Solved

Cannot Join Domain with Windows XP Client

Posted on 2009-04-01
12
427 Views
Last Modified: 2012-05-06
I am trying to add the first Win XP client to a new domain on a windows 2003 Enterprise Server.

I can ping the client from the server by name and IP address
I can only ping the server from the client by IP address but not name.
I have added the client computer in the Active directory.
In the client, when I  attempt to join the domain from the System dialog, the dialog returns the error "The following error occured attempting to join the domain xxxx. Logon Failure. Unknown username or bad password.

I have checked and re-checked the password and username I am using to join the domain and they are correct. The account is a member of the administratords group on the server.

Can someone advise please. Thank you.  


 
0
Comment
Question by:DavidHannen
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 2
  • +4
12 Comments
 
LVL 6

Accepted Solution

by:
automationstation earned 100 total points
ID: 24039090
If you can not ping the server by name, then this is a DNS issue... what is the DNS configuration of the Windows XP machine? Ideally you would configure the DNS server to be your Domain Controller or the server inside your network running DNS.
0
 
LVL 70

Assisted Solution

by:KCTS
KCTS earned 100 total points
ID: 24039112
Its a DNS issue - the client must point at the Windows Server as its one only DNS server.
0
 
LVL 12

Assisted Solution

by:nsx106052
nsx106052 earned 100 total points
ID: 24039119
You will first need to fix your DNS settings.  Make sure the primary DNS server is a local DNS server.   Then I would verify the time is set correctly.  After that if you still can't connect read through the event logs for any other indications that something might be wrong.  
0
Why Off-Site Backups Are The Only Way To Go

You are probably backing up your data—but how and where? Ransomware is on the rise and there are variants that specifically target backups. Read on to discover why off-site is the way to go.

 

Expert Comment

by:arvehov
ID: 24039341
Make sure the computer is not running Win XP Home, as it doesn't support joining a domain by default.
0
 
LVL 6

Expert Comment

by:danf0x
ID: 24039502
well as everyone has stated it is dns.  What you can do to narrow down where the issue is, is to ping -a the IP of the server and see what you machine thinks it resolves to.  Then you can use nslookup and see what dns you are querying and know what is giving you the wrong information.
  arv, he wouldn't even have the option of joining a domain in XPhome as that section is greyed out or non-existent to my knowledge.
0
 

Assisted Solution

by:Deving20
Deving20 earned 100 total points
ID: 24039517
If this is a new installation of Windows 2003 Enterprise Server you should also check the Windows Firewall on the domain server. It should be enabled by default and could be blocking your requests.
0
 

Author Comment

by:DavidHannen
ID: 24039815
Thanks for all the comments!

The client machine is XP pro so that is not an issue.
The client networking settings have a primary DNS of IP address of domain controller machine (Server 2003 enterprise) - no secondary address is given
The windows firewall\ICS service is disabled.

Command IP config /all run on the client returns:
Primary DNS suffix ..........Blank
Node Type .......................Unknown
IP Routing Enabled............No
WINS Proxy Enabled........No

any help?







 
0
 
LVL 70

Expert Comment

by:KCTS
ID: 24039851
when you enter the domain to join - don't enter any suffix ie if its abc.com just join the domain abc - does that work ?
0
 
LVL 6

Assisted Solution

by:danf0x
danf0x earned 100 total points
ID: 24039911
Two things you could do.
Can you post the results of the " ping -a (server ip address)"
Can you from a dos prompt type nslookup and then your machine name and post those results.
0
 

Author Comment

by:DavidHannen
ID: 24040690
KCTS - removing the '.com' suffix from the domain name does not change anything.

Danf0x - see results below

Ping -a  (run )
C:\Documents and Settings\dhannen>ping -a 192.168.1.225

Pinging 192.168.1.225 with 32 bytes of data:

Reply from 192.168.1.225: bytes=32 time<1ms TTL=128
Reply from 192.168.1.225: bytes=32 time<1ms TTL=128
Reply from 192.168.1.225: bytes=32 time<1ms TTL=128
Reply from 192.168.1.225: bytes=32 time<1ms TTL=128

Ping statistics for 192.168.1.225:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms

C:\Documents and Settings\dhannen>

NSLookup (Client Machine)

C:\Documents and Settings\dhannen>nslookup home-lap01
*** Can't find server name for address 192.168.1.225: Non-existent domain
*** Default servers are not available
Server:  UnKnown
Address:  192.168.1.225

*** UnKnown can't find home-lap01: Server failed

C:\Documents and Settings\dhannen>

Does this help?
0
 
LVL 6

Expert Comment

by:danf0x
ID: 24042632
That was what I was looking for. In your event viewer on the server there should be failures in the DNS section.
 http://www.process.com/techsupport/multinet/787/44.html
That link has a good article on figuring out why you are getting that "Server failed" instead of "non existent domain" which is what you should get when there is no listing for the name.  
0
 

Author Closing Comment

by:DavidHannen
ID: 31565693
Thanks for all input. Your comments led to an exploration of, and a better understanding of DNS. However, as is often the case, the final resolution was very mundane. The XP client has Norton Internet security on it and I had failed to add the DC server into its 'trusted network'. Once I did this, the client was able to join the domain immediately.
0

Featured Post

Get Actionable Data from Your Monitoring Solution

Your communication platform is only as good as the relevance of the information you send. Ensure your alerts get to the right people every time with actionable responses. Create escalation rules that ensure everyone follows the process and nothing is left to chance.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Determining the an SCCM package name from the Package ID
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
Finding and deleting duplicate (picture) files can be a time consuming task. My wife and I, our three kids and their families all share one dilemma: Managing our pictures. Between desktops, laptops, phones, tablets, and cameras; over the last decade…

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question