You may receive event ID 5807 on a Windows Server 2003-based domain controller (889031)
The information in this article applies to:
- Microsoft Windows Server 2003, Enterprise Edition
- Microsoft Windows Server 2003, Standard Edition
SYMPTOMSWhen a client computer logs on to a domain that includes Microsoft Windows Server 2003-based domain
controllers and Active Directory directory service sites, the client computer is authenticated by a remote domain controller
instead of by the local domain controller. Additionally, you may receive an event that
is similar to the following in the System event log of the local Windows Server 2003-based domain
controller: Event ID: 5807
Source: NETLOGON
User: N/A
Computer: ComputerName
Description: During the past number hours there have been number connections to this Domain Controller from client
machines whose IP addresses don't map to any of the existing sites in the enterprise. Those
clients, therefore, have undefined sites and may connect to any Domain Controller including
those that are in far distant locations from the clients. A client's site is determined by the
mapping of its subnet to one of the existing sites. To move the above clients to one of the sites,
please consider creating subnet object(s) covering the above IP addresses with mapping to one of
the existing sites. The names and IP addresses of the clients in question have been logged on
this computer in the following log file 'SystemRoot\debug\netlogon.log' and, potentially, in the
log file 'SystemRoot\debug\netlogon.bak' created if the former
log becomes full. The log(s) may contain additional unrelated debugging information. To filter
out the needed information, please search for lines which contain text 'NO_CLIENT_SITE:'. The
first word after this string is the client name and the second word is the client IP address.
The maximum size of the log(s) is controlled by the following registry DWORD
value'HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters\LogFileMaxSize';
the default is 20000000 bytes. The current maximum size is 20000000 bytes. To set a different
maximum size, create the above registry value and set the desired maximum size in bytes.
If you examine the Netlogon.log file on the Windows Server 2003-based domain controller, you may find text entries that are similar to the
following in the Netlogon.log file: 07/22 10:02:32 netbios_Domain_Name: NO_CLIENT_SITE: Client_NameClient_IPaddress
07/22 10:02:32 netbios_Domain_Name: NO_CLIENT_SITE: Client_NameClient_IPaddress
07/22 10:03:07 netbios_Domain_Name: NO_CLIENT_SITE: Client_Name Client_IPaddress Note netbios_Domain_Name is the NetBIOS name of the domain. Client_Name is the name of the client computer. Client_IPaddress is the IP address of the client computer. CAUSEThis issue may occur if the following conditions are true: - The IP address of the client computer is not defined.
- The IP address of the client computer is not mapped to an existing site in the Subnets folder of the
Active Directory Sites and Services snap-in on the local domain controller.
RESOLUTIONTo resolve this issue, define the IP address of the client computer in the Subnets folder, and then map the IP address to the site that contains the local domain controller. To do this, follow these steps: - Click Start, point to Programs, point to Administrative Tools, and then click Active
Directory Sites and Services.
- In the left pane, locate and then click the Sites\Subnets folder.
- Right-click Subnets, and then click New Subnet.
- In the Address box, type the IP address of the client.
- In the Mask box, type the subnet mask of the client.
- In the Site Name list, click the site object that you want to join the client to, and then
click OK.
Note When you select a site object, you have to select the site object that contains the
local domain controller.
- On the File menu, click Exit to close Active Directory Sites and Services.
| Modification Type: | Major | Last Reviewed: | 12/23/2004 |
|---|
| Keywords: | kbtshoot KB889031 kbAudITPRO |
|---|
|