Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Cannot join Windows 2003 Server box to a domain

Posted on 2004-11-18
8
Medium Priority
?
280 Views
Last Modified: 2010-04-19
Hi there

Background :-

2 windows 2003 server boxes (1 PDC, another webserver)
Using Linksys ADSL Gateway Wireless G(ADSL Modem, Router, 4-port switch, firewall + Access Point) (192.168.101.254)

Setup first server (192.168.101.2)
Steps
1.Install wind 2003 server
2.Disk Mangement
3.Page File
4.Router setup
5.TCP/IP
6.DHCP
7.DNS+AD
8.Treminal Services
9.Windows Update + Anti-virus

Checks
Ping from PDC to Router --> ok
Ping from client to PDC --> ok
Internet access --> ok

Second Server (Webserver) (192.168.101.3)
1.Installed Windows 2003 server
2.Tried to join Domain --> did not see domain

Checks
Ping from Webserver to Router --> ok
Ping from Webserver to PDC --> no
Ping from PDC to Webserver --> no
Internet access --> ok

Firewall Rules
Opened Ports 110,1433 & 1434 --> POP3, SQL TCP & SQL UDP

I believe the problem is to do with ports i.e. opening them.

I think I need to create Inbound Services Rules :-
Any (TCP) Allow always 192.168.101.2 Any Wan Users --> do not know port no ?
Any (UDP) Allow always 192.168.101.2 Any Wan Users --> do not know port no ?

Any others ?

Thus, welcome any ideas ?

Thanks...


0
Comment
Question by:ImraneA
  • 5
  • 2
8 Comments
 
LVL 11

Expert Comment

by:WeHe
ID: 12620437
you have to configure 192.168.101.2 as DNS server (in tcpip settings) on the webserver.
then it will find the domain.
0
 
LVL 12

Expert Comment

by:Housenet
ID: 12620452
Hello,
Im not sure what firewall rule would have to do with your problem.. Both IP's are within the LAN zone. The firewall rules apply when your are leaving the subnet and talking to other machines outside (internet).

On the webserver, point the primary DNS in TCP to 192.168.101.2. Type this in CMD>
1. ipconfig /flushdns
2. ipconfig /registerdns
3. Ping first servername  (did it reply with the FQDN in AD for first server?)
-Try to join the domain.
0
 

Author Comment

by:ImraneA
ID: 12624819
Check it tonight and get back to you...
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 

Author Comment

by:ImraneA
ID: 12634191
Set DNS Server as PDC.  Still did not work.

So, added connection for both PDC + Webserver - wireless connection.  Can ping both sides now BUT, connection keeps dropping every 10 mins or so.  Need to manaully connect it back.

Checked web, based on keywords "linksys WAG54G dropped connection" at google search.

Checked PDC by adding a client to domain, no problems.

When I do get a stable connection, I get the following error, when trying to join webserver to domain.

The following error occurred when DNS was queried for the service location (SRV) resource record used to locate a domain controller for domain Acker.org.uk:

The error was: "DNS name does not exist."
(error code 0x0000232B RCODE_NAME_ERROR)

The query was for the SRV record for _ldap._tcp.dc._msdcs.Acker.org.uk

Common causes of this error include the following:

- The DNS SRV records required to locate a domain controller for the domain are not registered in DNS. These records are registered with a DNS server automatically when a domain controller is added to a domain. They are updated by the domain controller at set intervals. This computer is configured to use DNS servers with following IP addresses:

192.168.101.2
212.159.13.150
212.159.11.150

- One or more of the following zones do not include delegation to its child zone:

Website...
org.uk
uk
. (the root zone)

I used dcpromo to create DNS etc..  Can't figure out what's going on.

Question :-  Is the problems a result of dopped connections causing the above errors indirectly ? or another problem ?

Any ideas...


0
 

Author Comment

by:ImraneA
ID: 12634203
bad spelling --> dropped
0
 
LVL 12

Accepted Solution

by:
Housenet earned 945 total points
ID: 12634409
Hello,
Yes I happen to have a few handy :)
1. The DNS server properties should have forwarders enabled so you can point all your internal domain client boxes and the server itself to the IP of the server in TCP>DNS configuration. The forwarders are internet standard DNS servers which your local DC can query for any zone it is not aware of.  Also, if your domain name is mycorp.lan, you should enter mycorp.lan as the domain suffix for your LAN NIC configurationation in DNS. At the time you are trying to join the domain, you pc will query mycorp.lan for a SRV record in the AD DNS zone mycorp.lan.

2. If you followed the recommendations during dcpromo you should have a couple of DNS zones which contain several folders ....your AD integrated dns zones on the domain controller. Do you have the records in DNS the error indicates are not present in the zone?  (this means, open DNS in administrative tools and check for a couple of zones which contain folders).

3. DNS is MS's latest way to resolve a domain controller when joining a domain. It is the new standard and any DNS problems with domain resolution must be fixed for normal operation (long term). There are other ways of PC's to locate domain controllers...LMOSTS...
-Fix Lmhosts same on the client pc...
add (example...enter your info)
192.168.1.2 <tab>DC_SERVER1NAME<tab> #PRE #DOM:NETBIOSDOMAINNAME

0
 

Author Comment

by:ImraneA
ID: 12635216
Hi Housenet

Thanks for comments.  Usually I try to avoid DNS, and get dcpromo to do most of work.  So not familar  about DNS !

Can you explain in step-by-step your steps.(where do i look !!!)

Point A - "The DNS server properties should have forwarders enabled " 

Point B - "Also, if your domain name is mycorp.lan, you should enter mycorp.lan as the domain suffix for your LAN NIC configurationation in DNS."

Point C - "At the time you are trying to join the domain, you pc will query mycorp.lan for a SRV record in the AD DNS zone mycorp.lan. "

Point D - "should have a couple of DNS zones which contain several folders "

Point E - "Do you have the records in DNS the error indicates are not present in the zone?"

The DNS server was unable to complete directory service enumeration of zone Acker.org.uk.  This DNS server is configured to use information obtained from Active Directory for this zone and is unable to load the zone without it.  Check that the Active Directory is functioning properly and repeat enumeration of the zone. The extended error debug information (which may be empty) is "". The event data contains the error.

Prefer to stick to AD to " resolve a domain controller when joining a domain".

No problems increasing points....

Regards





0
 

Author Comment

by:ImraneA
ID: 12642541
Hi there

http://www.microsoft.com/windows2000/dns/tshoot/dns_tshoot2A.asp

Your comments have been most helpful.  This url from ms provide detailed troubleshoot approach.

One of going threw it ...
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
Look below the covers at a subform control , and the form that is inside it. Explore properties and see how easy it is to aggregate, get statistics, and synchronize results for your data. A Microsoft Access subform is used to show relevant calcul…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question