Cannot join Windows 2003 Server box to a domain

Hi there

Background :-

2 windows 2003 server boxes (1 PDC, another webserver)
Using Linksys ADSL Gateway Wireless G(ADSL Modem, Router, 4-port switch, firewall + Access Point) (192.168.101.254)

Setup first server (192.168.101.2)
Steps
1.Install wind 2003 server
2.Disk Mangement
3.Page File
4.Router setup
5.TCP/IP
6.DHCP
7.DNS+AD
8.Treminal Services
9.Windows Update + Anti-virus

Checks
Ping from PDC to Router --> ok
Ping from client to PDC --> ok
Internet access --> ok

Second Server (Webserver) (192.168.101.3)
1.Installed Windows 2003 server
2.Tried to join Domain --> did not see domain

Checks
Ping from Webserver to Router --> ok
Ping from Webserver to PDC --> no
Ping from PDC to Webserver --> no
Internet access --> ok

Firewall Rules
Opened Ports 110,1433 & 1434 --> POP3, SQL TCP & SQL UDP

I believe the problem is to do with ports i.e. opening them.

I think I need to create Inbound Services Rules :-
Any (TCP) Allow always 192.168.101.2 Any Wan Users --> do not know port no ?
Any (UDP) Allow always 192.168.101.2 Any Wan Users --> do not know port no ?

Any others ?

Thus, welcome any ideas ?

Thanks...


ImraneAAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

WeHeCommented:
you have to configure 192.168.101.2 as DNS server (in tcpip settings) on the webserver.
then it will find the domain.
0
HousenetCommented:
Hello,
Im not sure what firewall rule would have to do with your problem.. Both IP's are within the LAN zone. The firewall rules apply when your are leaving the subnet and talking to other machines outside (internet).

On the webserver, point the primary DNS in TCP to 192.168.101.2. Type this in CMD>
1. ipconfig /flushdns
2. ipconfig /registerdns
3. Ping first servername  (did it reply with the FQDN in AD for first server?)
-Try to join the domain.
0
ImraneAAuthor Commented:
Check it tonight and get back to you...
0
Introducing Cloud Class® training courses

Tech changes fast. You can learn faster. That’s why we’re bringing professional training courses to Experts Exchange. With a subscription, you can access all the Cloud Class® courses to expand your education, prep for certifications, and get top-notch instructions.

ImraneAAuthor Commented:
Set DNS Server as PDC.  Still did not work.

So, added connection for both PDC + Webserver - wireless connection.  Can ping both sides now BUT, connection keeps dropping every 10 mins or so.  Need to manaully connect it back.

Checked web, based on keywords "linksys WAG54G dropped connection" at google search.

Checked PDC by adding a client to domain, no problems.

When I do get a stable connection, I get the following error, when trying to join webserver to domain.

The following error occurred when DNS was queried for the service location (SRV) resource record used to locate a domain controller for domain Acker.org.uk:

The error was: "DNS name does not exist."
(error code 0x0000232B RCODE_NAME_ERROR)

The query was for the SRV record for _ldap._tcp.dc._msdcs.Acker.org.uk

Common causes of this error include the following:

- The DNS SRV records required to locate a domain controller for the domain are not registered in DNS. These records are registered with a DNS server automatically when a domain controller is added to a domain. They are updated by the domain controller at set intervals. This computer is configured to use DNS servers with following IP addresses:

192.168.101.2
212.159.13.150
212.159.11.150

- One or more of the following zones do not include delegation to its child zone:

Website...
org.uk
uk
. (the root zone)

I used dcpromo to create DNS etc..  Can't figure out what's going on.

Question :-  Is the problems a result of dopped connections causing the above errors indirectly ? or another problem ?

Any ideas...


0
ImraneAAuthor Commented:
bad spelling --> dropped
0
HousenetCommented:
Hello,
Yes I happen to have a few handy :)
1. The DNS server properties should have forwarders enabled so you can point all your internal domain client boxes and the server itself to the IP of the server in TCP>DNS configuration. The forwarders are internet standard DNS servers which your local DC can query for any zone it is not aware of.  Also, if your domain name is mycorp.lan, you should enter mycorp.lan as the domain suffix for your LAN NIC configurationation in DNS. At the time you are trying to join the domain, you pc will query mycorp.lan for a SRV record in the AD DNS zone mycorp.lan.

2. If you followed the recommendations during dcpromo you should have a couple of DNS zones which contain several folders ....your AD integrated dns zones on the domain controller. Do you have the records in DNS the error indicates are not present in the zone?  (this means, open DNS in administrative tools and check for a couple of zones which contain folders).

3. DNS is MS's latest way to resolve a domain controller when joining a domain. It is the new standard and any DNS problems with domain resolution must be fixed for normal operation (long term). There are other ways of PC's to locate domain controllers...LMOSTS...
-Fix Lmhosts same on the client pc...
add (example...enter your info)
192.168.1.2 <tab>DC_SERVER1NAME<tab> #PRE #DOM:NETBIOSDOMAINNAME

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
ImraneAAuthor Commented:
Hi Housenet

Thanks for comments.  Usually I try to avoid DNS, and get dcpromo to do most of work.  So not familar  about DNS !

Can you explain in step-by-step your steps.(where do i look !!!)

Point A - "The DNS server properties should have forwarders enabled " 

Point B - "Also, if your domain name is mycorp.lan, you should enter mycorp.lan as the domain suffix for your LAN NIC configurationation in DNS."

Point C - "At the time you are trying to join the domain, you pc will query mycorp.lan for a SRV record in the AD DNS zone mycorp.lan. "

Point D - "should have a couple of DNS zones which contain several folders "

Point E - "Do you have the records in DNS the error indicates are not present in the zone?"

The DNS server was unable to complete directory service enumeration of zone Acker.org.uk.  This DNS server is configured to use information obtained from Active Directory for this zone and is unable to load the zone without it.  Check that the Active Directory is functioning properly and repeat enumeration of the zone. The extended error debug information (which may be empty) is "". The event data contains the error.

Prefer to stick to AD to " resolve a domain controller when joining a domain".

No problems increasing points....

Regards





0
ImraneAAuthor Commented:
Hi there

http://www.microsoft.com/windows2000/dns/tshoot/dns_tshoot2A.asp

Your comments have been most helpful.  This url from ms provide detailed troubleshoot approach.

One of going threw it ...
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2003

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.