We help IT Professionals succeed at work.

We've partnered with Certified Experts, Carl Webster and Richard Faulkner, to bring you a podcast all about Citrix Workspace, moving to the cloud, and analytics & intelligence. Episode 2 coming soon!Listen Now

x

Add Windows 2003 server to existing Active Directory

bhartung1
bhartung1 asked
on
Medium Priority
423 Views
Last Modified: 2010-03-18
I have setup a Win2k3 server for a remote location that doesn't have any MS networking currently, just Netware. I want to join it to our existing domain in a new site but I'm having problems. Here's what I have done so far...
     - The remote location is on its own IP subnet.
     - The new server is in place at the remote  location and running properly as a member of "workgroup".
     - The remote location is connected to us via a VPN and Cisco routers.
     - I configured the remote server to use one of the Win2k3 servers here to be it DNS server. Pinging by name works in both directions.

The new server can see the existing domain. From the remote server, I can access Win2k3 servers here by entering the IP address (ex. \\172.16.1.1\util or \\cullman-ms1.wiscoind.local\util). However, when I try to join the server into the existing domain, the process fails. I'm prompted for a username and password to authorize joining the domain but the process timesout after 6-7 minutes with the error "The following error occured attempting to join the domain "wiscoind": The service did not respond to the start or control request in a timely fashion."

Here's what I've done in AD to prepare for the join...
     - I've created a subnet entry under DNS for the remote location.
     - I've entered a host (A) entry using the static IP address and name of the server and corresponding reverse lookup pointer.
     - I've created a site for the remote location with corresponding subnet and associated them.
     - I've created a site link connecting the remote location to the main site where the main DC is located.

I have noticed that for the remote server's entry in the sites structure is missing an NTDS Settings object that the other two sites have. I'm assuming this is a result of the remote server not being a part of the domain yet since these objects say they are automatically generated.

Ultimately, I want to make this server a domain controller and dns server. I know some of the entries above don't have anything to do with the domain join problem.

I'm missing something. What is it?

Thanks.
Comment
Watch Question

CERTIFIED EXPERT
Top Expert 2006

Commented:
Hi bhartung1,

to start with are you running DCPROMO or are you just trying to join the server into the Domain? try the dcpromo route and add the server as an additional DC, once the DC is part of the domain, then you can play with sites and services, have you installed DNS on the remote server yet?

Cheers!
What happens on the remote server when you do "nslookup  domainname"?  As well, there is no filtering set up on the CISCO's for the VPN connection is there?  All ports are allowed through?

Author

Commented:
Hi Jay_Jay70,

Initially, I'm just trying to join the server to the domain. I'm assuming if I can't do that, trying to make the server an additional DC isn't possible. Something I forgot to include was that no errors show up either on the remote server or on our current main DC in the event logs.
CERTIFIED EXPERT
Top Expert 2006

Commented:
what kind of connection do you have between the two site mate?

Author

Commented:
Hi Bill,

Below is the nslookup output from the remote server. I tried the same command locally and got the same output.

      C:\Documents and Settings\Administrator>nslookup wiscoind.local
      Server:  wisco-db1.wiscoind.local
      Address:  172.16.1.12

      Name:    wiscoind.local
      Addresses:  172.18.1.10, 172.16.1.12

As far as the Cisco routers go, there is no filtering set on them.

Author

Commented:
Jay_Jay70,

We have a cable connection (2MB x 512Kb) locally and a Dsl (1.5MB x 256Kb) at the remote end. We have internet appliances at either end providing an always-up VPN.
CERTIFIED EXPERT
Top Expert 2006

Commented:
there is windows firewall service running on the target machine is there??

Author

Commented:
Both the remote and local Win2k3 servers have the Windows firewall disabled.
CERTIFIED EXPERT
Top Expert 2006

Commented:
good good,

im just thinking its DNS related

are you pointing your primary DNS to your server in the remote site?

sorry if you answered this alread, im at work and just posting as i can :)

Author

Commented:
Sorry for not posting back sooner.

I had a tech in for a different project and I happened to mention the problem to him and he asked how I had set the new server up. I told him I had set it up locally and then sent it down. He asked if I had joined it to the domain while it was local and I said yes. Then I had removed it from the domain prior to shipping. Then he asked if I had downed the domain controller since I'd removed the new server from the domain and I said no. He said reboot it and it should be able to join the domain then. And it worked!

I was amazed he zeroed in on this so fast but he explained he'd had a customer with the same problem about a month ago and it had taken a bit longer the first time.

Thanks all.
CERTIFIED EXPERT
Top Expert 2006

Commented:
glad you got it all sorted :)
CERTIFIED EXPERT
Top Expert 2006

Commented:
tis all good
Commented:
Closed, 500 points refunded.
GranMod
The Experts Exchange
Community Support Moderator of all Ages

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.