Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Trouble joining pc's to the domain

Posted on 2006-07-06
6
Medium Priority
?
318 Views
Last Modified: 2010-04-18
Any help would be greatly appreciated!!!

I have pc's that were in a Samba Linux domain. We have disjoined the pc's from that domain and are now trying to join them to a Wiindows Server 2003 domain. About half of the pc's are joining fine with no problems. The other half are not joining the domain. They automatically return an access is denied error when you try to join them. This has nothing to do with the accounts not having permission. I am using a domain admin account to add these pc's. The fact that some are joining no problem proves that it isn't with the account being used to add the computers. We are thinking that some settings may have been changed on the local pc's by being joined to a Linux (red hat) domain. Does anyone have ANY idea whatsoever about the local security policies and how they should be set in the local pc to allow for the pc to join a Server 2003 environment?????

0
Comment
Question by:snyderpaper
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 9

Expert Comment

by:SamuraiCrow
ID: 17054444
You can test the security setup theory by adding the compatws template discussed here.  I've also included the instructions for applying the template.  If reseting the security doesn't work we know we'll need to look elsewhere.

Information on Security Templates

http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/sag_scedefaultpols.mspx?mfr=true


Apply a new Security Template

Apply a Security Template
1. Click Start, click Run, type mmc, and then click OK.
2. On the File menu, click Add/Remove Snap-in.
3. Click Add.
4. In the Available Stand Alone Snap-ins list, click Security Configuration and Analysis, click Add, click Close, and then click OK.
5. In the left pane, click Security Configuration and Analysis and view the instructions in the right pane.  
6. Right-click Security Configuration and Analysis, and then click Open Database.
7. In the File name box, type the name of the database file, and then click Open.
8. Click the security template that you want to use, and then click Open to import the entries that are contained in the template to the database.
9. Right-click Security Configuration and Analysis in the left pane, and then click Configure Computer Now.


Crow
0
 
LVL 51

Accepted Solution

by:
Netman66 earned 1500 total points
ID: 17055283
COMPATWS.INF is for loosening the security to run applications that are non-compliant as normal Users - I don't think that's going to do much for you.

The problem may lie in the method used to image these PCs - did you run sysprep before imaging or are all these using the OEM builds that came with them?
0
 
LVL 2

Expert Comment

by:bleujaegel
ID: 17055971
Is this a fresh W2K3 install?  If not, is it possible that these machine accounts already existed in AD?  If so, delete them and try joining the domain again.  Anything in the event viewer?
0
Back Up Your Microsoft Windows Server®

Back up all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

 
LVL 1

Author Comment

by:snyderpaper
ID: 17063407
I appreciate all of the responses. Let me answer all of your questions:

The problem may lie in the method used to image these PCs - did you run sysprep before imaging or are all these using the OEM builds that came with them?

They are using the OEM builds. Unfortunately, I have been hired on to a company to bring them into the 20th century and hopefully eventually into the 21st. None of these pc's were imaged so sysprep is not an issue.

Is this a fresh W2K3 install?  If not, is it possible that these machine accounts already existed in AD?  If so, delete them and try joining the domain again.  Anything in the event viewer?

As stated above these are not fresh installs. These machines did not exist in AD as they were previously on a Linux domain and are now being joined to a Windows domain. There were absolutely NO errors in the event logs on any of these pc's!

About half of the pc's joined the windows domain with no problem and the other half did not. Taking Crow's suggestion and some last minute information I got from the person who joined these pc's to the linux domain, I decided to reapply the local security policy. Unfortunately, this in and of itself did not fix the problem. I have been able to find a fix for the problem though. Using a combination of reapplying local security policy and then doing an operating system repair I was able to get them to join. There may have been an easier way to do this but I was completely stumped. I'm not sure what doing both of these in conjunction changed and allowed the pc's to join the windows domain. I am only glad that it did allow them to work.

Thanks for your input! This is my first post to experts exchange so I'm not entirely sure how to award the points. I suppose they will go to Crow as the suggestion's atleast helped to fix the problem.
0
 
LVL 1

Author Comment

by:snyderpaper
ID: 17067749
OK... I'm not sure how that happened. I clicked to give the points to Crow (or atleast I thought I did) can this be fixed???
0
 
LVL 51

Expert Comment

by:Netman66
ID: 17069660
Yes, post a Q in Community Support linking to this one asking them for assistance.
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many of us need to configure DHCP server(s) in their environment. We can do that simply via DHCP console on server or using MMC snap-in on each computer with Administrative Tools installed in a network. But what if we have to configure many DHCP ser…
Learn about cloud computing and its benefits for small business owners.
Video by: ITPro.TV
In this episode Don builds upon the troubleshooting techniques by demonstrating how to properly monitor a vSphere deployment to detect problems before they occur. He begins the show using tools found within the vSphere suite as ends the show demonst…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…

661 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question