?
Solved

Cannot Join Domain from remote office? - The Network path was not found

Posted on 2010-09-23
8
Medium Priority
?
2,019 Views
Last Modified: 2012-05-10
OK, raising the white flag here!  :)
We recently opened a new office and we have a brand new Windows 2008 R2 Server setup there for which I have remote access (RDP).  There is a site to site VPN between that office and our HQ.  I have setup DNS to point to our HQ DC/DNS servers.  I can ping the DC/DNS servers and the FQDN by name from this new remote server, i.e. ping mydomain.rootdomain.com.  However, when I attempt to join the domain, I am initially prompted as normal for username/pass of authorized user, but after a minute it times out with the following error.  "The following error occurred attempting to join the domain "mydomain.rootdomain.com": The network path was not found.

I've tried everything... any ideas?  
0
Comment
Question by:dkraut
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +1
8 Comments
 
LVL 6

Accepted Solution

by:
thiagotietze earned 800 total points
ID: 33749009
There is some connection refused when joining domain?
Please run the following command, on the member desktop or server:
NETSTAT -NA 1 |find "SYN"
When running, try to join the domain again and see if this command show anything.
Please post the results...

If it shows... there possibly have a firewall problem on your structure...

You are using the DNS server IP from the Domain Controller?
0
 
LVL 59

Assisted Solution

by:Darius Ghassem
Darius Ghassem earned 400 total points
ID: 33749109
I would have to agree this seems to be a firewall or VPN issues

http://support.microsoft.com/kb/179442

Can you ping the DC by name only without the domain name.
0
 
LVL 42

Expert Comment

by:Adam Brown
ID: 33749159
In order to join remotely, you have to have a lot of ports open. RDP and ICMP are not among those ports :D
This site has a list of the ports you'll need to make sure are getting through the VPN: http://www.howtonetworking.com/casestudy/dcfirewallissue.htm
0
Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

 

Author Comment

by:dkraut
ID: 33749256
I should add that the network team confirmed that the connection between HQ and this office is wide open, no firewall.  OS Firewall is also turned off.  The netstat showed activity from the server to the DC via ports 445 and 139, but oddly the source IP flapping/changing.  This server has dual NIC's.  I've asked the local tech to pull the cable from "Local Area Connection 2" and disable it in the OS.  I'll try again after that...  Will let you know what happens.    
0
 
LVL 42

Expert Comment

by:Adam Brown
ID: 33749273
You may also want to make sure the IP scheme at the remote site doesn't overlap with the one on the corporate LAN. That can cause a ton of problems.
0
 
LVL 42

Assisted Solution

by:Adam Brown
Adam Brown earned 800 total points
ID: 33749282
0
 
LVL 6

Expert Comment

by:thiagotietze
ID: 33749646
You said that:
"The netstat showed activity from the server to the DC via ports 445 and 139"

So, if you've wrote the command as I mentioned in my post, you for sure have Firewall problems and need to open those ports between the networks.

Since you open it, you'll be able to proceed with the join domain.

Verify too if you have some personal firewall (even Windows Firewall) enabled on you machine, ou some antivirus with Threat response (Mcafee, Symantec...) These can be blocking "Site-External" connections
0
 

Author Closing Comment

by:dkraut
ID: 33783591
You guys were right, after determining that I could not telnet to the DC's via port 445 and 139 from this remote server, but could from my desktop, I called the network guys on this one and they suddenly lost their amnesia and remembered that did indeed have some ports blocked.  :|  
Once they removed the block, all was well.  Wow, what a waste of time and effort, but I appreciate the assistance!!
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
Active Directory can easily get cluttered with unused service, user and computer accounts. In this article, I will show you the way I like to implement ADCleanup..
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses
Course of the Month14 days, 11 hours left to enroll

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question