Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 320
  • Last Modified:

Trouble joining pc's to the domain

Any help would be greatly appreciated!!!

I have pc's that were in a Samba Linux domain. We have disjoined the pc's from that domain and are now trying to join them to a Wiindows Server 2003 domain. About half of the pc's are joining fine with no problems. The other half are not joining the domain. They automatically return an access is denied error when you try to join them. This has nothing to do with the accounts not having permission. I am using a domain admin account to add these pc's. The fact that some are joining no problem proves that it isn't with the account being used to add the computers. We are thinking that some settings may have been changed on the local pc's by being joined to a Linux (red hat) domain. Does anyone have ANY idea whatsoever about the local security policies and how they should be set in the local pc to allow for the pc to join a Server 2003 environment?????

0
snyderpaper
Asked:
snyderpaper
1 Solution
 
SamuraiCrowCommented:
You can test the security setup theory by adding the compatws template discussed here.  I've also included the instructions for applying the template.  If reseting the security doesn't work we know we'll need to look elsewhere.

Information on Security Templates

http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/sag_scedefaultpols.mspx?mfr=true


Apply a new Security Template

Apply a Security Template
1. Click Start, click Run, type mmc, and then click OK.
2. On the File menu, click Add/Remove Snap-in.
3. Click Add.
4. In the Available Stand Alone Snap-ins list, click Security Configuration and Analysis, click Add, click Close, and then click OK.
5. In the left pane, click Security Configuration and Analysis and view the instructions in the right pane.  
6. Right-click Security Configuration and Analysis, and then click Open Database.
7. In the File name box, type the name of the database file, and then click Open.
8. Click the security template that you want to use, and then click Open to import the entries that are contained in the template to the database.
9. Right-click Security Configuration and Analysis in the left pane, and then click Configure Computer Now.


Crow
0
 
Netman66Commented:
COMPATWS.INF is for loosening the security to run applications that are non-compliant as normal Users - I don't think that's going to do much for you.

The problem may lie in the method used to image these PCs - did you run sysprep before imaging or are all these using the OEM builds that came with them?
0
 
bleujaegelCommented:
Is this a fresh W2K3 install?  If not, is it possible that these machine accounts already existed in AD?  If so, delete them and try joining the domain again.  Anything in the event viewer?
0
Veeam Task Manager for Hyper-V

Task Manager for Hyper-V provides critical information that allows you to monitor Hyper-V performance by displaying real-time views of CPU and memory at the individual VM-level, so you can quickly identify which VMs are using host resources.

 
snyderpaperAuthor Commented:
I appreciate all of the responses. Let me answer all of your questions:

The problem may lie in the method used to image these PCs - did you run sysprep before imaging or are all these using the OEM builds that came with them?

They are using the OEM builds. Unfortunately, I have been hired on to a company to bring them into the 20th century and hopefully eventually into the 21st. None of these pc's were imaged so sysprep is not an issue.

Is this a fresh W2K3 install?  If not, is it possible that these machine accounts already existed in AD?  If so, delete them and try joining the domain again.  Anything in the event viewer?

As stated above these are not fresh installs. These machines did not exist in AD as they were previously on a Linux domain and are now being joined to a Windows domain. There were absolutely NO errors in the event logs on any of these pc's!

About half of the pc's joined the windows domain with no problem and the other half did not. Taking Crow's suggestion and some last minute information I got from the person who joined these pc's to the linux domain, I decided to reapply the local security policy. Unfortunately, this in and of itself did not fix the problem. I have been able to find a fix for the problem though. Using a combination of reapplying local security policy and then doing an operating system repair I was able to get them to join. There may have been an easier way to do this but I was completely stumped. I'm not sure what doing both of these in conjunction changed and allowed the pc's to join the windows domain. I am only glad that it did allow them to work.

Thanks for your input! This is my first post to experts exchange so I'm not entirely sure how to award the points. I suppose they will go to Crow as the suggestion's atleast helped to fix the problem.
0
 
snyderpaperAuthor Commented:
OK... I'm not sure how that happened. I clicked to give the points to Crow (or atleast I thought I did) can this be fixed???
0
 
Netman66Commented:
Yes, post a Q in Community Support linking to this one asking them for assistance.
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now