Event ID/Source search
Keyword searchExample: Windows cannot unload your registry file
Event ID: 5705 Source: NETLOGON
The change log cache maintained by the Netlogon service for database changes is corrupted. The Netlogon service is resetting the change log.
|English: Request a translation of the event description in plain English.|
|Concepts to understand:|
What is the role of the Netlogon share?
This problem occurs, if you enable auditing of security objects and more than 500 changes are made to an individually replicated security object from the Security Account Manager (SAM), local security authority (LSA), or built-in databases. See ME136251 to solve this problem.
See "JSI Tip 1459" for additional information about this event.
In one case, this problem was caused by improper Active Directory and network settings. Once they were reconfigured and the computer restarted, the problem was fixed.
As per Microsoft: "These event can be caused when Windows NT fails to update the %SystemRoot%\Netlogon.chg file on the PDC. This may occur for any of the following reasons:
- The Read-Only attribute could be set.
- The netlogon.chg file could be corrupted.
- The permissions for the system account could be insufficient for that file; they should be at least RWXD.
See ME173882 and ME215859 for more details.
|Private comment: Subscribers only. See example of private comment|
|Links: ME136251, ME173882, ME215859, JSI Tip 1459|
|Search: Google - Bing - Microsoft - Yahoo - EventID.Net Queue (1) - More links...|
|Custom search for *****: Google - Bing - Microsoft - Yahoo|
Send comments or solutions
- Notify me when updated