Error Message
The dynamic registration of the DNS record '_ldap._tcp.cdomain.local. 600 IN SRV 0 100 389 domain.name.' failed on the following DNS server:
DNS server IP address: 10.10.11.16
Returned Response Code (RCODE): 0
Returned Status Code: 10054
For computers and users to locate this domain controller, this record must be registered in DNS.
USER ACTION
Determine what might have caused this failure, resolve the problem, and initiate registration of the DNS records by the domain controller. To determine what might have caused this failure, run DCDiag.exe. To learn more about DCDiag.exe, see Help and Support Center. To initiate registration of the DNS records by this domain controller, run 'nltest.exe /dsregdns' from the command prompt on the domain controller or restart Net Logon service.
Or, you can manually add this record to DNS, but it is not recommended.
ADDITIONAL DATA
Error Value: An existing connection was forcibly closed by the remote host.
Solution
To resolve this behavior, add the Internet Protocol (IP) address of the DNS server that is authoritative for the Active Directory domain name to the IP Protocol (TCP/IP) Properties, and then move it to the top of the list:
On the desktop, right-click My Network Places, and then click Properties.
Right-click the appropriate connection object, and then click Properties.
Click Internet Protocol (TCP/IP), and then click Properties.
Click Advanced.
Click DNS.
Click Add, type the IP address of the DNS server in the DNS server box, and then click Add.
Click the arrows to move the IP address of the Active Directory DNS server to the top of the list.
Click OK in the open dialog boxes to close them and save the new settings.
Stop and then restart the Netlogon Service. The Event ID 5774 error messages should no longer occur.
Related Error: "DNS server unable to interpret format." - This error message may be generated in several circumstances. See ME259277 for a general approach on troubleshooting this. In some cases this may be caused by the security setting on the parent.local server being set to only use secure updates. Changing this to allow "dynamic updates" (instead of only secure) might eliminate the problem.
Discussion thread suggested that the event was caused by the fact that the Active Directory Domain Controller running the DNS server did NOT point to itself as a DNS server (instead it used the ISP DNS servers). Changing the DNS server settings to point to itseld fixed the problem.
Related Error: "A socket operation was attempted to an unreachable host." - Apparently, the DNS server is not reachable. This could be due to network problems (cables, hubs, etc...) or the server may be down (or the IP address changed). Verify that there is connectivity between the computer reporting the problem and the DNS servers where is trying to register.
Related Error: "DNS RR set that ought not exist, does exist.".
- As per Microsoft, when the Netlogon service tries to register the GUID record in the _msdcs.forestrootzone, the GUID record may not be registered if there is an MX record that is wildcard character (*). The Netlogon service does a DNS query of type ALL for the guid._msdcs.forestrootzone. If a wildcard record exists, the DNS server responds to the query with the MX server information and the dynamic update does not succeed. See ME325208.
- From a newsgroup post: "If you have a CName (or other record) for the same hostname that was manually entered and is preventing a dynamic host registration then you need to remove the manual record.
1. Rename Netlogon.dnb and Netlogon.dns on the machine that registers the 5774 event
2. Delete Netlogon.dnb and Netlogon.dns on the same machine
3. Reboot Computer
4. Check system log for the error"
The dynamic registration of the DNS record '_ldap._tcp.cdomain.local. 600 IN SRV 0 100 389 domain.name.' failed on the following DNS server:
DNS server IP address: 10.10.11.16
Returned Response Code (RCODE): 0
Returned Status Code: 10054
For computers and users to locate this domain controller, this record must be registered in DNS.
USER ACTION
Determine what might have caused this failure, resolve the problem, and initiate registration of the DNS records by the domain controller. To determine what might have caused this failure, run DCDiag.exe. To learn more about DCDiag.exe, see Help and Support Center. To initiate registration of the DNS records by this domain controller, run 'nltest.exe /dsregdns' from the command prompt on the domain controller or restart Net Logon service.
Or, you can manually add this record to DNS, but it is not recommended.
ADDITIONAL DATA
Error Value: An existing connection was forcibly closed by the remote host.
Solution
To resolve this behavior, add the Internet Protocol (IP) address of the DNS server that is authoritative for the Active Directory domain name to the IP Protocol (TCP/IP) Properties, and then move it to the top of the list:
On the desktop, right-click My Network Places, and then click Properties.
Right-click the appropriate connection object, and then click Properties.
Click Internet Protocol (TCP/IP), and then click Properties.
Click Advanced.
Click DNS.
Click Add, type the IP address of the DNS server in the DNS server box, and then click Add.
Click the arrows to move the IP address of the Active Directory DNS server to the top of the list.
Click OK in the open dialog boxes to close them and save the new settings.
Stop and then restart the Netlogon Service. The Event ID 5774 error messages should no longer occur.
Related Error: "DNS server unable to interpret format." - This error message may be generated in several circumstances. See ME259277 for a general approach on troubleshooting this. In some cases this may be caused by the security setting on the parent.local server being set to only use secure updates. Changing this to allow "dynamic updates" (instead of only secure) might eliminate the problem.
Discussion thread suggested that the event was caused by the fact that the Active Directory Domain Controller running the DNS server did NOT point to itself as a DNS server (instead it used the ISP DNS servers). Changing the DNS server settings to point to itseld fixed the problem.
Related Error: "A socket operation was attempted to an unreachable host." - Apparently, the DNS server is not reachable. This could be due to network problems (cables, hubs, etc...) or the server may be down (or the IP address changed). Verify that there is connectivity between the computer reporting the problem and the DNS servers where is trying to register.
Related Error: "DNS RR set that ought not exist, does exist.".
- As per Microsoft, when the Netlogon service tries to register the GUID record in the _msdcs.forestrootzone, the GUID record may not be registered if there is an MX record that is wildcard character (*). The Netlogon service does a DNS query of type ALL for the guid._msdcs.forestrootzone. If a wildcard record exists, the DNS server responds to the query with the MX server information and the dynamic update does not succeed. See ME325208.
- From a newsgroup post: "If you have a CName (or other record) for the same hostname that was manually entered and is preventing a dynamic host registration then you need to remove the manual record.
1. Rename Netlogon.dnb and Netlogon.dns on the machine that registers the 5774 event
2. Delete Netlogon.dnb and Netlogon.dns on the same machine
3. Reboot Computer
4. Check system log for the error"