locked
Computer was not able to setup a secure session with a domain controller RRS feed

  • Question

  • Hello,

    I am getting Event Id 5719, source is NETLOGON.  I have tried many different things such as removing and re-adding the computer account.  I have also looked online with no success.  Any assistance would be much appreciated.  I am on Windows 7 PRo.  See below for more info:

    This computer was not able to set up a secure session with a domain controller in domain Domain due to the following:

    There are currently no logon servers available to service the logon request.

    This may lead to authentication problems. Make sure that this computer is connected to the network. If the problem persists, please contact your domain administrator.

    - System

       
    - Provider
          [ Name] NETLOGON
       
    - EventID 5719
          [ Qualifiers] 0
       
      Level 2
       
      Task 0
       
      Keywords 0x80000000000000
       
    - TimeCreated
          [ SystemTime] 2010-10-13T22:43:37.000000000Z
       
      EventRecordID 42503
       
      Channel System
         
       
      Security

    - EventData

        T
        %%1311
        5E0000C0

    Binary data:

    In Words

    0000: C000005E

    In Bytes

    0000: 5E 00 00 C0 ^..À

     

    Wednesday, October 13, 2010 10:50 PM

Answers

  •  Hi,

     

    Thanks for posting in Microsoft TechNet forums.

     

    If you can correctly log on to the domain, you can safely ignore event ID 5719.

     

    Because the Netlogon service may start before the network is ready, the computer may be unable to locate the logon domain controller. Therefore, event ID 5719 is logged. However, after the network is ready, the computer will try again to locate the logon domain controller. In this situation, the operation should be successful.

     

    Best Regards

    Magon Liu

    TechNet Subscriber Support in forum. If you have any feedback on our support, please contact tngfb@microsoft.com

     


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. ”
    • Marked as answer by Magon Liu Thursday, October 21, 2010 2:57 AM
    Thursday, October 14, 2010 8:47 AM

All replies

  • This event can be found on a lot of Windows 7 clients, but are you really experiencing a problem and what is the actual problem?
    Blogging about Windows for IT pros at www.theexperienceblog.com
    Thursday, October 14, 2010 6:09 AM
  •  Hi,

     

    Thanks for posting in Microsoft TechNet forums.

     

    If you can correctly log on to the domain, you can safely ignore event ID 5719.

     

    Because the Netlogon service may start before the network is ready, the computer may be unable to locate the logon domain controller. Therefore, event ID 5719 is logged. However, after the network is ready, the computer will try again to locate the logon domain controller. In this situation, the operation should be successful.

     

    Best Regards

    Magon Liu

    TechNet Subscriber Support in forum. If you have any feedback on our support, please contact tngfb@microsoft.com

     


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. ”
    • Marked as answer by Magon Liu Thursday, October 21, 2010 2:57 AM
    Thursday, October 14, 2010 8:47 AM
  • Hi,

     

    Thanks for posting in Microsoft TechNet forums.

    As this thread has been quiet for a while, we assume that the issue has been resolved. At this time, we will mark it as ‘Answered’ as the previous steps should be helpful for many similar scenarios. If the issue still persists, please feel free to  reply this post directly so we will be notified to follow it up. You can also choose to unmark the answer as you wish.

    BTW,  we’d love to hear your feedback about the solution. By sharing your experience you can help other community members facing similar problems. Thanks for your understanding and efforts.

     

    Best Regards

    Magon Liu

    TechNet Subscriber Support in forum. If you have any feedback on our support, please contact tngfb@microsoft.com

     


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. ”
    Monday, October 18, 2010 2:48 AM
  • Have you changed the password recently?

    Also check if your Win7 time is sync with it's logon DC.

     


    Leon Liu - Technical Lead
    Wednesday, October 27, 2010 5:43 AM
  • I'm also having the exact problem. Only happens with my Win7 PCs. We have Win2003 DC environment. In my case, the NIC device driver reported started with link status 100Mbs full duplex. About seven seconds later, get the Netlogon error. Though we are able to logon to the domain, the error is accross the board on all PCs. We are also getting User Profile Service delays of up to two minutes at log on. Any suggestions?

     

    Thursday, October 28, 2010 3:20 PM
  • Bennun I have the same issue. A network connection is established 12 seconds before I see the netlogon event. I am running W7 SP1 with a W2k3 domain.

    Does anyone have an answer to this? we didnt see it on XP

    Tuesday, April 12, 2011 1:08 PM
  • Bennun I have the same issue. A network connection is established 12 seconds before I see the netlogon event. I am running W7 SP1 with a W2k3 domain.

    Does anyone have an answer to this? we didnt see it on XP


    I too have this issue and have not been able to resolve it.
    Monday, July 11, 2011 9:22 PM
  • On Experts Exchange, I found a related thread. Here's the relevant part:

    I found that the Gigabite Broadcom adaptors did not like the "Media sensing" feuture from microsoft.
    Added a registry key to \hklm\system\currentcontrolset\services\tcpip\parameters - added a "DWORD" DisableDHCPMediaSense = 1.
    This made all my issues go away.

     I had the same error, and this registry entry seemed to solve it.

    Friday, August 12, 2011 4:01 PM
  • This MediaSense disabling did work on WinXP Clients. We also found out that setting the MediaType from Auto (1gbs) to 100Mbs-FullDuplex. But both didnt work on Win7 anymore

     

    We too have several Win7 Clients that have this issue. Problem with that is, the affected PC's dont receive Grouppolicies and wil not install MSI Packages before Login.

     

    By now we dont have found a wayy to fix this with Win7 clients and would be gratefull if anyone does.




    • Edited by M.Schmetz Tuesday, October 18, 2011 10:54 AM
    Tuesday, October 18, 2011 8:16 AM
  • Does anyone have an update on this issue? I am also having this issue on Win7 clients. Users can't log in to the domain

    Friday, October 21, 2011 9:20 PM
  • The Netlogon 5719 event itself is very generic - by itself it doesn't give you enough details to troubleshoot this.
    The sum of it is that when it is logged the machine is unable to locate a Domain Controller - typically because it doesn't have IP connectivity to the network at that point.

    I.e. there is no universal answer to what is the underlying cause for not finding a domain controller when the event is logged - you'll need to dig deeper and find other factors to answer this.  Most of them are going to be somewhere in the networking layer.

    Check http://blogs.technet.com/b/instan/archive/2008/09/18/netlogon-5719-and-the-disappearing-domain.aspx for some points to follow.

    Thursday, November 17, 2011 8:20 AM
  • I had the same issue. I found the following MS KB Aricle which finally resolved my problem:

    http://support.microsoft.com/kb/2421599

    All MSI Packeges are installed as intended.

    Another Problem we had was the GPO "Turn off background refresh of Group Policy" (a colleague has enabled this by mistake) combined with the issue the clients didn´t recieved any computer policies at all.

    Hopefully this also helps you.

     

    • Proposed as answer by mj85 Tuesday, April 21, 2015 10:43 AM
    Monday, November 28, 2011 1:40 PM
  • Thank you. This GpNetworkStartTimeoutPolicyValue is a "working" workarround but no solution.

     

    Netlogon 5719 still appears, timeserver errors too.

     

    Its weird because not every computer has this which is connected trough the same building with same switch

     

     

    Monday, November 28, 2011 2:08 PM
  • I have somewhat the same errors (5719) and some others.  A few Windows 7 PC users have reported that they are not able to login and are getting the "The trust relationship between the primary domain and the trusted domain failed"

    In troubleshooting, we found the 5719 error: 

    This computer was not able to set up a secure session with a domain controller in domain DOMAIN due to the following:

    There are currently no logon servers available to service the logon request.

    This may lead to authentication problems. Make sure that this computer is connected to the network. If the problem persists, please contact your domain administrator.

    

    And also found 3210 error: 

    This computer could not authenticate with DC, a Windows domain controller for domain DOMAIN, and therefore this computer might deny logon requests. This inability to authenticate might be caused by another computer on the same network using the same name or the password for this computer account is not recognized. If this message appears again, contact your system administrator.

    

    We also lost the ability to login with local admin as the password has been changed randomly.

    Tuesday, December 6, 2011 5:58 PM
  • Netlogon 5719 is your workstation saying "Hey! I can't find a domain controller on the network for this domain!!"... by itself it doesn't mean you have a problem if your workstation locates a DC later on when it has network connectivity.

    I.e. this is almost always an issue with the network or DNS name resolution, that is where your initial troubleshooting should be focused.

    See the blog link http://blogs.technet.com/b/instan/archive/2008/09/18/netlogon-5719-and-the-disappearing-domain.aspx for suggested troubleshooting steps.

    See also http://blogs.technet.com/b/instan/archive/2010/10/12/the-problem-with-problems.aspx if you see Netlogon 5719 being logged but don't have any problem as a result of it.

    Friday, December 16, 2011 8:54 AM
  • Hi  Almost a week i am working on that problem and i solve it!   . We have 400 windows Seven connected on a  domain with 2003 an s008 server .  the  "Startup policy processing wait time" above  solve allmost all Policy problem we have.  i set it to 60 sec. (event id 1055 an 1058) .  Now ,The only event  we have was the even 5719 NETLOGON when the system startup.   i play to try  to  stop teredo service  with no success (netst, int teredo,set state disable). I also disable and remove teredo host adapter with same result . I have start a netlog  and when i take a look to the log we can see  couple line before "[MISC] Eventlog: 5719 (1) "NETBIOS_DOMAIN... "  this line "[CRITICAL] NlBrowserSendDatagram: No transports available"  it mean no media detected...  I solve the problem by Setting NIC property "Wait for Link" from Auto to On on my adapter cart .

    regards

    Becosses

    Tuesday, April 3, 2012 4:36 PM
  • hi

     Here is a bonus if you want to apply the "Wait for link" via a GPO ! 

    Just add the vbs script to the shutdown  GPO to your computer .You may need to ajust the description name for your nic Mnfgr.

    The script is a machine shutdown script applied to GPO on all machines. It will only apply to the machines that have the Intel NIC that is effected.

    Hope this helps,

    ref: http://en.community.dell.com/support-forums/network-internet-wireless/f/3324/p/16940338/17102233.aspx#17102233

    Regards

    Becosses

    Option Explicit
    Dim WshShell, bKey
    Set WshShell = WScript.CreateObject("WScript.Shell")

    bKey = WshShell.RegRead("HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002bE10318}\0007\DriverDesc")

    If bKey = "Intel(R) 82578DM Gigabit Network Connection" Then
    WshShell.RegWrite "HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002bE10318}\0007\WaitAutoNegComplete", "1", "REG_SZ"
    Else
    WScript.quit
    End If

    Tuesday, April 3, 2012 7:45 PM
  • Hi, Check The DNS Servers entries on the NIC of the machine.
    Tuesday, April 10, 2012 5:01 PM
  • I have noted that problem is maybe related with NIC hardware.

    On all computers where I have experimented this trouble (with related GroupPolicy event 1129 and time-service event 129) today I have discovered that connecting NIC to an little 10/100 switch the trouble will disappear.

    All PC affected have a on-board Relateck NIC, I don't have W7 PC with different brand of NIC so I cannot test if trouble is related to this adapter family or is a general windows problem.

    Regards.

    • Proposed as answer by sv1slim Wednesday, February 13, 2019 6:52 PM
    Monday, September 24, 2012 9:25 AM
  • Hi everybody,

    has anyone a solutions since the last post. We got the same problem that the some PCs doesn´t have a connection to the server at startup and don’t receive Grouppolicies and will not install MSI Packages before Login.

    It´s wired it´s affecting round about 30% of the Pcs, the same pc type and the image installation

    thanks

    Monday, November 12, 2012 9:33 AM
  • Hi - May not be related to the original problem, but I had this very error this morning, and In my case it was for a domain that was once trusted and had now be removed.

    Event ID 5719 'This computer was not able to set up a secure session'

    Pete


    Regards Pete Long http://www.petenetlive.com

    Thursday, November 15, 2012 10:19 AM
  • This solution fixed my issue. I've seen it intermittently popping up the last 24 months or so at some (but not all) sites. The solution we know worked were a complete rebuild of the system--but this is not really a fix. Setting a GPO application timeout on startup per the KB that Staffler links to (KB2421599) instantly fixed our latest problem. Though the KB recommends a delay of 60 seconds, we set it to 20 seconds and it worked fine.
    Tuesday, October 28, 2014 3:44 PM
  • Thanks Staffler, this helped me out massively. 

    Cheers,
    MJ

    Tuesday, April 21, 2015 10:43 AM
  • Hi all, the same error happening one of my file server. While accessing through UNC, it is giving error that; 'There are currently no logon servers available to service the logon request.' Once I have restarted either the Netlogon service or the server, the error is disappearing. But, I'm seeking a permanent solution for this. I hope some experts can help, for your reference; I have given the event details below.

    Event Type:    Error
    Event Source:    NETLOGON
    Event Category:    None
    Event ID:    5719
    Date:        30/03/2016
    Time:        9:28:37 AM
    User:        N/A
    Computer:    BL-FIS
    Description:
    This computer was not able to set up a secure session with a domain controller in domain <domain name> due to the following:
    There are currently no logon servers available to service the logon request.  
    This may lead to authentication problems. Make sure that this computer is connected to the network. If the problem persists, please contact your domain administrator.  

    ADDITIONAL INFO
    If this computer is a domain controller for the specified domain, it sets up the secure session to the primary domain controller emulator in the specified domain. Otherwise, this computer sets up the secure session to any domain controller in the specified domain.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 5e 00 00 c0               ^..À    

    *********************************************************************************

    Event Type:    Error
    Event Source:    NETLOGON
    Event Category:    None
    Event ID:    5719
    Date:        30/03/2016
    Time:        9:29:44 AM
    User:        N/A
    Computer:    BL-FIS
    Description:
    This computer was not able to set up a secure session with a domain controller in domain <domain name> due to the following:
    The RPC server is unavailable.  
    This may lead to authentication problems. Make sure that this computer is connected to the network. If the problem persists, please contact your domain administrator.  

    ADDITIONAL INFO
    If this computer is a domain controller for the specified domain, it sets up the secure session to the primary domain controller emulator in the specified domain. Otherwise, this computer sets up the secure session to any domain controller in the specified domain.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 17 00 02 c0               ...À 

    *******************************************************************************

    Regards,

    Jaril Nambiar



    Wednesday, March 30, 2016 5:41 AM