Every 4 Hours I get about 10 NETLOGON Errors 5774, for example:

Bei der dynamischen Registrierung des DNS-Eintrags "_ldap._tcp.Standardname-des-ersten-Standorts._sites.dc._msdcs.domain.de. 600 IN SRV 0 100 389 SERVER.domain.local." auf folgendem DNS-Server ist ein Fehler aufgetreten: 

IP-Adresse des DNS-Servers: 217.160.80.136 / Verbindungsantwortcode (RCODE): 0 / Zurckgegebener Statuscode: 1460 

Here domain.de is the old domainname, Domain.local the new one, the change was made about 3 years ago. The Server runs well, there are no known Problems on daily work.

Over a long time I tried many things to solve the Problem, but no success.

- Recreating the DNS Zones

- dcdiag /fix

- Deleting the DNS Cache at Client/Serverside

- gpfixup

- Seaching the AD for old entries with Domain.de -> nothing found

- deleting netlogon.dns/netlogon.dnb and restart NETLOGON, call nltest /dsregdns

The last test recreates the netlogon-files and there I can see some obsolete entries pointing to domain.de,

for example: domain.de 600 IN A 192.168.0.11

but I don't find the right place, where I can fix this.

Has everyone an idea where I can find the source definition of this entries and what I can do to clean this?

• Edited by Freisu Friday, August 28, 2015 4:18 PM

Hi

 You could check this artilce for event is 5774

http://blogs.msmvps.com/acefekay/2014/07/26/event-id-5774/

Hi,

Can you check all required ports are open. Also possible can you take network trace using netsh command given below and share the log files on one drive.

Repadmin /SHOWREPL

repadmin /replsum /Errorsonly

DCDIAG /v /C /d /e /s:contoso.com

netsh trace start persistent=yes capture=yes tracefile=c:\temp\nettrace-boot.etl

Hi Freisu,

May I know what is your DC's Operating System?

if you can give me so much detail such as

do you have a child DC,

what is your Forwarders on root domain controller,

what your DNS setting for DCs?

and etc...

Thanks.

Hi, thanks for your reply.

BS: Windows Server 2008 R2
Only one Root DC, no childs

Network-Settiongs:
IP-DC: 192.169.0.11
IP-DNS (1): 192.168.0.11
IP-DNS (2): 127.0.0.1
Gateway: 192.168.0.1 (DSL-Router, Fritz-box)

DNS-Settings:
root hints: 192.168.0.11 (DC)
forwarder: 192.168.0.1 (DSL-Router)
Settings: nothing special

Domain-Names:
Old: xxx.de
New: xxx.local (since 2012)
Hosted Internet site: xxx.de (since 2013, the site is as far as I know not linked to the local Domain, buts the same Name as the old domain-Name.

I think the problem does not base on bad IP/DNS-settings, but on some (hidden) old fragments from the old domain-Name.
The key could be the netlogon.dns file which contains always some of the old entries.

Thanks

• Edited by Freisu 15 minutes ago

Hi,

that's all right, but all 5774 event-logs contain fragments of the old domain-Name and by accident the old Domain Name is identical with our extern hostet domain-Name.
So I think I should find the reason why the logon-Service creates some records based on the old domain-Name.

Thanks.