Adding service dependency in regedit

[Lizardkng]

I have read some articles on eventid.net that have outlined a repair by editing the registry. The error im trying to resolve is:

Event ID: 5781
Source NETLOGON
Type Warning
Description Dynamic registration or deregistration of one or more DNS records failed because no DNS servers are available.

I think I have figured out that the reason for this is because NETLOGON requires DNS, and since I am only running DNS on one server, and its the PDC, that NETLOGON is trying to start before DNS has started. So, the following article from MS outlines the fix:

The Netlogon service can be delayed to ensure that the DNS Server service is up and running for Dynamic DNS registration and query for existing Active Directory domain controllers that are in the DNS server database. Use the DependOnService in the Netlogon and add DNS to the list of LanmanWorkstation and LanmanServer. This delays Netlogon from starting until the DNS Server service on that same computer is started and ready.

And how to do it:
For example, you may want to ensure that your Server service loads before the Windows Internet Name Service (WINS). If you select the WINS key in the registry, you will notice that the DependOnService value already exists in the WINS key. In a default installation, WINS is already dependent on both RPCSS (Remote Procedure Call) and NTLMSSP (Windows NT LanMan Security Support Provider) services. To add the Server service to this list, double-click the DependOnService value. In the Multi-String Editor, on the line below NTMLSSP, add the entry "LANMANSERVER" (without quotation marks), and then click OK.

In my case, I want to start DNS before NETLOGON, so, I fired up regedit, HKEY_LOCAL_MACHINE\Systems\CurrentControlSet\Services\Netlogon double click DependOnService, and on the right hand side it has L.a.n.m.a.n.S.e.r.v.e.r.L.a.n.m.a.n.W.o.r.k.s.t.a.t.i.o.n

And I assumed that I add DNS under them, and as I do add DNS, on the left side, it adds:

44 4E 53

I click ok, and I would expect to see DNS listed next to Lanman under the DATA column, but its not there. Also, when I open services, and look at NETLOGON dependencies, DNS is not there...

I double click on the DependOnService key again, and instead of saying DNS like I typed, it says DN. (as in DN dot)

Am I doing something wrong?

(sorry so long)

 

[InfrArch]

Hello,

Please, review very carefully the following MS articles:
311354
263091
244669
252695
259277
257462

Definitely you'll be able to solve the problem.
Please, reply with the research results.




Victor K
psas@canada.com
MCSE+I;MCSA;MCSE(w2k);CNE(5.1);MCNE(6);CIWSP;CIWSA.

 

[Lizardkng]

Copied straight from one of those articles: (Q259277)

Netlogon 5781
The Netlogon 5781 error message is logged in the System Event Log when the Netlogon service on a domain controller cannot register or deregister several resource records. The event description does not contain the names of these resource records. Also, the event description may be "no DNS servers are available" which can be misleading, for example:

Event Type: Warning
Event Source: NETLOGON
Event Category: None
Event ID: 5781
Date: 3/2/2000
Time: 4:29:12 PM
User: N/A
Computer: COMPUTER10

Description:
Dynamic registration or deregistration of one or more DNS records failed because no DNS servers are available.

Data:
0000: b4 05 00 00 ´...

NOTE: A common cause for these errors is that a domain controller references itself as a primary DNS server in its TCP/IP properties. When the domain controller starts in this configuration, the Netlogon service may start before the DNS service starts. Because the Netlogon service must register records in DNS and the DNS service is not yet available, errors may occur. In this situation, you can safely ignore the errors because the Netlogon service will again try to register the records in approximately five minutes, at which time it will be successful. However, there are two ways to avoid the errors in this scenario:
Make sure that domain controllers do not reference themselves as a primary DNS server in their TCP/IP properties.

Configure the Netlogon service to depend on the DNS service. This will cause the Netlogon service to start after the DNS service starts. To do this, run REGEDT32, and go to:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon

In the right pane, double-click the value DependOnService and add DNS to the next available blank line. Click OK and exit Registry Editor.

This is exaclty the fix I have tried to implement.

My question wasnt "how do I fix this error", my question was "Why dont the changes I make to the registry appear to have taken affect?"

 

[InfrArch]

OK...
simple question :
did you restarted your PC after you maded the changes in the registry?

Victor K
psas@canada.com
MCSE+I;MCSA;MCSE(w2k);CNE(5.1);MCNE(6);CIWSP;CIWSA.

 

[nobleman]

Hope this helps.

I had this test machine that was a DC running DNS. I was getting this error, every two hours. I got rid of this error as follows:
1. In the TCP/IP properties of the machine I selected "Advanced" and then "DNS"
2. In the "DNS server addresses, in order of use:" I put the IP of my DNS server at the top, then the forwarders.

Before the 5781 I was getting the 5782 error - for that I made the recommended changes in the registry:
Key: HKEY_LOCAL_MACHINE\Systems\CurrentControlSet\Services\Netlogon\Parameters
Create a new DWORD value and name it: DnsUpdateOnAllAdapters. Set the value to 1.

This error may occur in several circumstances. See Q259277 for a general approach on troubleshooting this error message.

The event can also be caused by start of NETLOGON service before DNS if hosted on same Domain Controller - see Q193888 - adding DNS as a dependency for Netlogon service - (link below)

One particular condition is when a DNS server running BIND is used a forwarder in a Windows 2000-based DNS. Due to its behavior on caching DNS records, a response to a DNS query made by a Windows 2000 server to dynamically register a client computer name may appear as not being authoritative (even if it is). In this case the Windows 2000 server informs the client that the request failed. As per Microsoft, this problem was fixed with SP1.

Q252695 says that when a Windows 2000-based Active Directory-integrated DNS server that hosts a global catalog boots, the registration of specific SRV records may not succeed. The service startup order prevents certain SRV records from being registered because those services start before DNS is ready to receive registrations on a global catalog server. To work around this behavior, specify a different Windows 2000-based Active Directory-integrated DNS server on the DNS tab in the Advanced TCP/IP Settings dialog box.

Microsoft's KB article Q311354 only tells you half the story, there is another file called netlogon.dnb that holds those records. That file should be removed as well as doing what Q311354 tells you to do. Stale resource records now disappear for good. CCIE,MCSE+I;MCSA;MCSE(w2k);CNE(5.1);MCNE(6);CIWSP;CIWSA

 

[zebbydee]

Use regedt32.exe instead of regedit.exe to make the change. Regedt32 provides a plaintext editor for the REG_MULTI_SZ (multiple string) data type, while regedit does not.

 

[Ebayironman]

zebbydee hit the nail on the head! Use regedt32 not regedit for this fix to work.
Thanks again for all your dedication and help folks.

 

[sorenl]

Nobleman has a good point regarding the DNS configuration under advanced TCP/IP properties for the LAN connection(s).

I also have a DC (SP4), running DNS. I was getting event id 5781 every 2 hours: "Dynamic registration or deregistration of one or more DNS records failed because no DNS servers are available". I unchecked the "Register this connection's addresses in DNS" checkbox. This changed the behavior slightly and instead I got event id 5782: "Dynamic registration or deregistration of one or more DNS records failed with the following error: No DNS servers configured for local system."

I then changed the DNS configuration under advanced TCP/IP properties for the LAN connection, listing the IP of the DC (and DNS) first, before the two external DNS servers (BIND).

Now, a couple of hours later, and after using "net stop netlogon" and "net start netlogon" it seems to have solved the problem. If it didn't I'll post another message.