cannot join the domain - domain controller for the domain cannot be contacted

hello,
I just re-build the new server. WIndows 2003 server. I am trying to add this server to domain but I keep getting this error.
"Domain controller for the domain xxx cannot be contacted".
I can ping my DC using dns name and IP address.
I even tried different IP and different name same issue.


please help....

thanks
Palmer_AdminAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Andres PeralesCommented:
When you try to add to the domain, what are you entering for domain name?
fully qualified domain name or the Windows 2000 domain name?  I would try both for general purpose...
0
Palmer_AdminAuthor Commented:
i tried both.
I tired xxx and xxx.local

when I type xxx.local it asks for username and password. I type in domain admin credentials, then I get error. User already in use...something liek that.


0
Andres PeralesCommented:
when typing credentials are you putting the domain name\username or just username?
0
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

Palmer_AdminAuthor Commented:
i tired both ways.
0
ecsrdCommented:
You said you just rebuilt the server.  Is it possible you named it the same as its previous incarnation, AND you didn't remove the old incarnation from active directory?  If so, just delete the existing computer account for the old server and then re-join the domain.
0
Palmer_AdminAuthor Commented:
i just double checked and its not there. I removed it earlier.
0
Titan22Commented:
How many DCs do you have?  The delete you did may not have replicated to the other DC.
0
Palmer_AdminAuthor Commented:
5 DC. I will remove from all of them now.
0
Titan22Commented:
How big is your network?
0
Palmer_AdminAuthor Commented:
not too big. meduim.

I checked all DC and they don't have this computer name in AD.
0
Palmer_AdminAuthor Commented:
Windows firewall is OFF,
Symantec is the only thing that is installed.
I tried changing primary DNS, same issue.
0
ecsrdCommented:
What was the role of the old server?  If it was a DC, it may have an msdcs entry in AD that needs to be removed (something like abcd-1234-efabc-6789._msdcs.domain.local).
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Titan22Commented:
Is the IP address on the server DHCP or static?  If it is DHCP, statically assign one and then try to add it to the domain.  Open a CMD window and continuously ping the DC or DCs, since it could be hitting up any of them.
0
ecsrdCommented:
Additionally, run dcdiag on your existing DCs, make sure they are all reporting ok.  This sounds like an SRV record is missing or corrupt.
0
Palmer_AdminAuthor Commented:
yes it was a DC.
how do I remove "may have an msdcs entry in AD that needs to be removed (something like abcd-1234-efabc-6789._msdcs.domain.local)." and where?

thank you
0
Titan22Commented:
This might be a good time to look at third party Active Directory tools.

http://www.quest.com/active-directory/
0
ecsrdCommented:
Look in your DNS under the _msdcs category.  Check for a value similar to posted above that matches up with the name of your old server.  Your old server's name will be a CNAME of the msdcs name.
0
Palmer_AdminAuthor Commented:
I have NS and CNAME, delete both of them?
0
Palmer_AdminAuthor Commented:
in forward lookup zone, correct?
0
Palmer_AdminAuthor Commented:
I deleted CNAME, looks like NS cannot be deleted.

Do I need to wait untill it replicated to all DC now?
0
ecsrdCommented:
Once you have deleted the CNAME referencing the old server, you should wait for a minimum of 30 minutes for replication.  Once the replication is complete, try joining the domain again.  If it still does not work, look throughout the DNS structure for references refrencing the old server and clean it all up (orphaned SRV records, etc).
0
ecsrdCommented:
Be careful to remove only records pertaining to the defunct server.  Removing records pointing to a live server will cause serious problems in active directory.
0
Palmer_AdminAuthor Commented:
i will push the replication now.
0
Palmer_AdminAuthor Commented:
same issue.

I tried different PC name, same thing...
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Networking

From novice to tech pro — start learning today.