Solved

Cannot Join Domain with Windows XP Client

Posted on 2009-04-01
12
425 Views
Last Modified: 2012-05-06
I am trying to add the first Win XP client to a new domain on a windows 2003 Enterprise Server.

I can ping the client from the server by name and IP address
I can only ping the server from the client by IP address but not name.
I have added the client computer in the Active directory.
In the client, when I  attempt to join the domain from the System dialog, the dialog returns the error "The following error occured attempting to join the domain xxxx. Logon Failure. Unknown username or bad password.

I have checked and re-checked the password and username I am using to join the domain and they are correct. The account is a member of the administratords group on the server.

Can someone advise please. Thank you.  


 
0
Comment
Question by:DavidHannen
  • 3
  • 3
  • 2
  • +4
12 Comments
 
LVL 6

Accepted Solution

by:
automationstation earned 100 total points
ID: 24039090
If you can not ping the server by name, then this is a DNS issue... what is the DNS configuration of the Windows XP machine? Ideally you would configure the DNS server to be your Domain Controller or the server inside your network running DNS.
0
 
LVL 70

Assisted Solution

by:KCTS
KCTS earned 100 total points
ID: 24039112
Its a DNS issue - the client must point at the Windows Server as its one only DNS server.
0
 
LVL 12

Assisted Solution

by:nsx106052
nsx106052 earned 100 total points
ID: 24039119
You will first need to fix your DNS settings.  Make sure the primary DNS server is a local DNS server.   Then I would verify the time is set correctly.  After that if you still can't connect read through the event logs for any other indications that something might be wrong.  
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Expert Comment

by:arvehov
ID: 24039341
Make sure the computer is not running Win XP Home, as it doesn't support joining a domain by default.
0
 
LVL 6

Expert Comment

by:danf0x
ID: 24039502
well as everyone has stated it is dns.  What you can do to narrow down where the issue is, is to ping -a the IP of the server and see what you machine thinks it resolves to.  Then you can use nslookup and see what dns you are querying and know what is giving you the wrong information.
  arv, he wouldn't even have the option of joining a domain in XPhome as that section is greyed out or non-existent to my knowledge.
0
 

Assisted Solution

by:Deving20
Deving20 earned 100 total points
ID: 24039517
If this is a new installation of Windows 2003 Enterprise Server you should also check the Windows Firewall on the domain server. It should be enabled by default and could be blocking your requests.
0
 

Author Comment

by:DavidHannen
ID: 24039815
Thanks for all the comments!

The client machine is XP pro so that is not an issue.
The client networking settings have a primary DNS of IP address of domain controller machine (Server 2003 enterprise) - no secondary address is given
The windows firewall\ICS service is disabled.

Command IP config /all run on the client returns:
Primary DNS suffix ..........Blank
Node Type .......................Unknown
IP Routing Enabled............No
WINS Proxy Enabled........No

any help?







 
0
 
LVL 70

Expert Comment

by:KCTS
ID: 24039851
when you enter the domain to join - don't enter any suffix ie if its abc.com just join the domain abc - does that work ?
0
 
LVL 6

Assisted Solution

by:danf0x
danf0x earned 100 total points
ID: 24039911
Two things you could do.
Can you post the results of the " ping -a (server ip address)"
Can you from a dos prompt type nslookup and then your machine name and post those results.
0
 

Author Comment

by:DavidHannen
ID: 24040690
KCTS - removing the '.com' suffix from the domain name does not change anything.

Danf0x - see results below

Ping -a  (run )
C:\Documents and Settings\dhannen>ping -a 192.168.1.225

Pinging 192.168.1.225 with 32 bytes of data:

Reply from 192.168.1.225: bytes=32 time<1ms TTL=128
Reply from 192.168.1.225: bytes=32 time<1ms TTL=128
Reply from 192.168.1.225: bytes=32 time<1ms TTL=128
Reply from 192.168.1.225: bytes=32 time<1ms TTL=128

Ping statistics for 192.168.1.225:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms

C:\Documents and Settings\dhannen>

NSLookup (Client Machine)

C:\Documents and Settings\dhannen>nslookup home-lap01
*** Can't find server name for address 192.168.1.225: Non-existent domain
*** Default servers are not available
Server:  UnKnown
Address:  192.168.1.225

*** UnKnown can't find home-lap01: Server failed

C:\Documents and Settings\dhannen>

Does this help?
0
 
LVL 6

Expert Comment

by:danf0x
ID: 24042632
That was what I was looking for. In your event viewer on the server there should be failures in the DNS section.
 http://www.process.com/techsupport/multinet/787/44.html
That link has a good article on figuring out why you are getting that "Server failed" instead of "non existent domain" which is what you should get when there is no listing for the name.  
0
 

Author Closing Comment

by:DavidHannen
ID: 31565693
Thanks for all input. Your comments led to an exploration of, and a better understanding of DNS. However, as is often the case, the final resolution was very mundane. The XP client has Norton Internet security on it and I had failed to add the DC server into its 'trusted network'. Once I did this, the client was able to join the domain immediately.
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Sometimes drives fill up and we don't know why.  If you don't understand the best way to use the tools available, you may end up being stumped as to why your drive says it's not full when you have no space left!  Here's how you can find out...
If you get continual lockouts after changing your Active Directory password, there are several possible reasons.  Two of the most common are using other devices to access your email and stored passwords in the credential manager of windows.
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now