[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 797
  • Last Modified:

Domain users not showing up in local Computer Management


I promoted a 2003 Advanced Server to a domain controller.
I created accounts in new domain.
I joined computers to domain
I log onto computers with Domain Admin accounts.

I want to add domain user and OU's to the local groups on workstations but the domain is not showing up.
In the local Administrators group I click the add button then the Select Users window opens. In the location there is only the local workstation, the domain is not a choice.
I'm able to browse the network to the DC and access directories I've given permissions to.
Any ideas that will allow me to add users and OU's to the local computer groups will be appreciated.
0
Yohaheho
Asked:
Yohaheho
  • 4
  • 4
1 Solution
 
NJComputerNetworksCommented:
Do this...

1) Open right click MY Computer and choose MANAGE from the drop down box.
2) Expand the Local users and group folder and Highlight the Groups folder
3) right click the ADMINISTRATORS group (for example), and choose properties...
4) Click ADD
5) Select the LOCATIONS button...Select, you domain or OU.
6) Click the ADVANCED button
7) click FIND NOW


Note: the select this object type...make sure USERS is shown here...

0
 
NJComputerNetworksCommented:
Note:  (do the above when you are logged in as domain admistrator)
0
 
YohahehoAuthor Commented:
NJComputerNetworks

Number 5 in your above list is the problem
5) Select the LOCATIONS button...Select, you domain or OU.

When I click the LOCATIONS button my domain is not a choice. The local workstation name is the only thing listed.
I'm logged in as a domain administrator with everything I'm trying.
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
NJComputerNetworksCommented:
Hmmm.  This is very unusual...  Please verify that DNS is working.  

Go to a command prompt on the workstation.  Run this command:

NSLOOKUP yourdomainname.com <enter>

(The IP addresses of your domain controllers should be diplayed in the results)


Also try:

NSLOOKUP yourDCname <enter>

(The IP address of your DC should display)



Another thing, you can run NETDIAG on your machine and look for errors in the report....





Another quick thing you can try is to rejoin the machine to the domain....  This time, when joining the domian, specify your fully quailified domain name (i.e. domainname.local) instead of the netbios domain name (i.e.  domainname)




0
 
YohahehoAuthor Commented:
NJ,

Black - Host name of Server
Gravel.com - Domain
This is not the web site www.gravel.com 

This is what I receive from NSLOOKUP

C:\Documents and Settings\Myname>nslookup black
Server:  eagle.asahi-net.or.jp
Address:  202.224.32.1

*** eagle.asahi-net.or.jp can't find black: Non-existent domain

C:\Documents and Settings\Myname>nslookup gravel
Server:  eagle.asahi-net.or.jp
Address:  202.224.32.1

*** eagle.asahi-net.or.jp can't find gravel: Non-existent domain

C:\Documents and Settings\Myname>nslookup gravel.com
Server:  eagle.asahi-net.or.jp
Address:  202.224.32.1

Non-authoritative answer:
Name:    gravel.com
Address:  209.126.184.13

eagle.asahi-net.or.jp is my ISP's DNS server.
The NIC in the local workstations are set up to obtain information from my Linksys router which has eagle.asahi-net.or.jp on it as it's DNS server. I don't think this should cause the problem but I thought I'd mention it.

2 DNS event id's that jump out at me are.
 - Event ID: 708 The DNS server did not detect any zones of either primary or secondary type during initialization. It will not be authoritative for any zones, and it will run as a caching-only server until a zone is loaded manually or by Active Directory replication
 - Event ID: 4015 The DNS server has encountered a critical error from the Active Directory. Check that the Active Directory is functioning properly. The extended error debug information (which may be empty) is "". The event data contains the error.

It would appear that Event ID: 708 is the first problem. How do I get this to not be a caching server but a active server?(if that's the right term)
Once that is sorted if I still have problems with the other Event ID I'll open another question.
0
 
NJComputerNetworksCommented:
"""eagle.asahi-net.or.jp is my ISP's DNS server.
The NIC in the local workstations are set up to obtain information from my Linksys router which has eagle.asahi-net.or.jp on it as it's DNS server. I don't think this should cause the problem but I thought I'd mention it.  """"

This is your problem.  You must point your entire Internal Windows envrionment to point to your Internal Windows 2003 DNS servers.  You can not use your LinkSys router as the DNS server for your domain members.

So do this...

1) Set DNS/DC on your server to point to 127.0.0.1 or the actual IP address of the server in TCP/IP settings.  Do not point to the Lynksys router or the ISP DNS servers.
2) Reboot the the DNS/DC
3) Set each workstation and server to point to the IP address of the Windows 200x DNS/DC server.  If you have two,
point to both in primary and secondary.  Do not add any entries to point to the LynkSys router or ISP DNS servers.
4) On the DNS server... open the DNS console.  Right click your Server Name and Choose PROPERTIES from the drop down box.  Click the FORWARDERS tab...enter the IP address of your LYNKSYS router here... This wil provide forwarding to the internet.

Done...
0
 
YohahehoAuthor Commented:
NJ,

You nailed it.
The forwarders were already set up on my DNS.
On my Linksys router (which also handles DHCP) I put in the address of my DNS server.
BAM!
I can see see the domain in local Computer Management and I'm still connected to the internet.

Thanks a lot
Yohaheho
0
 
YohahehoAuthor Commented:
Clarification -
The forwardrs on my DNS server were already forwarding to my ISP's DNS servers.
0

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

  • 4
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now