anotherhick
asked on
I can Ping the server and the DC but cannot Join a computer to the domain
I have a Windows Server 2003 Standard Machine I have installed and configured WINS, DNS, & DHCP as well as my DC, I can ping the server both by name and IP I can ping the DC by name however when ever I go to add a computer to the domain the client PC cannot find the domain controller
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Ok I do see my problem my dns is screwed up it is looking for my local domain on my ISP's DNS Server not my server
ASKER
OK here is the error message now but I seem to be digging my self a larger hole
Note: This information is intended for a network administrator. If you are not your network's administrator, notify the administrator that you received this information, which has been recorded in the file C:\Windows\debug\dcdiag.tx t.
The domain name celtic might be a NetBIOS domain name. If this is the case, verify that the domain name is properly registered with WINS.
If you are certain that the name is not a NetBIOS domain name, then the following information can help you troubleshoot your DNS configuration.
The following error occurred when DNS was queried for the service location (SRV) resource record used to locate an Active Directory Domain Controller for domain celtic:
The error was: "DNS name does not exist."
(error code 0x0000232B RCODE_NAME_ERROR)
The query was for the SRV record for _ldap._tcp.dc._msdcs.celti c
Common causes of this error include the following:
- The DNS SRV records required to locate a AD DC for the domain are not registered in DNS. These records are registered with a DNS server automatically when a AD DC is added to a domain. They are updated by the AD DC at set intervals. This computer is configured to use DNS servers with the following IP addresses:
192.168.1.100
- One or more of the following zones do not include delegation to its child zone:
celtic
. (the root zone)
For information about correcting this problem, click Help.
Note: This information is intended for a network administrator. If you are not your network's administrator, notify the administrator that you received this information, which has been recorded in the file C:\Windows\debug\dcdiag.tx
The domain name celtic might be a NetBIOS domain name. If this is the case, verify that the domain name is properly registered with WINS.
If you are certain that the name is not a NetBIOS domain name, then the following information can help you troubleshoot your DNS configuration.
The following error occurred when DNS was queried for the service location (SRV) resource record used to locate an Active Directory Domain Controller for domain celtic:
The error was: "DNS name does not exist."
(error code 0x0000232B RCODE_NAME_ERROR)
The query was for the SRV record for _ldap._tcp.dc._msdcs.celti
Common causes of this error include the following:
- The DNS SRV records required to locate a AD DC for the domain are not registered in DNS. These records are registered with a DNS server automatically when a AD DC is added to a domain. They are updated by the AD DC at set intervals. This computer is configured to use DNS servers with the following IP addresses:
192.168.1.100
- One or more of the following zones do not include delegation to its child zone:
celtic
. (the root zone)
For information about correcting this problem, click Help.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
actually no just a single server
all references to my ISP NS's have been removed with the exception of the forwarders
double checked wins, dhcp, dns and my dc everything seems to be in order but yet I still cannot join the domain
also now I cannot ping my server by name I can by IP and I can also ping the dc however when I go to join the domain thru the system properties the dc does not resolve and returns the following error-
Note: This information is intended for a network administrator. If you are not your network's administrator, notify the administrator that you received this information, which has been recorded in the file C:\Windows\debug\dcdiag.tx t.
The domain name celtic might be a NetBIOS domain name. If this is the case, verify that the domain name is properly registered with WINS.
If you are certain that the name is not a NetBIOS domain name, then the following information can help you troubleshoot your DNS configuration.
The following error occurred when DNS was queried for the service location (SRV) resource record used to locate an Active Directory Domain Controller for domain celtic:
The error was: "DNS name does not exist."
(error code 0x0000232B RCODE_NAME_ERROR)
The query was for the SRV record for _ldap._tcp.dc._msdcs.celti c
Common causes of this error include the following:
- The DNS SRV records required to locate a AD DC for the domain are not registered in DNS. These records are registered with a DNS server automatically when a AD DC is added to a domain. They are updated by the AD DC at set intervals. This computer is configured to use DNS servers with the following IP addresses:
192.168.1.100
- One or more of the following zones do not include delegation to its child zone:
celtic
. (the root zone)
For information about correcting this problem, click Help.
all references to my ISP NS's have been removed with the exception of the forwarders
double checked wins, dhcp, dns and my dc everything seems to be in order but yet I still cannot join the domain
also now I cannot ping my server by name I can by IP and I can also ping the dc however when I go to join the domain thru the system properties the dc does not resolve and returns the following error-
Note: This information is intended for a network administrator. If you are not your network's administrator, notify the administrator that you received this information, which has been recorded in the file C:\Windows\debug\dcdiag.tx
The domain name celtic might be a NetBIOS domain name. If this is the case, verify that the domain name is properly registered with WINS.
If you are certain that the name is not a NetBIOS domain name, then the following information can help you troubleshoot your DNS configuration.
The following error occurred when DNS was queried for the service location (SRV) resource record used to locate an Active Directory Domain Controller for domain celtic:
The error was: "DNS name does not exist."
(error code 0x0000232B RCODE_NAME_ERROR)
The query was for the SRV record for _ldap._tcp.dc._msdcs.celti
Common causes of this error include the following:
- The DNS SRV records required to locate a AD DC for the domain are not registered in DNS. These records are registered with a DNS server automatically when a AD DC is added to a domain. They are updated by the AD DC at set intervals. This computer is configured to use DNS servers with the following IP addresses:
192.168.1.100
- One or more of the following zones do not include delegation to its child zone:
celtic
. (the root zone)
For information about correcting this problem, click Help.
ASKER
as for my general topology single server running dns and dhcp with a singe local domain, and IIS and WINS
Along with the normal router, 2 switches, gateway, and 4 other PC's
Along with the normal router, 2 switches, gateway, and 4 other PC's
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
actually I am using celtic.local celtic is just the netbios name
and this is actually a little of both
it si possible to blow it away and start over but I would much rather not do that if it can be avoided.
besides believe it or not we are making progress. after setting the ANON login security settings to read and a fresh reboot I can now ping successfully, and when I go to join the domain it now gets past the login but still fails
what it is doing now is actually creating the account in AD for the computer but instantly disabling it which of course is going to cause it to fail on the client side now I just gotta figure out whats causing that
and this is actually a little of both
it si possible to blow it away and start over but I would much rather not do that if it can be avoided.
besides believe it or not we are making progress. after setting the ANON login security settings to read and a fresh reboot I can now ping successfully, and when I go to join the domain it now gets past the login but still fails
what it is doing now is actually creating the account in AD for the computer but instantly disabling it which of course is going to cause it to fail on the client side now I just gotta figure out whats causing that
ASKER
ok to recap what I have done sop far to get to this point was reconfigure the dns, and wins to remove any reference of my isp dns with the exception of the forwarders, verified that all entries in dns had the proper information in them i.e. the server IP and then set the security settings in the dns server allowing anonomous login read access then rebooted
Now I get all the way upto providing credentials when trying to join the domain and it fails due to the account being automatically disabled in ad as soon as it's created I have a feeling it has something to do with privledges and rights but not sure.
Now I get all the way upto providing credentials when trying to join the domain and it fails due to the account being automatically disabled in ad as soon as it's created I have a feeling it has something to do with privledges and rights but not sure.
ASKER
definatly a permissions issue
ASKER
as far as the actually being able to find and attempt to join the domain that issue has been resolved using many of the steps that were offered by multiple ppl. I 1st had to reconfigure my nic, then had to search for and remove any other reference to my ISP DNS from AD other than the DNS Forwarders, Also added some permissions to the anonomous login, aand finally make surte that all entries in DNS, DHCP, and WINS were pointing to the server then perform a reboot, I still cannot join the domain however that is an entirely different issue at this point of which I have opened another question so guys I thank you for answering this question and look forward to your help in the next
ASKER