Microsoft KB Archive/259277

= Troubleshooting Netlogon Event 5774, 5775, and 5781 =

Article ID: 259277

Article Last Modified on 10/26/2007

-

APPLIES TO


 * Microsoft Windows 2000 Server
 * Microsoft Windows 2000 Advanced Server

-



This article was previously published under Q259277



IMPORTANT: This article contains information about modifying the registry. Before you modify the registry, make sure to back it up and make sure that you understand how to restore the registry if a problem occurs. For information about how to back up, restore, and edit the registry, click the following article number to view the article in the Microsoft Knowledge Base:

256986 Description of the Microsoft Windows Registry



SUMMARY
One or more error messages may be logged in the System event log if the Netlogon service registration or deregistration process does not succeed. This article describes these error messages and offers some troubleshooting considerations.



MORE INFORMATION
The Netlogon service on Windows 2000-based domain controllers performs several dynamic Domain Name System (DNS) registrations and deregistrations when the service starts and at regular intervals thereafter. For additional information, click the article number below to view the article in the Microsoft Knowledge Base:

246804 How to Enable/Disable Windows 2000 Dynamic DNS Registrations

Windows 2000 domain controllers may log one or more of the following events in the System event log:

Netlogon 5774 - Registration of the DNS record  failed.

-or-

Netlogon 5775 - Deregistration of the DNS record  failed.

-or-

Netlogon 5781 - Dynamic registration or deregistration of one or more DNS records failed.

General Troubleshooting Information
In general, these error messages are logged because the Netlogon service does not receive a &quot;success&quot; message from the DNS server that owns the zones of the records that are being registered. There are several reasons why the Netlogon service does not receive a &quot;success&quot; message:
 * Domain controller configuration: DNS server entries in the Transmission Control Protocol/Internet Protocol (TCP/IP) properties of the domain controller are not properly configured.
 * Connectivity: This domain controller does not have Internet Protocol (IP), or Transmission Control Protocol/User Datagram Protocol (TCP/UDP), connectivity to the DNS servers that own the zones to which records need to be registered or deregistered.
 * DNS server configuration: The DNS server cannot accept dynamic updates or is not configured to accept dynamic updates, as described in the Request For Comments (RFC) 2136 specification. If the DNS server that is used by the domain controller is not authoritative for the zones to which the Netlogon service is attempting to register or deregister, the DNS server must be able to provide (to this domain controller) the IP address of the DNS servers that are authoritative for the affected zones.

Netlogon 5774
The Netlogon 5774 error message is logged in the System event log when the Netlogon service on a domain controller cannot register an individual resource record. The event description contains the name of this resource record and other DNS parameters that are used for the registration attempt, for example:

Event Type: error

Event Source: NETLOGON

Event Category: None

Event ID: 5774

Date: 2/2/2000

Time: 8:27:03 PM

User: N/A

Computer: COMPUTER10

Description:

Registration of the DNS record 'corp.computer.com. 600 IN A 192.168.4.1' failed with the following error:

DNS server unable to interpret format.

Data:

0000: 29 23 00 00 )#..

Netlogon 5775
The Netlogon 5775 error message is logged in the System event log when the Netlogon service on a domain controller cannot deregister an individual resource record. The event description contains the name of this resource record and other DNS parameters that are used for the deregistration attempt, for example:

Event Type: error

Event Source: NETLOGON

Event Category: None

Event ID: 5775

Date: 3/2/2000

Time: 6:13:09 PM

User: N/A

Computer: COMPUTER10

Description:

Deregistration of the DNS record 'gc._msdcs.computer.com. 600 IN A 192.168.4.1' failed with the following error:

DNS bad key.

Data:

0000: 39 23 00 00 9#..

For additional troubleshooting steps, please view TCP/IP Troubleshooting in the TCP/IP Core Networking Guide section of the Windows 2000 Online Resource Kit located at

http://www.microsoft.com/technet/prodtechnol/windows2000serv/reskit/w2rkbook/CoreNetwork.mspx?mfr=true

Netlogon 5781
The Netlogon 5781 error message is logged in the System Event Log when the Netlogon service on a domain controller cannot register or deregister several resource records. The event description does not contain the names of these resource records. Also, the event description may be &quot;no DNS servers are available&quot; which can be misleading, for example:

Event Type: Warning

Event Source: NETLOGON

Event Category: None

Event ID: 5781

Date: 3/2/2000

Time: 4:29:12 PM

User: N/A

Computer: COMPUTER10

Description:

Dynamic registration or deregistration of one or more DNS records failed because no DNS servers are available.

Data:

0000: b4 05 00 00 ´...

WARNING: If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. Use Registry Editor at your own risk.

NOTE: A common cause for these errors is that a domain controller references itself as a primary DNS server in its TCP/IP properties. When the domain controller starts in this configuration, the Netlogon service may start before the DNS service starts. Because the Netlogon service must register records in DNS and the DNS service is not yet available, errors may occur. In this situation, you can safely ignore the errors because the Netlogon service will again try to register the records in approximately five minutes, at which time it will be successful. However, there are two ways to avoid the errors in this scenario:  Make sure that domain controllers do not reference themselves as a primary DNS server in their TCP/IP properties. Configure the Netlogon service to depend on the DNS service. This will cause the Netlogon service to start after the DNS service starts. To do this, run REGEDT32, and go to:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon

In the right pane, double-click the value DependOnService and add DNS to the next available blank line. Click OK and exit Registry Editor. For additional information, click the article number below to view the article in the Microsoft Knowledge Base:

193888 How to Delay Loading of Specific Services



Additional query words: win2000hotnet kbfaqw2knet

Keywords: kbproductlink kbdns kbenv kbhowto KB259277

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.