• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 705
  • Last Modified:

Can't join a Windows NT domain from a Windows XP machine

Helllo , I get the following message when I try to join a Windows NT domain.

the domain name "             " might be a NetBIOS domain name.  If this is the case, verify that the domain name is properly registered with WINS.

If you are certain that the name is not a NetBIOS domain name, then the following information can help you troubleshoot your DNS configuration.
the following error occurred when DNS was queried for the service location (SRV) resource record used to locate a domain controller for domain VENETECHGROUP:

The error was: "DNS name does not exist."
(error code 0x0000232B RCODE_NAME_ERROR)

The following error occurred when DNS was queried for the service location (SRV) resource record used to locate a domain controller for domain.

 I am working on a small project  with a test environment one NT domain and a couple of XP machines. The NT domain is a   PDC running WINS . Do I need to be running DNS internally  as  well ? I am connecting via DSL to my ISP for internet access

I can ping the server by IP address and by NETbios name.

Thanks for your help !
0
Sk8faster
Asked:
Sk8faster
  • 5
  • 4
  • 3
  • +1
1 Solution
 
bbaoIT ConsultantCommented:
what is that NETBIOS domain name? i see nothing in the quotation marks. are you sure that you have no invalid characters in the name string?

FYI:
Computer Names
http://msdn.microsoft.com/library/en-us/sysinfo/base/computer_names.asp

NetBIOS Name Resolution Basics
http://www.microsoft.com/windows2000/techinfo/reskit/en-us/ProRK/prcc_tcp_gclb.asp

NetBIOS Suffixes (16th Character of the NetBIOS Name)
http://support.microsoft.com/?id=kb;en-us;163409

hope it helps,
bbao
0
 
Sk8fasterAuthor Commented:
The Netbios domain name is the same I just left it out still Venetechgroup
0
 
bbaoIT ConsultantCommented:
as what the URL linked articles say, you may use NBTSTAT command to troubleshoot your problem, please try NBTSTAT -A xx.xx.xx.xx, NBTSTAT -n on the XP and NT server to check if the domain name is available and valid. for more information on how to use NBTSTAT, issue NBTSTAT /? at command line.

hope it helps,
bbao
0
Cloud Class® Course: Microsoft Exchange Server

The MCTS: Microsoft Exchange Server 2010 certification validates your skills in supporting the maintenance and administration of the Exchange servers in an enterprise environment. Learn everything you need to know with this course.

 
ocon827679Commented:
Since this is a Windows NT domain and not W2K or W2K3, the DNS info that is given to you from the error message is of no use.  NT only talks NetBIOS.

Are you using WINS in the NT domain?  If so, ensure that the Xp machine has it's TCP/IP properties pointing to the WINS server.  Go to the WINS server and look at the WINS database, ensure that there are 3 records listed for the XP machine.    

If not add an lmhosts file in c:\winnt\system32\drivers\etc.  There is a .sam file there now, it is a sample.  You create the lmhosts file with no extension.  2 records need to be present in the lmhosts file;

ipaddr  "domain         "0x1b   #PRE
ipaddr   servername   #PRE   #DOM:domain

Note: The "domain         "0x1b - You must put the domain name and pad it out 15 spaces with the space character.  NetBIOS domain names are 15 characters legible and a hidden 16th character, the 0x1b.  Also #PRE and #DOM are case sensitive.  The ipaddr is the ip address of the PDC and the servername is the name of the PDC.
0
 
crissandCommented:
Enable netbios over tcp/ip on each windows xp machine. Be sure the tcp/ip netbios helper service is running on each workstation.
0
 
Sk8fasterAuthor Commented:
I ran NbTstat  -n on both the XP machine and the domain controllert and they showed as registered. The XP machine only shows 2 entries on the WINS database and yes I am running WINS on the domain server
This is what I got when I ran NbTstat -n on the domain
NetBIOS Local Name Table

   Name               Type         Status
---------------------------------------------
VENTECHWINNTSRV<20>  UNIQUE      Registered
VENTECHWINNTSRV<00>  UNIQUE      Registered
VENETECHGROUP  <00>  GROUP       Registered
VENETECHGROUP  <1C>  GROUP       Registered
VENETECHGROUP  <1B>  UNIQUE      Registered
VENETECHGROUP  <1E>  GROUP       Registered
VENTECHWINNTSRV<03>  UNIQUE      Registered
VENETECHGROUP  <1D>  UNIQUE      Registered
..__MSBROWSE__.<01>  GROUP       Registered
0
 
crissandCommented:
Follow the recomendation from microsoft:

http://support.microsoft.com/default.aspx?scid=kb;en-us;314366
0
 
Sk8fasterAuthor Commented:
I hace done this already and still can join the domain. On one of theXP machines I do get prompted to authenticate with a user name and password to join the domain after doing that I restart the Xp machines for the changes but when I try to login into the  domain I get the domain server is not available message . I get the error on the event viewer on the Domain controller
Source : NETLOGON
The session setup from the computer " name of the XP machine" failed to authenticate . The name account referenced in the security database if name of the XP machine$ . The following error occured : access denied.

0
 
ocon827679Commented:
Did you use the credentials of a user that has administer rights in the domain?  
0
 
Sk8fasterAuthor Commented:
Yes !! absolutely I tried to log in under Administrator for the domain
0
 
crissandCommented:
Here is a trick. Put the XP computer in an inexistent workgroup. Be sure to specify in the nics configuration the name of the wins server. Be sure that enable netbios over tcp/ip is active. Restart and try joining the domain using it's netbios name.
0
 
Sk8fasterAuthor Commented:
This is working now I had to disable the Pc-cillin personal firewall on the XP machine and disable encrypt secure channel data on the local security policy.

 Thank  You all !
0
 
bbaoIT ConsultantCommented:
glad to know and help.
0
 
bbaoIT ConsultantCommented:
> I hace done this already and still can join the domain.

you mean, "still can NOT"? hehe ;)

"This behavior occurs because the Windows XP client tries to sign or seal the secure channel. Windows XP does this by default. However, Windows NT is not configured to do this by default. To resolve this issue, open Local Security Policy from Administrative Tools. Under the Local Policies\Security Options node, double-click the Domain Member:Digitally encrypt or sign secure channel data (always) policy to open it and click Disabled."

cheers,
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 5
  • 4
  • 3
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now