?
Solved

Unable to add computers to the DOMAIN

Posted on 2006-07-11
11
Medium Priority
?
2,665 Views
Last Modified: 2009-10-16
I am currently running Windows Server 2003, workstations are on XP/SP2. I was getting the error "Unable to logon due to domain controller could not be located". I have since taken workstation off of the domain and attempted to put it back on the domain with no success.

I am getting the error "DNS was successfully queried for the service location (SRV) resource reocrd used to locate a domain controller for domain <domain name removed>:

The query was for the SRV record for_ldap._tcp.dc._msdcs.<domain name removed>

The follwoing domain controllers were identified by the query.

msqnpdc.<domain name removed>
msqnsdc.<domain name removed>
ccpn-mail.<domain name removed>

Common causes of this error include
-Host A records that map the name of the domain controller to its IP addresses are missing or contain incorrect addresses.
  -- I have verified that the IP Addresses are correct.

-Domain controllers registered in DNS are not connected to the network or are not running.
  -- I have verified that that controllers are running.

Have still been unable to add computers to the domain.

0
Comment
Question by:flemingh
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
11 Comments
 
LVL 33

Expert Comment

by:NJComputerNetworks
ID: 17083898
make sure DNS is setup similar to this:

Server DC 1
NAme:  ServerDC1
IP:  10.10.10.5
subnet: 255.255.255.0
Gateway: 10.10.10.1
DNS1:  10.10.10.5 or 127.0.0.1  <--- must point to itself and not to ISP DNS server
DNS 2: Some other internal DNS server in the internal domain ....recommended also to be in the same site if possible

Client IP settings
Name:  Clientworkstation1
IP:  10.10.10.25
subnet: 255.255.255.0
Gateway:  10.10.10.1
DNS1:  10.10.10.5  <--- do not point to ISP ,...must point to local DNS server of the windows domain
DNS2:  some other internal Windows 2003 DNS server....but not to domain.



Other things to check... make sure the the netlogon directory is being displayed on your DC's.  to check Start --> Run--> \\servername\

0
 

Author Comment

by:flemingh
ID: 17084281
We have checked the above however we continue to get the same errors
0
 
LVL 33

Accepted Solution

by:
NJComputerNetworks earned 1600 total points
ID: 17084315
run DCDIAG to check for errors...
0
Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

 
LVL 1

Expert Comment

by:JEEGO
ID: 17084400
Are the machines that you are attempting to join to the domain seperated from the Domain Controller by a VPN tunnel, by any chance?
If that is the case, then I suggest that you use the full domain name (pacomccp.jtf.pacom.mil) during the JOIN DOMAIN process.

Thanks

JEEGO
0
 

Author Comment

by:flemingh
ID: 17084519
The machines are connected to the network via cable, I have typed in the fully qualified name, and still unable to join the domain.
0
 
LVL 33

Expert Comment

by:NJComputerNetworks
ID: 17084560
start --> run --> CMD

DCDIAG  <enter>


http://technet2.microsoft.com/WindowsServer/en/Library/5237db58-a1e8-40cd-ae8a-7f52848a90f21033.mspx?mfr=true


DO YOU SEE THE NETLOGON DIRCTORY ON YOUR DC's?????  Other things to check... make sure the the netlogon directory is being displayed on your DC's.  to check Start --> Run--> \\servername\


On your DC's check for Event log ERRORs!!!
0
 

Author Comment

by:flemingh
ID: 17084754
Get time errors and also get the following error:
Warning: DcGetDcName(PDC_REQUIRED) call failed, error 1355 A Primary Domain Controller could not be located. The server holding the PDC role is down.

Warning: DcGetDcName(Time_Server) call failed, error 1355 A time server could not be located.

The server holding the PDC role is down.
Warning: DcGetDcName(good_time_server-preferred) CALL FAILED, ERROR 1355
A good time server could not be located.
0
 

Author Comment

by:flemingh
ID: 17084978
Another error I have showing Kerberos does not have a ticket for host/msqnpdc.pacomccp.jtf.pacom.mil

The Security System detected an authentication error for the server cifs/PDC. The failure code from authentication protocol Kerberos was
" There are currently no logon servers available to service the logon request.

The description for Event ID in Source W32Time cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE=flag to retrieve this description.
0
 
LVL 13

Assisted Solution

by:ylandrum
ylandrum earned 400 total points
ID: 17085660
First of all, make sure the workstation and the server are set to the same time and time zone. Kerberos won't work of they are more than 5 minutes apart. Remember that if the server is set to 5:00 PM Central time and the workstaion is set to 5:00 pm Pacific time, the machines are 2 hours out of sync and Kerberos will not allow the workstation to authenticate.

If everything looks good with the time, make sure that you have a valid active server holding the PDC role. Get onto a DC (or use an xp workstation that has admin tools on it), open a command prompt, and run ntdsutil. Enter the follwoing commands:

roles
connections
connect to server <main dc>
quit
select operation target
list roles for connected server

You should get a listing of roles; make sure they are all correct. In particular, look for the PDC role (yep, there is still a PDC despite what MS says) and make sure it is pointing to the correct machine. It should look something like this:

PDC - CN=NTDS Settings,CN=<Server_Name>,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=<domain>,DC=<ext>

for example:

PDC - CN=NTDS Settings,CN=SERVER1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=experts-exchange,DC=com

For that matter, all roles should be correct. If the entry is not correct, continue with the following commands:

quit
transfer pdc

(click Yes when asked)

It will list the known roles again with the PDC listed correctly.

At this menu, you can enter Help to see how to transfer the other roles. One more thing; if any of the entries are pointing to a server that does not exist, you will have to seize those roles rather than transfer them.

0
 

Author Comment

by:flemingh
ID: 17085834
We are back up online. Able to add computers to the domain.

Ran DC Diag
did a W32tm /register
and rebooted.

0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The HP utility "HP Lights-Out Online Configuration Utility for Windows Server 2003/2008" could be of great use when it comes to remotely configure a HP servers ILO WITHOUT rebooting the server. We would only need to create and run scripts using thi…
While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
Do you want to know how to make a graph with Microsoft Access? First, create a query with the data for the chart. Then make a blank form and add a chart control. This video also shows how to change what data is displayed on the graph as well as form…
In this video, Percona Director of Solution Engineering Jon Tobin discusses the function and features of Percona Server for MongoDB. How Percona can help Percona can help you determine if Percona Server for MongoDB is the right solution for …
Suggested Courses

741 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question