Solved

Can't join a Windows NT domain from a Windows XP machine

Posted on 2004-07-31
15
628 Views
Last Modified: 2013-12-19
Helllo , I get the following message when I try to join a Windows NT domain.

the domain name "             " might be a NetBIOS domain name.  If this is the case, verify that the domain name is properly registered with WINS.

If you are certain that the name is not a NetBIOS domain name, then the following information can help you troubleshoot your DNS configuration.
the following error occurred when DNS was queried for the service location (SRV) resource record used to locate a domain controller for domain VENETECHGROUP:

The error was: "DNS name does not exist."
(error code 0x0000232B RCODE_NAME_ERROR)

The following error occurred when DNS was queried for the service location (SRV) resource record used to locate a domain controller for domain.

 I am working on a small project  with a test environment one NT domain and a couple of XP machines. The NT domain is a   PDC running WINS . Do I need to be running DNS internally  as  well ? I am connecting via DSL to my ISP for internet access

I can ping the server by IP address and by NETbios name.

Thanks for your help !
0
Comment
Question by:Sk8faster
  • 5
  • 4
  • 3
  • +1
15 Comments
 
LVL 37

Accepted Solution

by:
Bing CISM / CISSP earned 50 total points
ID: 11686997
what is that NETBIOS domain name? i see nothing in the quotation marks. are you sure that you have no invalid characters in the name string?

FYI:
Computer Names
http://msdn.microsoft.com/library/en-us/sysinfo/base/computer_names.asp

NetBIOS Name Resolution Basics
http://www.microsoft.com/windows2000/techinfo/reskit/en-us/ProRK/prcc_tcp_gclb.asp

NetBIOS Suffixes (16th Character of the NetBIOS Name)
http://support.microsoft.com/?id=kb;en-us;163409

hope it helps,
bbao
0
 

Author Comment

by:Sk8faster
ID: 11689718
The Netbios domain name is the same I just left it out still Venetechgroup
0
 
LVL 37

Expert Comment

by:Bing CISM / CISSP
ID: 11691173
as what the URL linked articles say, you may use NBTSTAT command to troubleshoot your problem, please try NBTSTAT -A xx.xx.xx.xx, NBTSTAT -n on the XP and NT server to check if the domain name is available and valid. for more information on how to use NBTSTAT, issue NBTSTAT /? at command line.

hope it helps,
bbao
0
 
LVL 13

Expert Comment

by:ocon827679
ID: 11694531
Since this is a Windows NT domain and not W2K or W2K3, the DNS info that is given to you from the error message is of no use.  NT only talks NetBIOS.

Are you using WINS in the NT domain?  If so, ensure that the Xp machine has it's TCP/IP properties pointing to the WINS server.  Go to the WINS server and look at the WINS database, ensure that there are 3 records listed for the XP machine.    

If not add an lmhosts file in c:\winnt\system32\drivers\etc.  There is a .sam file there now, it is a sample.  You create the lmhosts file with no extension.  2 records need to be present in the lmhosts file;

ipaddr  "domain         "0x1b   #PRE
ipaddr   servername   #PRE   #DOM:domain

Note: The "domain         "0x1b - You must put the domain name and pad it out 15 spaces with the space character.  NetBIOS domain names are 15 characters legible and a hidden 16th character, the 0x1b.  Also #PRE and #DOM are case sensitive.  The ipaddr is the ip address of the PDC and the servername is the name of the PDC.
0
 
LVL 18

Expert Comment

by:crissand
ID: 11694858
Enable netbios over tcp/ip on each windows xp machine. Be sure the tcp/ip netbios helper service is running on each workstation.
0
 

Author Comment

by:Sk8faster
ID: 11696714
I ran NbTstat  -n on both the XP machine and the domain controllert and they showed as registered. The XP machine only shows 2 entries on the WINS database and yes I am running WINS on the domain server
This is what I got when I ran NbTstat -n on the domain
NetBIOS Local Name Table

   Name               Type         Status
---------------------------------------------
VENTECHWINNTSRV<20>  UNIQUE      Registered
VENTECHWINNTSRV<00>  UNIQUE      Registered
VENETECHGROUP  <00>  GROUP       Registered
VENETECHGROUP  <1C>  GROUP       Registered
VENETECHGROUP  <1B>  UNIQUE      Registered
VENETECHGROUP  <1E>  GROUP       Registered
VENTECHWINNTSRV<03>  UNIQUE      Registered
VENETECHGROUP  <1D>  UNIQUE      Registered
..__MSBROWSE__.<01>  GROUP       Registered
0
 
LVL 18

Expert Comment

by:crissand
ID: 11703871
Follow the recomendation from microsoft:

http://support.microsoft.com/default.aspx?scid=kb;en-us;314366
0
Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

 

Author Comment

by:Sk8faster
ID: 11704208
I hace done this already and still can join the domain. On one of theXP machines I do get prompted to authenticate with a user name and password to join the domain after doing that I restart the Xp machines for the changes but when I try to login into the  domain I get the domain server is not available message . I get the error on the event viewer on the Domain controller
Source : NETLOGON
The session setup from the computer " name of the XP machine" failed to authenticate . The name account referenced in the security database if name of the XP machine$ . The following error occured : access denied.

0
 
LVL 13

Expert Comment

by:ocon827679
ID: 11705087
Did you use the credentials of a user that has administer rights in the domain?  
0
 

Author Comment

by:Sk8faster
ID: 11705132
Yes !! absolutely I tried to log in under Administrator for the domain
0
 
LVL 18

Expert Comment

by:crissand
ID: 11705263
Here is a trick. Put the XP computer in an inexistent workgroup. Be sure to specify in the nics configuration the name of the wins server. Be sure that enable netbios over tcp/ip is active. Restart and try joining the domain using it's netbios name.
0
 

Author Comment

by:Sk8faster
ID: 11708282
This is working now I had to disable the Pc-cillin personal firewall on the XP machine and disable encrypt secure channel data on the local security policy.

 Thank  You all !
0
 
LVL 37

Expert Comment

by:Bing CISM / CISSP
ID: 11711435
glad to know and help.
0
 
LVL 37

Expert Comment

by:Bing CISM / CISSP
ID: 11714610
> I hace done this already and still can join the domain.

you mean, "still can NOT"? hehe ;)

"This behavior occurs because the Windows XP client tries to sign or seal the secure channel. Windows XP does this by default. However, Windows NT is not configured to do this by default. To resolve this issue, open Local Security Policy from Administrative Tools. Under the Local Policies\Security Options node, double-click the Domain Member:Digitally encrypt or sign secure channel data (always) policy to open it and click Disabled."

cheers,
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Enterprise networks where VoIP phones have been deployed frequently use port configurations that allow both a computer and an IP phone to be plugged into the same switch port but use different VLANs. On Cisco equipment I'm referring to the "native V…
The Need In an Active Directory enviroment, the PDC emulator provide time synchronization for the domain. This is important since Active Directory uses Kerberos for authentication.  By default, if the time difference between systems is off by more …
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now