Solved

Trouble joining pc's to the domain

Posted on 2006-07-06
6
310 Views
Last Modified: 2010-04-18
Any help would be greatly appreciated!!!

I have pc's that were in a Samba Linux domain. We have disjoined the pc's from that domain and are now trying to join them to a Wiindows Server 2003 domain. About half of the pc's are joining fine with no problems. The other half are not joining the domain. They automatically return an access is denied error when you try to join them. This has nothing to do with the accounts not having permission. I am using a domain admin account to add these pc's. The fact that some are joining no problem proves that it isn't with the account being used to add the computers. We are thinking that some settings may have been changed on the local pc's by being joined to a Linux (red hat) domain. Does anyone have ANY idea whatsoever about the local security policies and how they should be set in the local pc to allow for the pc to join a Server 2003 environment?????

0
Comment
Question by:snyderpaper
6 Comments
 
LVL 9

Expert Comment

by:SamuraiCrow
ID: 17054444
You can test the security setup theory by adding the compatws template discussed here.  I've also included the instructions for applying the template.  If reseting the security doesn't work we know we'll need to look elsewhere.

Information on Security Templates

http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/sag_scedefaultpols.mspx?mfr=true


Apply a new Security Template

Apply a Security Template
1. Click Start, click Run, type mmc, and then click OK.
2. On the File menu, click Add/Remove Snap-in.
3. Click Add.
4. In the Available Stand Alone Snap-ins list, click Security Configuration and Analysis, click Add, click Close, and then click OK.
5. In the left pane, click Security Configuration and Analysis and view the instructions in the right pane.  
6. Right-click Security Configuration and Analysis, and then click Open Database.
7. In the File name box, type the name of the database file, and then click Open.
8. Click the security template that you want to use, and then click Open to import the entries that are contained in the template to the database.
9. Right-click Security Configuration and Analysis in the left pane, and then click Configure Computer Now.


Crow
0
 
LVL 51

Accepted Solution

by:
Netman66 earned 500 total points
ID: 17055283
COMPATWS.INF is for loosening the security to run applications that are non-compliant as normal Users - I don't think that's going to do much for you.

The problem may lie in the method used to image these PCs - did you run sysprep before imaging or are all these using the OEM builds that came with them?
0
 
LVL 2

Expert Comment

by:bleujaegel
ID: 17055971
Is this a fresh W2K3 install?  If not, is it possible that these machine accounts already existed in AD?  If so, delete them and try joining the domain again.  Anything in the event viewer?
0
Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

 
LVL 1

Author Comment

by:snyderpaper
ID: 17063407
I appreciate all of the responses. Let me answer all of your questions:

The problem may lie in the method used to image these PCs - did you run sysprep before imaging or are all these using the OEM builds that came with them?

They are using the OEM builds. Unfortunately, I have been hired on to a company to bring them into the 20th century and hopefully eventually into the 21st. None of these pc's were imaged so sysprep is not an issue.

Is this a fresh W2K3 install?  If not, is it possible that these machine accounts already existed in AD?  If so, delete them and try joining the domain again.  Anything in the event viewer?

As stated above these are not fresh installs. These machines did not exist in AD as they were previously on a Linux domain and are now being joined to a Windows domain. There were absolutely NO errors in the event logs on any of these pc's!

About half of the pc's joined the windows domain with no problem and the other half did not. Taking Crow's suggestion and some last minute information I got from the person who joined these pc's to the linux domain, I decided to reapply the local security policy. Unfortunately, this in and of itself did not fix the problem. I have been able to find a fix for the problem though. Using a combination of reapplying local security policy and then doing an operating system repair I was able to get them to join. There may have been an easier way to do this but I was completely stumped. I'm not sure what doing both of these in conjunction changed and allowed the pc's to join the windows domain. I am only glad that it did allow them to work.

Thanks for your input! This is my first post to experts exchange so I'm not entirely sure how to award the points. I suppose they will go to Crow as the suggestion's atleast helped to fix the problem.
0
 
LVL 1

Author Comment

by:snyderpaper
ID: 17067749
OK... I'm not sure how that happened. I clicked to give the points to Crow (or atleast I thought I did) can this be fixed???
0
 
LVL 51

Expert Comment

by:Netman66
ID: 17069660
Yes, post a Q in Community Support linking to this one asking them for assistance.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Server 2008 SBS is losing disk space 4 88
How to run the DNS query from the server? 5 66
Ms Filer Server Migration toolkit issues 2 53
Auto-Enrollment Group Policy 2 43
Organizations create, modify, and maintain huge amounts of data to help their businesses earn money and generally function.  Typically every network user within an organization has a bit of disk space to store in process items and personal files.   …
Scenerio: You have a server running Server 2003 and have applied a retail pack of Terminal Server Licenses.  You want to change servers or your server has crashed and you need to reapply the Terminal Server Licenses. When you enter the 16-digit lic…
Hi friends,  in this video  I'll show you how new windows 10 user can learn the using of windows 10. Thank you.
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now