Solved

XP Pro cannot join 2000 domain. "The specified server cannot perform the requested operation".

Posted on 2004-03-26
10
3,813 Views
Last Modified: 2010-08-05
The problem im having involves an XP Pro workstation, and Windows server 2000.

I cannot join the 2000 domain (domainname.org); using the XP Pro's wizard.

Although it seems to let me add it using the manual method: ie. WORKGROUP/DOMAIN specification.

And if I add the XP workstation to the domain using the manual method, it doesnt grab any GPO.

Whats wrong? Can someone help me??

DNS resolves fine, I ran netdiag and dcdiag on the DC without problems. (all passed)

I need to get the Add/Remove programs (for network group policy) working .. and nothing lists even though its specified on the servers GPO. (and at the root domain)

Help! :)
Jason
0
Comment
Question by:talon121a
  • 5
  • 4
10 Comments
 
LVL 20

Expert Comment

by:Debsyl99
Comment Utility
Hi

I found this potential solution:

Here is the fix for those unfortunate enough to run into this quagmire in the future.
1. Change the computer name to "whatever" and then join the PC to the workgroup "WORKGROUP"
2. Restart the computer and log on locally as the administrator
3. Make sure the OS has all the latest patches.
4. Start>Run>mmc> then add "Security Configuration and Analysis" and "Security Templates" snap-ins.
5. Click on the Security Configuration and Analysis node and follow the instructions on the right to "Create a new database."
6. Import the Setup Security Template
7. Apply the template
8. Join the PC to the new Domain
9. If you continue to get the error, restart the PC and rerun steps 4-8

Although it refers to WinXP upgraded clients,

From here:
http://www.computing.net/windows2003/wwwboard/forum/1129.html

It does refer to a windows 2003 domain though, but sounds very similar. Maybe worth a shot?

Deb :))
0
 
LVL 11

Accepted Solution

by:
infotrader earned 250 total points
Comment Utility
or you can run "gpupdate /force /boot" 10 times... I found this problem in the past, and the good news is that although it is frustrating, once it recognize the domain it seems to go away...

I've also experienced this from brand new machines recieved by Dell, and in a Win2K environment.

- Info
0
 

Author Comment

by:talon121a
Comment Utility
The first thing ,(applying the new security template) didnt work. Unfortunately, Ive tried it a few times.

But I'll give the GPUPDATE /force /boot (10 x)

Do I have to do this on all our NEW DELL PC's?  (maybe something about the dell hardware?)

Jason
0
 

Author Comment

by:talon121a
Comment Utility
Here's a portion of my userenv (%systemroot%\windows\debug\userenv.txt)
--
USERENV(1e8.260) 09:06:19:849 GetGPOInfo:  Entering...
USERENV(1e8.260) 09:06:19:849 GetGPOInfo:  Server connection established.
USERENV(1e8.260) 09:06:19:865 GetGPOInfo:  ldap_bind_s failed with = <81>
USERENV(1e8.260) 09:06:19:865 GetGPOInfo:  Leaving with 0
USERENV(1e8.260) 09:06:19:865 GetGPOInfo:  ********************************
USERENV(1e8.260) 09:06:19:865 ProcessGPOs: GetGPOInfo failed.
USERENV(1e8.260) 09:06:19:865 ProcessGPOs: No WMI logging done in this policy cycle.
USERENV(1e8.260) 09:06:19:865 ProcessGPOs: Processing failed with error 58.
USERENV(1e8.260) 09:06:19:865 LeaveCriticalPolicySection: Critical section 0x7a4 has been released.
USERENV(1e8.260) 09:06:19:865 ProcessGPOs: User Group Policy has been applied.
USERENV(1e8.260) 09:06:19:865 ProcessGPOs: Leaving with 0.
USERENV(1e8.260) 09:06:19:865 ApplyGroupPolicy: Leaving successfully.
USERENV(1e8.1ec) 09:06:20:304 IsSyncForegroundPolicyRefresh: Synchronous, Reason: FirstPolicyRefresh
USERENV(524.3e8) 09:06:20:413 LibMain: Process Name:  C:\WINDOWS\system32\spoolsv.exe
USERENV(2b4.2c8) 09:06:20:649 ImpersonateUser: Failed to impersonate user with 5.
USERENV(2b4.2c8) 09:06:20:649 GetUserNameAndDomain Failed to impersonate user
USERENV(2b4.2c8) 09:06:20:649 ImpersonateUser: Failed to impersonate user with 5.
USERENV(2b4.2c8) 09:06:20:649 GetUserDNSDomainName: Failed to impersonate user
USERENV(1e8.2f0) 09:06:20:649 GPOThread:  Next refresh will happen in 98 minutes
USERENV(454.4c0) 09:06:20:680 LibMain: Process Name:  C:\WINDOWS\Explorer.EXE
USERENV(2b4.2c8) 09:06:20:696 ImpersonateUser: Failed to impersonate user with 5.
USERENV(2b4.2c8) 09:06:20:696 GetUserNameAndDomain Failed to impersonate user
USERENV(2b4.2c8) 09:06:20:696 ImpersonateUser: Failed to impersonate user with 5.
USERENV(2b4.2c8) 09:06:20:696 GetUserDNSDomainName: Failed to impersonate user
USERENV(2b4.2c8) 09:06:20:727 ImpersonateUser: Failed to impersonate user with 5.
USERENV(2b4.2c8) 09:06:20:727 GetUserNameAndDomain Failed to impersonate user
USERENV(2b4.2c8) 09:06:20:727 ImpersonateUser: Failed to impersonate user with 5.
USERENV(2b4.2c8) 09:06:20:727 GetUserDNSDomainName: Failed to impersonate user
USERENV(454.4c0) 09:06:20:758 GetProfileType:  Profile already loaded.
USERENV(454.4c0) 09:06:20:758 GetProfileType: ProfileFlags is 0
USERENV(454.4c0) 09:06:20:790 GetProfileType:  Profile already loaded.
USERENV(454.4c0) 09:06:20:790 GetProfileType: ProfileFlags is 0
USERENV(3d0.668) 09:06:28:803 GetAppliedGPOList: Entering. Extension = {C6DC5466-785A-11D2-84D0-00C04FB169F7}
--
Hmm.. Failed to impersonate user and ldap_bind_s failed with = <81> sounds fishy? Anyone have a resolution? Id like to up my points on this one as well, since its getting sorta urgent.. ;-) Would be nice.

Thanks

0
 

Author Comment

by:talon121a
Comment Utility
Im also receiving:
Event Type:      Error
Event Source:      Userenv
Event Category:      None
Event ID:      1006
Date:            3/29/2004
Time:            9:10:10 AM
User:            DOMAIN\domainusername
Computer:      UNITED-000001
Description:
Windows cannot bind to domain.org domain. (Server Down). Group Policy processing aborted.  

On that machine.

(replaced domain.org etc. for security)
Any help would be appreciated :)
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 
LVL 20

Expert Comment

by:Debsyl99
Comment Utility
Just checking that you're on the lastest service packs? I believe that there's a bind issue fixed in Win2k SP4.. Let us know

Deb :))
0
 
LVL 20

Expert Comment

by:Debsyl99
Comment Utility
Hi
Some discussion here

http://groups.google.co.uk/groups?hl=en&lr=lang_en&ie=UTF-8&oe=UTF-8&selm=7faeeb76.0401292239.17c41340%40posting.google.com&rnum=8

Also check that the time syncs not too far out between the two of them, that the Ip's ok - ie try manual addressing, and make sure dns can accept dynamic registrations.

0
 
LVL 20

Assisted Solution

by:Debsyl99
Debsyl99 earned 250 total points
Comment Utility
And have a look at this just in case

http://support.microsoft.com/?kbid=293403
0
 

Author Comment

by:talon121a
Comment Utility
Thanks everyone for your help, unfortunately the items you listed didnt resolve that issue.

I had to eventually contact the MS $245 per incident line, ( was a domain controller urgent issue.. unfortunately.. But this fixed the problem .. thought Id share the resolution so incase someone else ever runs into this. Maybe be an easier fix.)

   --- Issue -------------

Error when joing XP to the domain,
    "The specifed server cannot perform the requested operation"

    --- Resolution --------

Removed the H323 Gateway using netsh as follows, "netsh routing ip nat delete h323"

We also discovered that IPsec had been enabled in the default domain policy for servers, this was affecting the DC

Thanks everyone!
0
 
LVL 20

Expert Comment

by:Debsyl99
Comment Utility
Glad you fixed it, and thanks for posting the fix!

Deb :))
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

Suggested Solutions

Enterprise networks where VoIP phones have been deployed frequently use port configurations that allow both a computer and an IP phone to be plugged into the same switch port but use different VLANs. On Cisco equipment I'm referring to the "native V…
This is the first one of a series of articles I’ll be writing to address technical issues that are always referred to as network problems. The network boundaries have changed, therefore having an understanding of how each piece in the network  puzzl…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now