Event ID 5807

---

• From: wsbirdjr@xxxxxxxxx
• Date: 23 Mar 2006 07:20:04 -0800

---

Good Morning:

My 2k3 domain is connected to 2 remote 2k3 domains via VPN connection.
The only reason these remote domains are linked to my network is the
necessity to upload accounting data to an AIX accounting server. There
is a 2-way trust established between domains, in a hub-spoke. I am
resolving names via WINS in hub spoke. To create the trust I added DNS
entries for those remote domains.

I am receiving these 5807 events:

Event Type: Warning
Event Source: NETLOGON
Event Category: None
Event ID: 5807
Date: 3/23/2006
Time: 9:35:20 AM
User: N/A
Computer: GAITH-DC01
Description:
During the past 4.09 hours there have been 38 connections to this
Domain Controller from client machines whose IP addresses don't map to
any of the existing sites in the enterprise. Those clients, therefore,
have undefined sites and may connect to any Domain Controller including
those that are in far distant locations from the clients. A client's
site is determined by the mapping of its subnet to one of the existing
sites. To move the above clients to one of the sites, please consider
creating subnet object(s) covering the above IP addresses with mapping
to one of the existing sites. The names and IP addresses of the
clients in question have been logged on this computer in the following
log file '%SystemRoot%\debug\netlogon.log' and, potentially, in the log
file '%SystemRoot%\debug\netlogon.bak' created if the former log
becomes full. The log(s) may contain additional unrelated debugging
information. To filter out the needed information, please search for
lines which....

The majority of these client connections are coming from the DC's in
those remote domains. In my situation is this just a nuisance event? I
am not doing any authentication between domains except for the initial
trust. Do I need to add a site, sitelink and subnet in AD Sites and
Services?

Thanks,

Bill

.

---

• Prev by Date: IRS/Websense Update Phishing Alerts
• Next by Date: Increase the default limit on user profiles
• Previous by thread: IRS/Websense Update Phishing Alerts
• Next by thread: Increase the default limit on user profiles
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: event id 5807 warning ... > ID 5807 that indicated much large number of connections to a DC then ... > have undefined sites and may connect to any Domain Controller ... > including those that are in far distant locations from the clients. ... > client's site is determined by the mapping of its subnet to one of the ... (microsoft.public.windows.server.active_directory) sockets, closing and TIME_WAIT ... During heavy load the server can't follow anymore because the sockets ... my server should be able to handle 10 clients connecting ... This gets a free position in the array of connections, ... (comp.unix.programmer) Re: MsgCommunicator v.2.00: Instant Messenger SDK, now with databases support ... expect persistent connections. ... they will wait for the server to pick them up. ... your Clients can stay "off-line" for about 30 minutes before they have to ... requests *simultaneously*. ... (borland.public.delphi.thirdpartytools.general) Re: Accepting external sendmail on 2.0.2 ... > on a network node capable of doing graphics, ... I really like running remote clients on a local server, ... that these listeners are not accepting external connections by default, ... viusing a MTA for sending email about lost files to local ... (comp.unix.bsd.netbsd.misc) Re: Access 2007->SQL Server2005 "connection was forcibly closed",G ... connections need to be returned to the pool to be ... Enterprise version of SQL Server 2000. ... server user login to be sure that it is not mixed with other running clients). ... Every new client opens again 30 connections if I open 30 tables ... (microsoft.public.sqlserver.connect)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(16)