Eventid 5788 & 5789

A

Adrian Hirst

Hi,

I would very much appreciate it if someone could help me with the following
problems

I promoted a new Server to a DC and tried adding another server which is
going to be a mail server but unfortunately it failed with two events to do
with NETLOGON (5788 & 5789), when I do a DCDIAG on the DC it passes fine.

I have looked up various issues to do with these two DNS issues but
unfortunately everyone I come across talks about access denied errors which
is not the case with this.

Event Type: Error
Event Source: NETLOGON
Event Category: None
Event ID: 5789
Date: 22/06/2006
Time: 12:55:28
User: N/A
Computer: MAIL
Description:
Attempt to update DNS Host Name of the computer object in Active Directory
failed. The updated value was 'mail.codemonkeys.local'. The following error
occurred:
Cannot complete this function.
Data:
0000: eb 03 00 00 ë...

Event Type: Error
Event Source: NETLOGON
Event Category: None
Event ID: 5788
Date: 22/06/2006
Time: 12:55:28
User: N/A
Computer: MAIL
Description:
Attempt to update HOST Service Principal Names (SPNs) of the computer object
in Active Directory failed. The updated values were
'HOST/mail.codemonkeys.local' and 'HOST/MAIL'. The following error occurred:
Cannot complete this function.
Data:
0000: eb 03 00 00 ë...

When I run a NETDIAG on the mail server I get the following issues which I'm
guessing are somehow related


Kerberos test. . . . . . . . . . . : Failed
[FATAL] Kerberos does not have a ticket for MAIL$.


LDAP test. . . . . . . . . . . . . : Failed
[FATAL] Cannot do NTLM authenticated ldap_bind to 'server.codem
: Invalid Credentials.
[FATAL] Cannot do Negotiate authenticated ldap_bind to 'server.
ocal': Authentication Method Not Supported.
[WARNING] Failed to query SPN registration on DC 'server.codemo

[FATAL] No LDAP servers work in the domain 'THECODEMONKEYS'.

Can anyone help with this problem?

Best Regards

Ade.
 
J

Jorge Silva

P

Peter Demeyer

Sounds like your MAIL server has no permissions to write its DNS records in
Active Directory (A.D. integrated zone) or authenticate.
Is your MAIL server a member of this domain? You may have to remove it from
the domain and rejoin it if it is supposed to be a member.
 
A

Adrian Hirst

Hi,

Thankyou I have tried both these without success

Adrian


Peter Demeyer said:
Sounds like your MAIL server has no permissions to write its DNS records
in Active Directory (A.D. integrated zone) or authenticate.
Is your MAIL server a member of this domain? You may have to remove it
from the domain and rejoin it if it is supposed to be a member.

Adrian Hirst said:
Hi,

I would very much appreciate it if someone could help me with the
following problems

I promoted a new Server to a DC and tried adding another server which is
going to be a mail server but unfortunately it failed with two events to
do with NETLOGON (5788 & 5789), when I do a DCDIAG on the DC it passes
fine.

I have looked up various issues to do with these two DNS issues but
unfortunately everyone I come across talks about access denied errors
which is not the case with this.

Event Type: Error
Event Source: NETLOGON
Event Category: None
Event ID: 5789
Date: 22/06/2006
Time: 12:55:28
User: N/A
Computer: MAIL
Description:
Attempt to update DNS Host Name of the computer object in Active
Directory failed. The updated value was 'mail.codemonkeys.local'. The
following error occurred:
Cannot complete this function.
Data:
0000: eb 03 00 00 ë...

Event Type: Error
Event Source: NETLOGON
Event Category: None
Event ID: 5788
Date: 22/06/2006
Time: 12:55:28
User: N/A
Computer: MAIL
Description:
Attempt to update HOST Service Principal Names (SPNs) of the computer
object in Active Directory failed. The updated values were
'HOST/mail.codemonkeys.local' and 'HOST/MAIL'. The following error
occurred:
Cannot complete this function.
Data:
0000: eb 03 00 00 ë...

When I run a NETDIAG on the mail server I get the following issues which
I'm guessing are somehow related


Kerberos test. . . . . . . . . . . : Failed
[FATAL] Kerberos does not have a ticket for MAIL$.


LDAP test. . . . . . . . . . . . . : Failed
[FATAL] Cannot do NTLM authenticated ldap_bind to 'server.codem
: Invalid Credentials.
[FATAL] Cannot do Negotiate authenticated ldap_bind to 'server.
ocal': Authentication Method Not Supported.
[WARNING] Failed to query SPN registration on DC 'server.codemo

[FATAL] No LDAP servers work in the domain 'THECODEMONKEYS'.

Can anyone help with this problem?

Best Regards

Ade.
Click to expand...
Click to expand...
 
J

Jorge Silva

check:
http://www.eventid.net/display.asp?eventid=5789&eventno=343&source=NETLOGON&phase=1
http://www.eventid.net/display.asp?eventid=5788&eventno=350&source=NETLOGON&phase=1


--
I hope that the information above helps you

Good Luck
Jorge Silva
MCSA
Systems Administrator

Adrian Hirst said:
Hi,

Thankyou I have tried both these without success

Adrian


Peter Demeyer said:
Sounds like your MAIL server has no permissions to write its DNS records
in Active Directory (A.D. integrated zone) or authenticate.
Is your MAIL server a member of this domain? You may have to remove it
from the domain and rejoin it if it is supposed to be a member.

Adrian Hirst said:
Hi,

I would very much appreciate it if someone could help me with the
following problems

I promoted a new Server to a DC and tried adding another server which is
going to be a mail server but unfortunately it failed with two events to
do with NETLOGON (5788 & 5789), when I do a DCDIAG on the DC it passes
fine.

I have looked up various issues to do with these two DNS issues but
unfortunately everyone I come across talks about access denied errors
which is not the case with this.

Event Type: Error
Event Source: NETLOGON
Event Category: None
Event ID: 5789
Date: 22/06/2006
Time: 12:55:28
User: N/A
Computer: MAIL
Description:
Attempt to update DNS Host Name of the computer object in Active
Directory failed. The updated value was 'mail.codemonkeys.local'. The
following error occurred:
Cannot complete this function.
Data:
0000: eb 03 00 00 ë...

Event Type: Error
Event Source: NETLOGON
Event Category: None
Event ID: 5788
Date: 22/06/2006
Time: 12:55:28
User: N/A
Computer: MAIL
Description:
Attempt to update HOST Service Principal Names (SPNs) of the computer
object in Active Directory failed. The updated values were
'HOST/mail.codemonkeys.local' and 'HOST/MAIL'. The following error
occurred:
Cannot complete this function.
Data:
0000: eb 03 00 00 ë...

When I run a NETDIAG on the mail server I get the following issues which
I'm guessing are somehow related


Kerberos test. . . . . . . . . . . : Failed
[FATAL] Kerberos does not have a ticket for MAIL$.


LDAP test. . . . . . . . . . . . . : Failed
[FATAL] Cannot do NTLM authenticated ldap_bind to 'server.codem
: Invalid Credentials.
[FATAL] Cannot do Negotiate authenticated ldap_bind to 'server.
ocal': Authentication Method Not Supported.
[WARNING] Failed to query SPN registration on DC 'server.codemo

[FATAL] No LDAP servers work in the domain 'THECODEMONKEYS'.

Can anyone help with this problem?

Best Regards

Ade.
Click to expand...
Click to expand...
Click to expand...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Event ID's 5788, 5789, 8032 1
Event ID 5788 & 5789, source Netlogon 3
I get this error on our print server when using 1
Netdiag Kerberos Fail 5
Event ID: 5788 error in log but I can log on to domain 1
netlogon error 1
Event ID 5789 1
Root domain controller LDAP Failure 3

Top