Event ID 5774 in Windows Server 2008 R2 SP1

Hi,

I would like to share this screen shot below.

event5774blockIP

 

How Event ID 5774 is still appeared in Domain Controller with running Windows Server 2008 R2 SP1.?

 

before we do so much discussion, I would like to compile the link from Microsoft related to event ID 5774.

 

http://support.microsoft.com/kb/977158

http://support.microsoft.com/kb/284963

 

I have the scenario below:

tree netoverme

 

The forwarder of my child domain was configured to query a parent domain domain (netoverme.info) either for Internal domains listed in parent domain or public DNS.

 

my scenario and event ID 5774 (at child domain) are related.

 

Event ID 5774 is logged to my child domain controller where the DNS is failing to register as error is quoted below:

Log Name: System
Source: NETLOGON
Date: 7/26/2014 6:51:45 AM
Event ID: 5774
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: NOM-CH1.child.netoverme.info
Description:
The dynamic registration of the DNS record ‘ForestDnsZones.netoverme.info. 600 IN A 10.78.1.112’ failed on the following DNS server:

DNS server IP address:
Returned Response Code (RCODE): 5
Returned Status Code: 9017

For computers and users to locate this domain controller, this record must be registered in DNS.

 

 

Check list for for workaround:

1. Check the ISP /DNS is not configured at NIC of child domain controllers and Parent Domain controlelr

2. check any unused NIC whethere they have ISP DNS or other DNS configured.

3. Check the AD zone is configured to allow dynamic updates. for example:

dynamic update

4. check on DNS delegation for child domain controller. child domain controller is preconfigured as DNS delegation when it is promoted.

 

All checklist have been completely verified but the event 5774 still there.

 

Solution:

At the end I know what is causing the problem, the problem is that the child domain could not contact the parent domain controller due to following:

– Domain Controllers are down

– DNS service is stopped

– Network Connectivity is bad such as WAN link drop, high network congestion.

 

 

 

Advertisements