Solved

Cannot Join Domain from remote office? - The Network path was not found

Posted on 2010-09-23
8
1,793 Views
Last Modified: 2012-05-10
OK, raising the white flag here!  :)
We recently opened a new office and we have a brand new Windows 2008 R2 Server setup there for which I have remote access (RDP).  There is a site to site VPN between that office and our HQ.  I have setup DNS to point to our HQ DC/DNS servers.  I can ping the DC/DNS servers and the FQDN by name from this new remote server, i.e. ping mydomain.rootdomain.com.  However, when I attempt to join the domain, I am initially prompted as normal for username/pass of authorized user, but after a minute it times out with the following error.  "The following error occurred attempting to join the domain "mydomain.rootdomain.com": The network path was not found.

I've tried everything... any ideas?  
0
Comment
Question by:dkraut
  • 3
  • 2
  • 2
  • +1
8 Comments
 
LVL 6

Accepted Solution

by:
thiagotietze earned 200 total points
ID: 33749009
There is some connection refused when joining domain?
Please run the following command, on the member desktop or server:
NETSTAT -NA 1 |find "SYN"
When running, try to join the domain again and see if this command show anything.
Please post the results...

If it shows... there possibly have a firewall problem on your structure...

You are using the DNS server IP from the Domain Controller?
0
 
LVL 59

Assisted Solution

by:Darius Ghassem
Darius Ghassem earned 100 total points
ID: 33749109
I would have to agree this seems to be a firewall or VPN issues

http://support.microsoft.com/kb/179442

Can you ping the DC by name only without the domain name.
0
 
LVL 39

Expert Comment

by:Adam Brown
ID: 33749159
In order to join remotely, you have to have a lot of ports open. RDP and ICMP are not among those ports :D
This site has a list of the ports you'll need to make sure are getting through the VPN: http://www.howtonetworking.com/casestudy/dcfirewallissue.htm
0
Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

 

Author Comment

by:dkraut
ID: 33749256
I should add that the network team confirmed that the connection between HQ and this office is wide open, no firewall.  OS Firewall is also turned off.  The netstat showed activity from the server to the DC via ports 445 and 139, but oddly the source IP flapping/changing.  This server has dual NIC's.  I've asked the local tech to pull the cable from "Local Area Connection 2" and disable it in the OS.  I'll try again after that...  Will let you know what happens.    
0
 
LVL 39

Expert Comment

by:Adam Brown
ID: 33749273
You may also want to make sure the IP scheme at the remote site doesn't overlap with the one on the corporate LAN. That can cause a ton of problems.
0
 
LVL 39

Assisted Solution

by:Adam Brown
Adam Brown earned 200 total points
ID: 33749282
0
 
LVL 6

Expert Comment

by:thiagotietze
ID: 33749646
You said that:
"The netstat showed activity from the server to the DC via ports 445 and 139"

So, if you've wrote the command as I mentioned in my post, you for sure have Firewall problems and need to open those ports between the networks.

Since you open it, you'll be able to proceed with the join domain.

Verify too if you have some personal firewall (even Windows Firewall) enabled on you machine, ou some antivirus with Threat response (Mcafee, Symantec...) These can be blocking "Site-External" connections
0
 

Author Closing Comment

by:dkraut
ID: 33783591
You guys were right, after determining that I could not telnet to the DC's via port 445 and 139 from this remote server, but could from my desktop, I called the network guys on this one and they suddenly lost their amnesia and remembered that did indeed have some ports blocked.  :|  
Once they removed the block, all was well.  Wow, what a waste of time and effort, but I appreciate the assistance!!
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
This script can help you clean up your user profile database by comparing profiles to Active Directory users in a particular OU, and removing the profiles that don't match.
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

790 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question