Domain Controller could not be contacted

After lots of searching and numerious attempts to correct the issue, I cannot join an XP workstation to my recently-upgraded AD domain.  Based on previous searches, I've done the following:

1.  Confirmed IP connectivity to my domain controller
2.  Confirmed DNS resolution to my domain controller
3.  Ran a successful NSLOOKUP against my DC
4.  Verified I had a Reverse DNS zone
5.  Added PTR record for my DC in DNS

Here are the details from the error message when joining:

DNS was successfully queried for the service location (SRV) resource record used to locate a domain controller for domain corp.mycompany.com:
The query was for the SRV record for _ldap._tcp.dc._msdcs.corp.strategiccompanies.com
The following domain controllers were identified by the query:
stc01.corp.strategiccompanies.com
Common causes of this error include:
- Host (A) records that map the name of the domain controller to its IP addresses are missing or contain incorrect addresses.
- Domain controllers registered in DNS are not connected to the network or are not running.

Here is the output from NetDiag:
DNS test . . . . . . . . . . . . . : Passed
    PASS - All the DNS entries for DC are registered on DNS server '127.0.0.1'.

Any help is appreciated.  Thanks!


arnetguruAsked:
Who is Participating?
 
Casca1Connect With a Mentor Commented:
I disagree with only one part of that; WINS is not good. I do not disgree, however, that WINS might fix this issue.
Another thing that you might try is removing the IP stack from the client, heck, remove it all, do a restart, then re-add the stack. If troubleshooting the basic stuff, this is the first step, anyway.
Good Luck!
0
 
SembeeCommented:
Do you really have your DNS settings on the server set to 127.0.0.1? If so change them to the server's real IP address.
The server will be registering that IP address in DNS and will then be returning invalid information back to the clients.

Simon.
0
 
rhandelsCommented:
Hi,

Also, try to ping the server form the workstation by using it's Fully Qualified Domain Name (something like server.mydomain.com). If you cannot ping it by it's FQDN, then i would indeed check Simon's suggestion. Else, make sure that you have proper permissions to add a workstation to a domain (and make sure that the domain has a DC)
0
Cloud Class® Course: Python 3 Fundamentals

This course will teach participants about installing and configuring Python, syntax, importing, statements, types, strings, booleans, files, lists, tuples, comprehensions, functions, and classes.

 
Casca1Commented:
and a GC and PDC, and infrastructure master. If you DC promo'd a server, then removed the original without getting the FSMO roles transferred, you can run into that.
0
 
arnetguruAuthor Commented:
My DC's IP is 10.1.0.201.  That interface had its DNS server set to 127.0.0.1 (it's running DNS also).  However, I've changed the interface's DNS server to 10.1.0.201 to see if that will have an effect (I'll be testing it first thing this morning).

I can ping the DC by FQDN.  I don't think I'm running into a permissions issue, since I can't yet get a prompt for an account to add the workstation.

During the migration, I transferred all FSMO roles to the new DC, and checked the Global Catalog option.  

Thanks for the feedback so far.  I'll let you know if the DNS setting did the trick.  
0
 
arnetguruAuthor Commented:
Well, no luck changing the DNS server set in the DC's LAN interface.  Here's the latest netdiag output.  It shows the correct DNS server IP now:

**********************************************
Per interface results:

    Adapter : Local Area Connection

        Netcard queries test . . . : Passed

        Host Name. . . . . . . . . : stc01
        IP Address . . . . . . . . : 10.1.0.201
        Subnet Mask. . . . . . . . : 255.255.255.0
        Default Gateway. . . . . . : 10.1.0.254
        Primary WINS Server. . . . : 10.1.0.200
        Dns Servers. . . . . . . . : 10.1.0.201


        AutoConfiguration results. . . . . . : Passed

        Default gateway test . . . : Passed

        NetBT name test. . . . . . : Passed
        [WARNING] At least one of the <00> 'WorkStation Service', <03> 'M
r Service', <20> 'WINS' names is missing.

        WINS service test. . . . . : Passed


Global results:


Domain membership test . . . . . . : Passed


NetBT transports test. . . . . . . : Passed
    List of NetBt transports currently configured:
        NetBT_Tcpip_{459014BF-B2D6-4236-9513-8E19272AE46D}
    1 NetBt transport currently configured.


Autonet address test . . . . . . . : Passed


IP loopback ping test. . . . . . . : Passed


Default gateway test . . . . . . . : Passed


NetBT name test. . . . . . . . . . : Passed
    [WARNING] You don't have a single interface with the <00> 'WorkStatio
ce', <03> 'Messenger Service', <20> 'WINS' names defined.


Winsock test . . . . . . . . . . . : Passed


DNS test . . . . . . . . . . . . . : Passed
    PASS - All the DNS entries for DC are registered on DNS server '10.1.0.201'.



Redir and Browser test . . . . . . : Passed
    List of NetBt transports currently bound to the Redir
        NetBT_Tcpip_{459014BF-B2D6-4236-9513-8E19272AE46D}
    The redir is bound to 1 NetBt transport.

    List of NetBt transports currently bound to the browser
        NetBT_Tcpip_{459014BF-B2D6-4236-9513-8E19272AE46D}
    The browser is bound to 1 NetBt transport.


DC discovery test. . . . . . . . . : Passed


DC list test . . . . . . . . . . . : Passed


Trust relationship test. . . . . . : Skipped


Kerberos test. . . . . . . . . . . : Passed


LDAP test. . . . . . . . . . . . . : Passed


Bindings test. . . . . . . . . . . : Passed


WAN configuration test . . . . . . : Skipped
    No active remote access connections.


Modem diagnostics test . . . . . . : Passed

IP Security test . . . . . . . . . : Skipped

    Note: run "netsh ipsec dynamic show /?" for more detailed information


The command completed successfully
******************************************************

Here is output from DCDiag as well:

**********************************************************
Domain Controller Diagnosis

Performing initial setup:
   Done gathering initial info.

Doing initial required tests

   Testing server: CORP\STC01
      Starting test: Connectivity
         ......................... STC01 passed test Connectivity

Doing primary tests

   Testing server: CORP\STC01
      Starting test: Replications
         ......................... STC01 passed test Replications
      Starting test: NCSecDesc
         ......................... STC01 passed test NCSecDesc
      Starting test: NetLogons
         ......................... STC01 passed test NetLogons
      Starting test: Advertising
         ......................... STC01 passed test Advertising
      Starting test: KnowsOfRoleHolders
         ......................... STC01 passed test KnowsOfRoleHolders
      Starting test: RidManager
         ......................... STC01 passed test RidManager
      Starting test: MachineAccount
         ......................... STC01 passed test MachineAccount
      Starting test: Services
         ......................... STC01 passed test Services
      Starting test: ObjectsReplicated
         ......................... STC01 passed test ObjectsReplicated
      Starting test: frssysvol
         ......................... STC01 passed test frssysvol
      Starting test: frsevent
         ......................... STC01 passed test frsevent
      Starting test: kccevent
         ......................... STC01 passed test kccevent
      Starting test: systemlog
         ......................... STC01 passed test systemlog
      Starting test: VerifyReferences
         ......................... STC01 passed test VerifyReferences

   Running partition tests on : ForestDnsZones
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test CrossRefValidation

      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom

   Running partition tests on : DomainDnsZones
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test CrossRefValidation

      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom

   Running partition tests on : Schema
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom

   Running partition tests on : Configuration
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom

   Running partition tests on : corp
      Starting test: CrossRefValidation
         ......................... corp passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... corp passed test CheckSDRefDom

   Running enterprise tests on : corp.strategiccompanies.com
      Starting test: Intersite
         ......................... corp.strategiccompanies.com passed test Intersite
      Starting test: FsmoCheck
         ......................... corp.strategiccompanies.com passed test FsmoCheck
****************************************************************

Could this be an issue on the client?  The reason I ask is that I haven't had to manually join any other workstations to the AD domain since the upgrade.  They were able to connect to the AD domain after a reboot.  This workstation did not.  BTW, if you can't tell already, this is my first domain migration, so I may be missing simple things that a more experienced admin wouldn't.

Thanks again for your feedback!
0
 
Casca1Commented:
Hmmm; Kill the WINS?
Sometimes, especially if the machine was an upgrade rather than a wipe and reinstall, the NT days come back to haunt you becuase the regustry is still set to use the old NetBios. It's just a thought, but...
0
 
mcsalladCommented:
Lets get back to basic stuff, have you checked the cables and NICs? It might be a hardware problem.
Its just a thought, to be sure.

And what about the ip for the client? Let us see a ipconfig /all from the client too.
Are you running wins server on the dc too? If you do, reset the wins database, and if you arent running wins server on the dc try to set one up, wins is good
0
 
Casca1Commented:
So which of my approaches worked? The shotgun? 8-)
Thanks for the score and points.
0
 
arnetguruAuthor Commented:
Completely removing and re-adding TCP/IP from the client did it.  My next step was to crush it with a car, claim ignorance, and order a new laptop.  :)
0
 
Casca1Commented:
Hey, that would have worked! ;-)
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.