DNS EvenID 5774 - Netlogon error

[Bill Nguyen]

Win2K.
I have only 1 MX record in DNS setup and it points to this MAINSERVER.
Any suggestion is greatly appreciated.

Bill
---------------------

Event Type: Error
Event Source: NETLOGON
Event Category: None
Event ID: 5774
Date: 4/20/2004
Time: 10:21:06 AM
User: N/A
Computer: MAINSERVER
Description:
Registration of the DNS record
'928d7f41-9480-43fc-8708-c3f24b8367ab._msdcs.www.jaco.com. 600 IN CNAME
mainserver.www.jaco.com.' failed with the following error:
DNS RR set that ought to exist, does not exist.
Data:
0000: 30 23 00 00 0#..

 

[Kevin D. Goodknecht [MVP]]

In

Win2K.
I have only 1 MX record in DNS setup and it points to this MAINSERVER.
Any suggestion is greatly appreciated.

Bill
---------------------

Event Type: Error
Event Source: NETLOGON
Event Category: None
Event ID: 5774
Date: 4/20/2004
Time: 10:21:06 AM
User: N/A
Computer: MAINSERVER
Description:
Registration of the DNS record
'928d7f41-9480-43fc-8708-c3f24b8367ab._msdcs.www.jaco.com. 600 IN
CNAME mainserver.www.jaco.com.' failed with the following error:
DNS RR set that ought to exist, does not exist.
Data:
0000: 30 23 00 00 0#..

This has nothing to do with an MX record, 5774 events are generally caused
from using your ISP's DNS in TCP/IP properties. All members of an AD domain
must use the local DNS server that hosts the zone for the AD domain.

On a side note, It looks like you have named your active directory domain
www.jaco.com I can see this is going to cause you some unexpected results.
When a member of an AD domain authenticates to the domain and gets its group
policies assigned it uses the domain name to find the policies. That name
must resolve to an IP address on a domain controller that has file sharing
enabled. So in your case this share will be found at
\\www.jaco.com\SYSVOL\www.jaco.com\policies Are you beginning to see the
problem you are going to have with this name?
I know that when you access www.jaco.com you are going to want to get your
website, if that web site is not on your domain controllers then when your
machines get their GPOs they will be trying to find their GPOs on the web
server.

I would recommend you demote this and choose a different domain like
jaco.local.

 

[Bill Nguyen]

Thanks Kevin.
How much work would it take to change internal domain to jaco.local from
www.jaco.com (or NT domain name Jaco.com)?
What are the steps that I need to take?
I have about 5 Win2K and 03 servers in the DC group and about 100 client
machines.
Thanks again.
Bill

 

[Kevin D. Goodknecht [MVP]]

In

Thanks Kevin.
How much work would it take to change internal domain to jaco.local
from www.jaco.com (or NT domain name Jaco.com)?
What are the steps that I need to take?
I have about 5 Win2K and 03 servers in the DC group and about 100
client machines.
Thanks again.
Bill

If all your DCs were Windows Server 2003 and you had the Functional Level
Raised to Windows Server 2003 Functional Level and there is no Exchange
Server you can use domain rename option.
Other wise you would need to demote one of your DCs out of the domain,
promote it in a new forest using jaco.local as the forest root then use
ADMT to migrate the user and computer accounts to the new domain. This is
probably the easiest and quickest way. Once everything is migrated, demote
all the other DCs and Re-promote into the new domain.
By migrating the users their Profiles are migrated with the users.
You can even add jaco.com to AD Domains and Trusts as an Alternate UPN logon
name and users can logon with (e-mail address removed).