Windows 2003 domain and Windows 2008

We have a new windows 2008 server and I want it to join windows 2003 server domain. So when I try to join domain it ask for username and password and then gives an error :
An attempt to resolve the DNS name of a domain controller in the domain being joined has failed. Please verify this client is configured to reach a DNS server that can resolve DNS names in the target domain
shahednyAsked:
Who is Participating?
 
Glen KnightConnect With a Mentor Commented:
Make sure the 2008 server a a valid internal DNS server specified in the TCP/IP properties of the network card.

This would be the same as the settings from your 2003 Domain Controller (or any other client should also be using these settings)

You may find the DNS server is your Domain Controller
0
 
shahednyAuthor Commented:
I am using same DNS server as other computers, should I use local ip (example: 192.168.111.1) or external IP: 64.7.X.X

is it the reason?
0
 
Glen KnightConnect With a Mentor Commented:
ALL Windows Servers (especially the domain controller) should be using a Local IP address for DNS, if youdo not the the Domain Controller will not be able to register all it's SRV records.

If your DC does not have a valid internal  DNS server please modify it to make sure it does and then give it a restart (there are other ways but this will make sure everything is updated)
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
Lee W, MVPConnect With a Mentor Technology and Business Process AdvisorCommented:
Sounds like your DNS isn't properly configured.  

In short, the TCP/IP settings of the DCs should ONLY point to itself and/or another DNS server that's part of your domain.  All your workstations and servers should be pointing likewise.  You should NOT be using your ISP DNS servers.

If you want to be certain, run IPCONFIG /ALL on the DC(s) and the Server you're having trouble with and post the results.
0
 
Encrypted1024Connect With a Mentor Commented:
You would use the internal IP of your internal DNS server for your domain (Likely the other DC as noted).
Make sure you do a Forest and Domain prep before adding your foirst 2008 DC to your forest.
 
0
 
Glen KnightConnect With a Mentor Commented:
You DO NOT need to run forest and domain prep if you are only adding the server as a member server.
0
 
Encrypted1024Connect With a Mentor Commented:
True, I did note first 2008 DC, but good to point out.
0
 
shahednyAuthor Commented:
Sorry guys not an expert here, so should I go to old server and change DNS to 192.168.1.1? and what about secondary DNs
it was working fine for last 8 years with that setup , and I have 6 xp joining the domain
0
 
Encrypted1024Connect With a Mentor Commented:
Your old Server should be pointing at itself for DNS. Your new server should point at the old server. Your client PC's should point at your old server for DNS. I assume 192.168.1.1 is your default gateway address and nothing should point there for dns only default gateway. (unless 192.168.1.1 is the IP of your 2003 server)
0
 
Lee W, MVPTechnology and Business Process AdvisorCommented:
If you run IPCONFIG /ALL as I mentioned earlier, you can avoid confusion and help ensure you get the best possible answer.
0
 
shahednyAuthor Commented:
My old server ip: 192.168.111.13
but dns is public ip I use. I use soho firewall
so I can change dns to .1
my new server dns should be .13 or .1?

0
 
Encrypted1024Connect With a Mentor Commented:
If your old server is a DC and DNS server, which I am assuming it is since you are trying to join the other server to your domain, then EVERY COMPUTER in your domain NEEDS to point at 192.168.111.13.
Nothing should point at a public DNS server or your router (except your dns server if you are forwarding). This will cause a great deal of difficulty logging onto your domain or doing any domain related functions.
 
0
 
Lee W, MVPTechnology and Business Process AdvisorCommented:
Can I assume that means you don't want to run IPCONFIG /ALL and copy and paste the info here?
0
 
Lee W, MVPConnect With a Mentor Technology and Business Process AdvisorCommented:
Let me put this another way:

Active Directory uses DNS to locate resources - the Domain Controllers, the FSMO masters, the global catalogs.

Windows DCs want to register this information with DNS so that the clients get the correct locations when asking.

Your ISP doesn't want to accept any registrations from your systems - you could corrupt their DNS and affect their entire client base - so why would they accept your updates?

So now, if you use your ISP's DNS settings on the server's TCP/IP properties, the server tries to register but the registration attempts are ignored.

Now your clients (including servers), assuming they use the ISP's DNS as well, try to locate your DC by asking your ISP DNS - which says, in human terms, "I have no idea what you're asking me for and I don't care".  So eventually the client comes back and says "I can't find it - the guy you told me to talk to says he knows nothing and doesn't care".
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.