistration of one or more DNS records failed
with the following error:
No DNS servers configured for local system."

DCDIAG comes up squeaky clean.

DNS seems to be working just fine and the NS information is correct. DHCP is
doing its thing and WINS is doing its thing, all just as it should be.

The domain controller has a static IP address as well as all that other fun
information.

According to all the pictures in the book, this should work. Evidently a
PEBKAC.

The original network configuration had a different machine as the domain
controller. A new server, the one I'm having problems with, was built, added
to the domain and promoted. The old domain controller was demoted, removed
from the domain and eventually taken off the wire. After playing musical
chairs on the deck of the SS Titanic, I set up DHCP and DNS.

I have managed to fix up of few of the SNAFU's that happen during such a
transition. This has to be one of those commonly overlooked tweaks I failed
to perform, but I just can't put my finger on it.

Any help for the incompetent?

 

[Kevin D. Goodknecht Sr. [MVP]]

In

It is an old chestnut judging by the Google searches I've
done, but I just can't seem to find the majik to get this
last warning out of my logs.

I'm getting a 5782 from NETLOGON, but only at boot on the
server.

"Dynamic registration or deregistration of one or more
DNS records failed with the following error:
No DNS servers configured for local system."

DCDIAG comes up squeaky clean.

DNS seems to be working just fine and the NS information
is correct. DHCP is doing its thing and WINS is doing its
thing, all just as it should be.

The domain controller has a static IP address as well as
all that other fun information.

According to all the pictures in the book, this should
work. Evidently a PEBKAC.

The original network configuration had a different
machine as the domain controller. A new server, the one
I'm having problems with, was built, added to the domain
and promoted. The old domain controller was demoted,
removed from the domain and eventually taken off the
wire. After playing musical chairs on the deck of the SS
Titanic, I set up DHCP and DNS.

I have managed to fix up of few of the SNAFU's that
happen during such a transition. This has to be one of
those commonly overlooked tweaks I failed to perform, but
I just can't put my finger on it.

Any help for the incompetent?

IIRC there is a KB about this event at start up but, I cannot find it.
This event is caused by Netlogon service starting before the DNS service and
"if I remember correctly", you can add a depend on service to the Netlogon
service so Netlogon will wait for the DNS service to start or, You can
ignore the event.

 

[MyndPhlyp]

In

IIRC there is a KB about this event at start up but, I cannot find it.
This event is caused by Netlogon service starting before the DNS service and
"if I remember correctly", you can add a depend on service to the Netlogon
service so Netlogon will wait for the DNS service to start or, You can
ignore the event.

/*If*/ ... a small word found prefixing problems. <g>

You do recollect correctly and I also found that KB. It was one of the first
things I tried and something I failed to include in my original post. I
dutifully hacked the DependOnService value of the Netlogon key to include
"DNS" and it does appear on the Netlogon service's Dependency list as well
as Netlogon showing up in DNS Server's depended upon list but (another small
word found prefixing problems) according to the Event Viewer DNS logs its
startup entry (in the DNS Server section) after Netlogon logs its failure
message (in the System Log section).

Yes, I could ignore the message. I would rather find the solution.

Any other ideas?

 

[Ace Fekay [MVP]]

In

/*If*/ ... a small word found prefixing problems. <g>

You do recollect correctly and I also found that KB. It was one of
the first things I tried and something I failed to include in my
original post. I dutifully hacked the DependOnService value of the
Netlogon key to include "DNS" and it does appear on the Netlogon
service's Dependency list as well as Netlogon showing up in DNS
Server's depended upon list but (another small word found prefixing
problems) according to the Event Viewer DNS logs its startup entry
(in the DNS Server section) after Netlogon logs its failure message
(in the System Log section).

Yes, I could ignore the message. I would rather find the solution.

Any other ideas?

If you only have one DC/DNS server, change it to a Primary.
If you have two DC/DNS servers, point DC1's first entry to the DC2, and the
second entry to itself. On DC2, vice-versa.

--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services

Security Is Like An Onion, It Has Layers
HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.

 

[MyndPhlyp]

"Ace Fekay [MVP]"

If you only have one DC/DNS server, change it to a Primary.
If you have two DC/DNS servers, point DC1's first entry to the DC2, and the
second entry to itself. On DC2, vice-versa.

Only one DC and it is the only DNS.

DNS is currently configured as Active Directory-integrated, so it should be
acting as a Primary DNS.

How about a different tact: uninstall and reinstall DNS? What are the
leftover files and/or Registry entries once DNS has been uninstalled?

 

[Ace Fekay [MVP]]

In

"Ace Fekay [MVP]"


Only one DC and it is the only DNS.

DNS is currently configured as Active Directory-integrated, so it
should be acting as a Primary DNS.

How about a different tact: uninstall and reinstall DNS? What are the
leftover files and/or Registry entries once DNS has been uninstalled?

You can try that as well. Remove the system32\dns folder and remove the DNS
key under HKLM\CCS\Control\Services, that is if uninstalling didn't already
remove them for you. Then reinstall it and create your zone as a Primary
first, enable updates, let it register, then change it to AD Integrated once
again.

This can also be caused by an overworked machine because DNS services seem
to be intializing prior to AD and is looking for the zone, but AD isn't up
yet. Make sense?

--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services

Security Is Like An Onion, It Has Layers
HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.

 

[MyndPhlyp]

"Ace Fekay [MVP]"

You can try that as well. Remove the system32\dns folder and remove the DNS
key under HKLM\CCS\Control\Services, that is if uninstalling didn't already
remove them for you. Then reinstall it and create your zone as a Primary
first, enable updates, let it register, then change it to AD Integrated once
again.

This can also be caused by an overworked machine because DNS services seem
to be intializing prior to AD and is looking for the zone, but AD isn't up
yet. Make sense?

Although the surgery was a success, the patient is still dead. BTW -
removing DNS from the Netlogon DependOnService value is a good prerequisite
as well as having SP4 handy. The exercise did expose an unrelated and minor
config problem but did nothing to resolve this one nit. I guess I'll just
have to convince the Adrian Monk in me that this isn't going to be
corrected. Most likely it is taking DNS too long to fire up for Netlogon to
get its "success" response. The only other alternative would be to peg
Netlogon to a service that fires up a layer or two after DNS in hopes that
DNS has settled down in time for the registration. Too much trial and error
involved to find just the right place to link. (I remember playing this game
back in NT v4 and v3.5. What a PITA.)

It's back to pounding my head against the desk. Thanx for getting involved.

 

[Ace Fekay [MVP]]

In

Although the surgery was a success, the patient is still dead. BTW -
removing DNS from the Netlogon DependOnService value is a good
prerequisite as well as having SP4 handy. The exercise did expose an
unrelated and minor config problem but did nothing to resolve this
one nit. I guess I'll just have to convince the Adrian Monk in me
that this isn't going to be corrected. Most likely it is taking DNS
too long to fire up for Netlogon to get its "success" response. The
only other alternative would be to peg Netlogon to a service that
fires up a layer or two after DNS in hopes that DNS has settled down
in time for the registration. Too much trial and error involved to
find just the right place to link. (I remember playing this game back
in NT v4 and v3.5. What a PITA.)

It's back to pounding my head against the desk. Thanx for getting
involved.

Well, doc, this is interesting that it didn't help. And yes, I usually like
to recommend not to use that article to create a dependency since sometimes
it makes more harm then good from what I've seen out here in the past.

Curious, is the machine overworked or an older machine? We usually don't see
this error come up too often.

Ace

 

[MyndPhlyp]

"Ace Fekay [MVP]"

Well, doc, this is interesting that it didn't help. And yes, I usually like
to recommend not to use that article to create a dependency since sometimes
it makes more harm then good from what I've seen out here in the past.

Curious, is the machine overworked or an older machine? We usually don't see
this error come up too often.

I do not believe we can truthfully use the word /*overworked*/ to describe
the system. It's actually a "still got that new computer smell" Intel P4 3.0
GHz HT Northwood on an Intel D875PBZ w/ 800 FSB, 1 GB ECC in dual-channel
and a pair of 120 GB SATA drives in RAID 1. Not the hottest thing on the
planet, but pretty damned close.

Having done this several times in the past, I made a point of running SFC
after each layer of software paying particular attention to getting the OS
right before advancing to application software. The only software-related
nit I have left is a couple of DirectX and Media Player executables that
tend to get noticed by SFC if I reapply SP4. It seems like SP4 isn't
checking versions before stomping on them and I have to re-reapply DirectX 9
and Media Player 9 after SP4 to make SFC happy (and there are a couple of
hotfixes that follow up after that).

I would actually consider rebuilding from scratch one more time except it
takes me forever to get the butt crease in the chair just right afterwards.

If I can trust the time stamps in the Event Viewer, we're talking several
seconds (like 3-4) between Netlogon and DNS marking the logs. I've seen this
on my previous servers as well and generally do simply ignore them ...
unless Netlogon is repeating the error every 2 hours, which is symptomatic
of something else that doesn't want to pop up from the gray matter archives
at the moment. It's just that I finally decided to chase this nit to see if
I could end up with a pristine log.

As for load at boot time, I have SQL Server 2000 and IIS. The rest of the
trash gets launched through the Startup at login. I know SQL Server demands
a couple of resources at start, but I should have more than enough
processing, I/O bandwidth and memory space to deal with it.

 

[Kevin D. Goodknecht Sr. [MVP]]

In

"Ace Fekay [MVP]"
<PleaseSubstituteMyActualFirstName&[email protected]>
wrote in message


Only one DC and it is the only DNS.

DNS is currently configured as Active
Directory-integrated, so it should be acting as a Primary
DNS.

How about a different tact: uninstall and reinstall DNS?
What are the leftover files and/or Registry entries once
DNS has been uninstalled?

Only one DC and one DNS, maybe you should consider changing the zone to
Standard Primary to see if that alleviates the error.

 

[MyndPhlyp]

Only one DC and one DNS, maybe you should consider changing the zone to
Standard Primary to see if that alleviates the error.

SOP - troubleshoot by isolation and/or simplification. Already done with no
positive effect, but thanx for trying.

Is there a way to increase the timeout and/or retry values for Netlogon?

 

[Ace Fekay [MVP]]

In

"Ace Fekay [MVP]"


I do not believe we can truthfully use the word /*overworked*/ to
describe the system. It's actually a "still got that new computer
smell" Intel P4 3.0 GHz HT Northwood on an Intel D875PBZ w/ 800 FSB,
1 GB ECC in dual-channel and a pair of 120 GB SATA drives in RAID 1.
Not the hottest thing on the planet, but pretty damned close.

Having done this several times in the past, I made a point of running
SFC after each layer of software paying particular attention to
getting the OS right before advancing to application software. The
only software-related nit I have left is a couple of DirectX and
Media Player executables that tend to get noticed by SFC if I reapply
SP4. It seems like SP4 isn't checking versions before stomping on
them and I have to re-reapply DirectX 9 and Media Player 9 after SP4
to make SFC happy (and there are a couple of hotfixes that follow up
after that).

I would actually consider rebuilding from scratch one more time
except it takes me forever to get the butt crease in the chair just
right afterwards.

If I can trust the time stamps in the Event Viewer, we're talking
several seconds (like 3-4) between Netlogon and DNS marking the logs.
I've seen this on my previous servers as well and generally do simply
ignore them ... unless Netlogon is repeating the error every 2 hours,
which is symptomatic of something else that doesn't want to pop up
from the gray matter archives at the moment. It's just that I finally
decided to chase this nit to see if I could end up with a pristine
log.

As for load at boot time, I have SQL Server 2000 and IIS. The rest of
the trash gets launched through the Startup at login. I know SQL
Server demands a couple of resources at start, but I should have more
than enough processing, I/O bandwidth and memory space to deal with
it.

Well, that's faster than my machine!

Ahh yes, SQL loading at boot can be doing it. Just the fact SQL is starting
maybe slowing down intialization of the AD services. Usually recommend not
to put apps on a DC, which includes Exchange and SQL. But if you have SBS,
you don't have much choice. Maybe we can switch this whole dependcy thing
around and try to put a dependcy on SQL to wait for netlogon to start before
it can start. Bet it will go away!

Ace

 

[MyndPhlyp]

"Ace Fekay [MVP]"

Well, that's faster than my machine!

Ahh yes, SQL loading at boot can be doing it. Just the fact SQL is starting
maybe slowing down intialization of the AD services. Usually recommend not
to put apps on a DC, which includes Exchange and SQL. But if you have SBS,
you don't have much choice. Maybe we can switch this whole dependcy thing
around and try to put a dependcy on SQL to wait for netlogon to start before
it can start. Bet it will go away!

Okay, I'm game. The service of interest is MSSQLSERVER, currently dependent
upon nothing. Care to guess at a service name that has a dependency chain
deep enough to push this one out past DNS by one or two levels? (It would be
really nice if there was a utility to generate a dependency tree for those
with defined dependencies.)

Another possibility, but I am unaware of any tweaks to do this, is to
increase the timeout or the retries value for Netlogon.

 

[Ace Fekay [MVP]]

In

"Ace Fekay [MVP]"


Okay, I'm game. The service of interest is MSSQLSERVER, currently
dependent upon nothing. Care to guess at a service name that has a
dependency chain deep enough to push this one out past DNS by one or
two levels?

Make it depend on the netlogon service and maybe the LSAS service. Don't
have a DC in front of me at the moment, but I think that's what the service
is called.

(It would be really nice if there was a utility to
generate a dependency tree for those with defined dependencies.)

I don;t know of one, unfortunately.

Another possibility, but I am unaware of any tweaks to do this, is to
increase the timeout or the retries value for Netlogon.

I don't know of any tweaks such as this, but not sure if this setting
relates, I did find this below from this page:
http://www.windowsnetworking.com/kb...omainLogonTimeoutforNetLogonduetoslowWAN.html
SYSTEM\CurrentControlSet\Services\NetLogon\Parameters
Type: REG_DWORD
Name: ExpectedDialupDelay
Value: 0-600 seconds

Maybe just try the dependency setting for netlogon for now and see what
happens.

Ace

 

[MyndPhlyp]

"Ace Fekay [MVP]"

In

Make it depend on the netlogon service and maybe the LSAS service. Don't
have a DC in front of me at the moment, but I think that's what the service
is called.


I don;t know of one, unfortunately.



I don't know of any tweaks such as this, but not sure if this setting
relates, I did find this below from this page:
http://www.windowsnetworking.com/kb...omainLogonTimeoutforNetLogonduetoslowWAN.html
SYSTEM\CurrentControlSet\Services\NetLogon\Parameters
Type: REG_DWORD
Name: ExpectedDialupDelay
Value: 0-600 seconds

Maybe just try the dependency setting for netlogon for now and see what
happens.

Well, hanging MSSQLSERVER off Netlogon ain't the answer. I'll have to do a
little digging to find the real name for LSAS. (Too much uptime today. I'll
wait until my head clears in the AM.)

I'll also snoop around the MS site (and Google) a bit more on Netlogon
parameters. The ExpectedDialupDelay might be a good tweak.

I'd rather tweak up the tolerance on Netlogon than daisy-chain service
dependencies. The down side is that the more services that get started the
more likely it will have to be re-tweaked, but that's why God created
Post-It notes.

BTW - just for grins after my previous post, I took the various SQL Server
components off autostart and rebooted. No errors, so it looks like the right
suspect.

 

[Ace Fekay [MVP]]

In

Well, hanging MSSQLSERVER off Netlogon ain't the answer. I'll have to
do a little digging to find the real name for LSAS. (Too much uptime
today. I'll wait until my head clears in the AM.)

I'll also snoop around the MS site (and Google) a bit more on Netlogon
parameters. The ExpectedDialupDelay might be a good tweak.

I'd rather tweak up the tolerance on Netlogon than daisy-chain service
dependencies. The down side is that the more services that get
started the more likely it will have to be re-tweaked, but that's why
God created Post-It notes.

BTW - just for grins after my previous post, I took the various SQL
Server components off autostart and rebooted. No errors, so it looks
like the right suspect.

I know what you mean by daisy chaining services. Post-Its? Wasn't that Raimy
and Michelle?

Maybe you can create an OU level GPO with a machine startup script to kick
up SQL? This way it absolutely will start AFTER Netlogon. Maybe there are
even parameters to slow it down too? Just a guess.

Ace

 

[MyndPhlyp]

"Ace Fekay [MVP]"

I know what you mean by daisy chaining services. Post-Its? Wasn't that Raimy
and Michelle?

Maybe you can create an OU level GPO with a machine startup script to kick
up SQL? This way it absolutely will start AFTER Netlogon. Maybe there are
even parameters to slow it down too? Just a guess.

Raimy and Michelle created what ... daisy-chaining Post-It Notes? It is
actually a very useful methodology when you run out of space around the
perimeter of the monitor. The indexing and searching algorithms leave much
to be desired though.

As in writing a startup script and referencing it via the Domain
Controller's Group Policy's Computer Configuration => Windows Settings =>
Scripts object?

I guess I'll have to do some real digging (for a change) into SQL Server to
see what is needed to fire that puppy up via the command line. It's been a
while since I've written scripts for NT. (Still have the old school book
"Windows NT Shell Scripting" by Tim Hill.) This will be an interesting
experience.

 

[Ace Fekay [MVP]]

In

"Ace Fekay [MVP]"


Raimy and Michelle created what ... daisy-chaining Post-It Notes? It
is actually a very useful methodology when you run out of space
around the perimeter of the monitor. The indexing and searching
algorithms leave much to be desired though.

I guess indexing it would seem to be a nightmare!
btw- that Post-It reference (in case anyone is interested) is from a movie
with the name of the girls.

As in writing a startup script and referencing it via the Domain
Controller's Group Policy's Computer Configuration => Windows
Settings => Scripts object?

Yes. If its the only DC, yes. If not, I would do it in the local GPO (by
accessing gpedit.msc at a Run command).

I guess I'll have to do some real digging (for a change) into SQL
Server to see what is needed to fire that puppy up via the command
line. It's been a while since I've written scripts for NT. (Still
have the old school book "Windows NT Shell Scripting" by Tim Hill.)
This will be an interesting experience.

The script (name it .bat) would pretty much just have one line in it or one
per service (whatever SQL needs), such as:

net start mssqlserver (or whatever the service is called)



--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services

Security Is Like An Onion, It Has Layers
HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.

 

[LostInSpace]

Dear Fellows,


I accidentally came across a simple solution for this 5782 NETLOGO
problem: in the Network Connection properties page, TCP/IP protocol
the DNS tab of the Advanced TCP/IP Settings, on the DC/DNS machine
check the "Register this connection's adresses in DNS" and check als
"Use this connection's DNS suffix in DNS registration.

I had the same troubles that you had (I read all this thread) with thi
5782 Event, and nothing would make it go away, but the above solution
Believe me, I found it just by chance. I hope it helps you and others


Sincerely,


LostInSpace
(e-mail address removed)

*It is an old chestnut judging by the Google searches I've done, bu
I just
can't seem to find the majik to get this last warning out of m
logs.

I'm getting a 5782 from NETLOGON, but only at boot on the server.

"Dynamic registration or deregistration of one or more DNS record
failed
with the following error:
No DNS servers configured for local system."

DCDIAG comes up squeaky clean.

DNS seems to be working just fine and the NS information is correct
DHCP is
doing its thing and WINS is doing its thing, all just as it shoul
be.

The domain controller has a static IP address as well as all tha
other fun
information.

According to all the pictures in the book, this should work
Evidently a
PEBKAC.

The original network configuration had a different machine as th
domain
controller. A new server, the one I'm having problems with, wa
built, added
to the domain and promoted. The old domain controller was demoted
removed
from the domain and eventually taken off the wire. After playin
musical
chairs on the deck of the SS Titanic, I set up DHCP and DNS.

I have managed to fix up of few of the SNAFU's that happen durin
such a
transition. This has to be one of those commonly overlooked tweaks
failed
to perform, but I just can't put my finger on it.

Any help for the incompetent? * :

-
LostInSpac