Solved

Cannot Join Domain with Windows XP Client

Posted on 2009-04-01
12
424 Views
Last Modified: 2012-05-06
I am trying to add the first Win XP client to a new domain on a windows 2003 Enterprise Server.

I can ping the client from the server by name and IP address
I can only ping the server from the client by IP address but not name.
I have added the client computer in the Active directory.
In the client, when I  attempt to join the domain from the System dialog, the dialog returns the error "The following error occured attempting to join the domain xxxx. Logon Failure. Unknown username or bad password.

I have checked and re-checked the password and username I am using to join the domain and they are correct. The account is a member of the administratords group on the server.

Can someone advise please. Thank you.  


 
0
Comment
Question by:DavidHannen
  • 3
  • 3
  • 2
  • +4
12 Comments
 
LVL 6

Accepted Solution

by:
automationstation earned 100 total points
ID: 24039090
If you can not ping the server by name, then this is a DNS issue... what is the DNS configuration of the Windows XP machine? Ideally you would configure the DNS server to be your Domain Controller or the server inside your network running DNS.
0
 
LVL 70

Assisted Solution

by:KCTS
KCTS earned 100 total points
ID: 24039112
Its a DNS issue - the client must point at the Windows Server as its one only DNS server.
0
 
LVL 12

Assisted Solution

by:nsx106052
nsx106052 earned 100 total points
ID: 24039119
You will first need to fix your DNS settings.  Make sure the primary DNS server is a local DNS server.   Then I would verify the time is set correctly.  After that if you still can't connect read through the event logs for any other indications that something might be wrong.  
0
 

Expert Comment

by:arvehov
ID: 24039341
Make sure the computer is not running Win XP Home, as it doesn't support joining a domain by default.
0
 
LVL 6

Expert Comment

by:danf0x
ID: 24039502
well as everyone has stated it is dns.  What you can do to narrow down where the issue is, is to ping -a the IP of the server and see what you machine thinks it resolves to.  Then you can use nslookup and see what dns you are querying and know what is giving you the wrong information.
  arv, he wouldn't even have the option of joining a domain in XPhome as that section is greyed out or non-existent to my knowledge.
0
 

Assisted Solution

by:Deving20
Deving20 earned 100 total points
ID: 24039517
If this is a new installation of Windows 2003 Enterprise Server you should also check the Windows Firewall on the domain server. It should be enabled by default and could be blocking your requests.
0
Are end users causing IT problems again?

You’ve taken the time to design and update all your end user’s email signatures, only to find out they’re messing up the HTML, changing the font and ruining the imagery. What can you do to prevent this? Find out how you can save your signatures from end users today.

 

Author Comment

by:DavidHannen
ID: 24039815
Thanks for all the comments!

The client machine is XP pro so that is not an issue.
The client networking settings have a primary DNS of IP address of domain controller machine (Server 2003 enterprise) - no secondary address is given
The windows firewall\ICS service is disabled.

Command IP config /all run on the client returns:
Primary DNS suffix ..........Blank
Node Type .......................Unknown
IP Routing Enabled............No
WINS Proxy Enabled........No

any help?







 
0
 
LVL 70

Expert Comment

by:KCTS
ID: 24039851
when you enter the domain to join - don't enter any suffix ie if its abc.com just join the domain abc - does that work ?
0
 
LVL 6

Assisted Solution

by:danf0x
danf0x earned 100 total points
ID: 24039911
Two things you could do.
Can you post the results of the " ping -a (server ip address)"
Can you from a dos prompt type nslookup and then your machine name and post those results.
0
 

Author Comment

by:DavidHannen
ID: 24040690
KCTS - removing the '.com' suffix from the domain name does not change anything.

Danf0x - see results below

Ping -a  (run )
C:\Documents and Settings\dhannen>ping -a 192.168.1.225

Pinging 192.168.1.225 with 32 bytes of data:

Reply from 192.168.1.225: bytes=32 time<1ms TTL=128
Reply from 192.168.1.225: bytes=32 time<1ms TTL=128
Reply from 192.168.1.225: bytes=32 time<1ms TTL=128
Reply from 192.168.1.225: bytes=32 time<1ms TTL=128

Ping statistics for 192.168.1.225:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms

C:\Documents and Settings\dhannen>

NSLookup (Client Machine)

C:\Documents and Settings\dhannen>nslookup home-lap01
*** Can't find server name for address 192.168.1.225: Non-existent domain
*** Default servers are not available
Server:  UnKnown
Address:  192.168.1.225

*** UnKnown can't find home-lap01: Server failed

C:\Documents and Settings\dhannen>

Does this help?
0
 
LVL 6

Expert Comment

by:danf0x
ID: 24042632
That was what I was looking for. In your event viewer on the server there should be failures in the DNS section.
 http://www.process.com/techsupport/multinet/787/44.html
That link has a good article on figuring out why you are getting that "Server failed" instead of "non existent domain" which is what you should get when there is no listing for the name.  
0
 

Author Closing Comment

by:DavidHannen
ID: 31565693
Thanks for all input. Your comments led to an exploration of, and a better understanding of DNS. However, as is often the case, the final resolution was very mundane. The XP client has Norton Internet security on it and I had failed to add the DC server into its 'trusted network'. Once I did this, the client was able to join the domain immediately.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A Bare Metal Image backup allows for the restore of an entire system to a similar or dissimilar hardware. They are highly useful for migrations and disaster recovery. Bare Metal Image backups support Full and Incremental backups. Differential backup…
Today, still in the boom of Apple, PC's and products, nearly 50% of the computer users use Windows as graphical operating systems. If you are among those users who love windows, but are grappling to keep the system's hard drive optimized, then you s…
As developers, we are not limited to the functions provided by the VBA language. In addition, we can call the functions that are part of the Windows operating system. These functions are part of the Windows API (Application Programming Interface). U…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now