Solved

XP Pro cannot join 2000 domain. "The specified server cannot perform the requested operation".

Posted on 2004-03-26
10
3,838 Views
Last Modified: 2010-08-05
The problem im having involves an XP Pro workstation, and Windows server 2000.

I cannot join the 2000 domain (domainname.org); using the XP Pro's wizard.

Although it seems to let me add it using the manual method: ie. WORKGROUP/DOMAIN specification.

And if I add the XP workstation to the domain using the manual method, it doesnt grab any GPO.

Whats wrong? Can someone help me??

DNS resolves fine, I ran netdiag and dcdiag on the DC without problems. (all passed)

I need to get the Add/Remove programs (for network group policy) working .. and nothing lists even though its specified on the servers GPO. (and at the root domain)

Help! :)
Jason
0
Comment
Question by:talon121a
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
10 Comments
 
LVL 20

Expert Comment

by:Debsyl99
ID: 10690075
Hi

I found this potential solution:

Here is the fix for those unfortunate enough to run into this quagmire in the future.
1. Change the computer name to "whatever" and then join the PC to the workgroup "WORKGROUP"
2. Restart the computer and log on locally as the administrator
3. Make sure the OS has all the latest patches.
4. Start>Run>mmc> then add "Security Configuration and Analysis" and "Security Templates" snap-ins.
5. Click on the Security Configuration and Analysis node and follow the instructions on the right to "Create a new database."
6. Import the Setup Security Template
7. Apply the template
8. Join the PC to the new Domain
9. If you continue to get the error, restart the PC and rerun steps 4-8

Although it refers to WinXP upgraded clients,

From here:
http://www.computing.net/windows2003/wwwboard/forum/1129.html

It does refer to a windows 2003 domain though, but sounds very similar. Maybe worth a shot?

Deb :))
0
 
LVL 11

Accepted Solution

by:
infotrader earned 250 total points
ID: 10693788
or you can run "gpupdate /force /boot" 10 times... I found this problem in the past, and the good news is that although it is frustrating, once it recognize the domain it seems to go away...

I've also experienced this from brand new machines recieved by Dell, and in a Win2K environment.

- Info
0
 

Author Comment

by:talon121a
ID: 10703992
The first thing ,(applying the new security template) didnt work. Unfortunately, Ive tried it a few times.

But I'll give the GPUPDATE /force /boot (10 x)

Do I have to do this on all our NEW DELL PC's?  (maybe something about the dell hardware?)

Jason
0
Salesforce Has Never Been Easier

Improve and reinforce salesforce training & adoption using WalkMe's digital adoption platform. Start saving on costly employee training by creating fast intuitive Walk-Thrus for Salesforce. Claim your Free Account Now

 

Author Comment

by:talon121a
ID: 10704106
Here's a portion of my userenv (%systemroot%\windows\debug\userenv.txt)
--
USERENV(1e8.260) 09:06:19:849 GetGPOInfo:  Entering...
USERENV(1e8.260) 09:06:19:849 GetGPOInfo:  Server connection established.
USERENV(1e8.260) 09:06:19:865 GetGPOInfo:  ldap_bind_s failed with = <81>
USERENV(1e8.260) 09:06:19:865 GetGPOInfo:  Leaving with 0
USERENV(1e8.260) 09:06:19:865 GetGPOInfo:  ********************************
USERENV(1e8.260) 09:06:19:865 ProcessGPOs: GetGPOInfo failed.
USERENV(1e8.260) 09:06:19:865 ProcessGPOs: No WMI logging done in this policy cycle.
USERENV(1e8.260) 09:06:19:865 ProcessGPOs: Processing failed with error 58.
USERENV(1e8.260) 09:06:19:865 LeaveCriticalPolicySection: Critical section 0x7a4 has been released.
USERENV(1e8.260) 09:06:19:865 ProcessGPOs: User Group Policy has been applied.
USERENV(1e8.260) 09:06:19:865 ProcessGPOs: Leaving with 0.
USERENV(1e8.260) 09:06:19:865 ApplyGroupPolicy: Leaving successfully.
USERENV(1e8.1ec) 09:06:20:304 IsSyncForegroundPolicyRefresh: Synchronous, Reason: FirstPolicyRefresh
USERENV(524.3e8) 09:06:20:413 LibMain: Process Name:  C:\WINDOWS\system32\spoolsv.exe
USERENV(2b4.2c8) 09:06:20:649 ImpersonateUser: Failed to impersonate user with 5.
USERENV(2b4.2c8) 09:06:20:649 GetUserNameAndDomain Failed to impersonate user
USERENV(2b4.2c8) 09:06:20:649 ImpersonateUser: Failed to impersonate user with 5.
USERENV(2b4.2c8) 09:06:20:649 GetUserDNSDomainName: Failed to impersonate user
USERENV(1e8.2f0) 09:06:20:649 GPOThread:  Next refresh will happen in 98 minutes
USERENV(454.4c0) 09:06:20:680 LibMain: Process Name:  C:\WINDOWS\Explorer.EXE
USERENV(2b4.2c8) 09:06:20:696 ImpersonateUser: Failed to impersonate user with 5.
USERENV(2b4.2c8) 09:06:20:696 GetUserNameAndDomain Failed to impersonate user
USERENV(2b4.2c8) 09:06:20:696 ImpersonateUser: Failed to impersonate user with 5.
USERENV(2b4.2c8) 09:06:20:696 GetUserDNSDomainName: Failed to impersonate user
USERENV(2b4.2c8) 09:06:20:727 ImpersonateUser: Failed to impersonate user with 5.
USERENV(2b4.2c8) 09:06:20:727 GetUserNameAndDomain Failed to impersonate user
USERENV(2b4.2c8) 09:06:20:727 ImpersonateUser: Failed to impersonate user with 5.
USERENV(2b4.2c8) 09:06:20:727 GetUserDNSDomainName: Failed to impersonate user
USERENV(454.4c0) 09:06:20:758 GetProfileType:  Profile already loaded.
USERENV(454.4c0) 09:06:20:758 GetProfileType: ProfileFlags is 0
USERENV(454.4c0) 09:06:20:790 GetProfileType:  Profile already loaded.
USERENV(454.4c0) 09:06:20:790 GetProfileType: ProfileFlags is 0
USERENV(3d0.668) 09:06:28:803 GetAppliedGPOList: Entering. Extension = {C6DC5466-785A-11D2-84D0-00C04FB169F7}
--
Hmm.. Failed to impersonate user and ldap_bind_s failed with = <81> sounds fishy? Anyone have a resolution? Id like to up my points on this one as well, since its getting sorta urgent.. ;-) Would be nice.

Thanks

0
 

Author Comment

by:talon121a
ID: 10704161
Im also receiving:
Event Type:      Error
Event Source:      Userenv
Event Category:      None
Event ID:      1006
Date:            3/29/2004
Time:            9:10:10 AM
User:            DOMAIN\domainusername
Computer:      UNITED-000001
Description:
Windows cannot bind to domain.org domain. (Server Down). Group Policy processing aborted.  

On that machine.

(replaced domain.org etc. for security)
Any help would be appreciated :)
0
 
LVL 20

Expert Comment

by:Debsyl99
ID: 10704400
Just checking that you're on the lastest service packs? I believe that there's a bind issue fixed in Win2k SP4.. Let us know

Deb :))
0
 
LVL 20

Expert Comment

by:Debsyl99
ID: 10704571
Hi
Some discussion here

http://groups.google.co.uk/groups?hl=en&lr=lang_en&ie=UTF-8&oe=UTF-8&selm=7faeeb76.0401292239.17c41340%40posting.google.com&rnum=8

Also check that the time syncs not too far out between the two of them, that the Ip's ok - ie try manual addressing, and make sure dns can accept dynamic registrations.

0
 
LVL 20

Assisted Solution

by:Debsyl99
Debsyl99 earned 250 total points
ID: 10704598
And have a look at this just in case

http://support.microsoft.com/?kbid=293403
0
 

Author Comment

by:talon121a
ID: 10724014
Thanks everyone for your help, unfortunately the items you listed didnt resolve that issue.

I had to eventually contact the MS $245 per incident line, ( was a domain controller urgent issue.. unfortunately.. But this fixed the problem .. thought Id share the resolution so incase someone else ever runs into this. Maybe be an easier fix.)

   --- Issue -------------

Error when joing XP to the domain,
    "The specifed server cannot perform the requested operation"

    --- Resolution --------

Removed the H323 Gateway using netsh as follows, "netsh routing ip nat delete h323"

We also discovered that IPsec had been enabled in the default domain policy for servers, this was affecting the DC

Thanks everyone!
0
 
LVL 20

Expert Comment

by:Debsyl99
ID: 10724150
Glad you fixed it, and thanks for posting the fix!

Deb :))
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Trying to figure out group policy inheritance and which settings apply where can be a chore.  Here's a very simple summary I've written which might help.  Keep in mind, this is just a high-level conceptual overview where I try to avoid getting bogge…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

690 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question