Cannot join Windows 2003 Server to domain

Posted on 2006-05-01
Last Modified: 2012-08-13
Does anybody know when you try to join a windows 2003 server over a VPN to VPN site and you receive a "Semaphore timeout period has expired". I'm using Netscreen Firewalls to establish a VPN to VPN. Works great. I can ping with no problems in both directions. I have an LMHOST file with the proper credentials to help the situation. I can resolve the DC AD Windows 2003 server. I do a trace route and it comes back clean. I have looked all over the net, the only thing I can find closely resembling the situation is the redirect registry timeout hack for NT 4.0. I look at the error logs and they are clean. My switch port and the NIC are both set for 100 Mbps Full Duplex. Either I have a network card that is just going bad but not showing any errors or there is a timeout that is going on with the connection that I need to lengthen within the Operating System. The Netscreen Firewalls are working just fine and not showing any errors. TTL is 126 with a return of 71ms on the nose with no problems. Ping brings back 100% of the packets.

Thank you

Question by:acrodriguez
    LVL 48

    Expert Comment

    Hi acrodriguez,

    it think from memory the best solution for this was to load a the DNZ zone locally on your to be DC.... i may be thinking of something else, but i think that was it

    LVL 51

    Accepted Solution

    I think this is due to TCP Window size over the VPN tunnel.

    Check MTU and Window Sizes on each end to be sure they match.

    You can do a DCPROMO and use media to load AD initially then allow replication to sync it up.

    Here's how to do that:

    LVL 48

    Expert Comment

    ah yes, that MTU size was the reso from another Q not DNS :)

    Netman 1    jay_jay 0    :)  
    LVL 51

    Expert Comment


    jay_jay 1 - for effort and comedic value!

    LVL 26

    Expert Comment


    Featured Post

    Maximize Your Threat Intelligence Reporting

    Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

    Join & Write a Comment

    So you have two Windows Servers and you have a directory/folder/files on one that you'd like to mirror to the other?  You don't really want to deal with DFS or a 3rd party solution like Doubletake. You can use Robocopy from the Windows Server 200…
    Setting up a Microsoft WSUS update system is free relatively speaking if you have hard disk space and processor capacity.   However, WSUS can be a blessing and a curse. For example, there is nothing worse than approving updates and they just have…
    how to add IIS SMTP to handle application/Scanner relays into office 365.
    Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

    734 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    22 Experts available now in Live!

    Get 1:1 Help Now