Cannot Join Machines to Domain

This past weekend, I introduced my first Windows Server 2003 Domain controller to my existing Windows 2000 domain. Everything went very well, no errors/problems. All machines are properly logging in.

This issue is that I cannot join new machines to the domain. When I attempt to do this, the client says:

Following error occured attempting to join the domain <domain>
Access Denied

The account I am using to join the machine is the Administrator AD account with full rights to everything. Is there some new Permissions or Group Policy object that is preventing me from doing this? I had no problems with this before bringing in the 2003 DC.

Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Have you gotten rid of any old dc?

Time on the machine matches ther server?
Dns is good in your network?
jschwegAuthor Commented:
I have two active DC's, one Windows 2000 and one Windows Server 2003. Active Directory is clean, no old DC's

DNS is good

Time is good as well, matches the DC exactly
jschwegAuthor Commented:
Actually scratch what I said about any machine.. It's just one machine, I just joined a Windows 2000 Pro machine to the domain just now.

This particular machine is Windows XP, was previously part of the domain, but was disjoined. The old machine account has been removed from AD and is in a workgroup right now.
Protecting & Securing Your Critical Data

Considering 93 percent of companies file for bankruptcy within 12 months of a disaster that blocked access to their data for 10 days or more, planning for the worst is just smart business. Learn how Acronis Backup integrates security at every stage

Make sure all clients and members of the domain are pointing to the internal Windows DNS servers only.  Don't point clients to ISP DNS servers...  DNS is needed for the client machine to "talk" to Active directory...

Are you using?




syntax when joining the domain?
jschwegAuthor Commented:
It's actually only this ONE machine that won't join.

DNS is pointed to my AD integrated Domain Servers
It is currently in a Workgroup

I'm attempting to join the machine to the domain through the GUI on the workstation (My Computer/Properties/Computer Name)

I've tried both "domain" and "" same result
you could try manually creating the computer account in the domain...then join.
jschwegAuthor Commented:
Did that already.

I guess I could try joining it with a different machine name, but I really shouldn't have to do that.
do you have a password associated with the administrator account?  You need a password...
jschwegAuthor Commented:
I just renamed the machine, still no luck.

Plus, I'm not sure if the above article is valid because I just joined a new machine to the domain in the same manner 15 or so minutes ago.
jschwegAuthor Commented:
Yes, there is a password associated with the local administrator account I am logging in with, as well as the Administrator Account in AD (obviously).
I have never mixed 2000 and 2003 servers as DCs but which opne is being used for AD authintication? I may be moving in the wrong direction but this just popped into my head. May be better for server 2003? Shot in the dark.
jschwegAuthor Commented:
I actually just fixed it. I thank everyone for their responses.

I removed the Client for Microsoft Networks and re-installed it, joined the domain like a champ. Must have been something hosed up with that.
Closed, 500 points refunded.
The Experts Exchange
Community Support Moderator of all Ages

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2003

From novice to tech pro — start learning today.