dbidesign
asked on
cannot join pc to server 2008 domain
Hi there,
I have a Windows 7 Pro PC i am trying to join to my domain. I already have an XP Pro PC joined to the domain, but my windows 7 pc will not join.
I have tried setting a manual ip address to the same subnet as the server, tried setting the dns server as my server, setting the ip settings on the pc to automatic.
When i go to join the domain, i am prompted for the username and password, which is entered correctly, then i am faced with the following error:
"an attempt to resolve the dns name of a domain controller in the domain being joined has failed. please verify this client is configured to reach an dns server that can resolve dns names in the target domain."
What could possibly be the issue?
I have a Windows 7 Pro PC i am trying to join to my domain. I already have an XP Pro PC joined to the domain, but my windows 7 pc will not join.
I have tried setting a manual ip address to the same subnet as the server, tried setting the dns server as my server, setting the ip settings on the pc to automatic.
When i go to join the domain, i am prompted for the username and password, which is entered correctly, then i am faced with the following error:
"an attempt to resolve the dns name of a domain controller in the domain being joined has failed. please verify this client is configured to reach an dns server that can resolve dns names in the target domain."
What could possibly be the issue?
Hi,
If you open up the DNS console from Administrative Tools on your server, then expand Forward Lookup Zones, can you see "domain.name"?
If you open up the DNS console from Administrative Tools on your server, then expand Forward Lookup Zones, can you see "domain.name"?
Hi,
computer to join the domain by doing the following: in the network adapter IP 4 properties, set the DNS ip address to that of the domain controller, NOT the DNS.
OR
cmputer by turning off or unchecking IPv6
computer to join the domain by doing the following: in the network adapter IP 4 properties, set the DNS ip address to that of the domain controller, NOT the DNS.
OR
cmputer by turning off or unchecking IPv6
In my network (SBS 2008) I had to configure and set my DC as DNS server, and then set its IP as DNS address for the clients (in fact, I configured DHCP and set client IP to automatic).
I cannot remember where I saw it, but there was something like that for win7 - Server2008 to work you must enable IPv6, although you don't employ it (perhaps some expert may help on this ;-)
HIH
RØ
I cannot remember where I saw it, but there was something like that for win7 - Server2008 to work you must enable IPv6, although you don't employ it (perhaps some expert may help on this ;-)
HIH
RØ
ASKER
Guarav05
- the domain controller was not listed when i entered that command
- yes, the domain is listed in DNS under forward lookup
- i set the dns ip address to that of my server (the same ip address i use to remote into the server)
- unchecking ipv6 did not fix it
Rodeca
i have tried with DHCP turned off and turned on, no luck
- the domain controller was not listed when i entered that command
- yes, the domain is listed in DNS under forward lookup
- i set the dns ip address to that of my server (the same ip address i use to remote into the server)
- unchecking ipv6 did not fix it
Rodeca
i have tried with DHCP turned off and turned on, no luck
Hi,
add your DC(s) addresses to your Windows 7 machine's HOSTS file
add your DC(s) addresses to your Windows 7 machine's HOSTS file
Hi,
Could be you don't have a reverse lookup zone configured. In DNS on your server right-click reverse lookup zone - select New Zone. Make sure it and the rest of your DNS is active directory integrated and in the network address enter the first three octets of your subnet - 10.0.0 or 192.168.0, then next and finish.
Nslookup won't work without correctly configured a reverse lookup zone on the dns server
Could be you don't have a reverse lookup zone configured. In DNS on your server right-click reverse lookup zone - select New Zone. Make sure it and the rest of your DNS is active directory integrated and in the network address enter the first three octets of your subnet - 10.0.0 or 192.168.0, then next and finish.
Nslookup won't work without correctly configured a reverse lookup zone on the dns server
Hi,
try after disabling the firewall.
http://www.computerperformance.co.uk/vista/vista_join_domain.htm
try after disabling the firewall.
http://www.computerperformance.co.uk/vista/vista_join_domain.htm
Try joining using the following method:
On the Windows 7 PC right click on "Computer", select "Properties", then in the Computer name section select "Change Settings". Now select "Network ID" and now answer the Questions to join the PC to the Domain.
On the Windows 7 PC right click on "Computer", select "Properties", then in the Computer name section select "Change Settings". Now select "Network ID" and now answer the Questions to join the PC to the Domain.
ASKER
gaurav05:
-I set up a reverse lookup zone, still can't find the domain using the command you gave me before and still can't join domain
- Disabled firewall, still can't join domain
Rindi:
I ran the wizard and restarted my PC, nothing changed.
It's a tough one but we can get crack this!
-I set up a reverse lookup zone, still can't find the domain using the command you gave me before and still can't join domain
- Disabled firewall, still can't join domain
Rindi:
I ran the wizard and restarted my PC, nothing changed.
It's a tough one but we can get crack this!
ASKER
I found the hosts file, but i cannot save because i need administrator privileges. I ran notepad as administrator and then tried to open hosts file - still will not let me save it.
Is the DC address the ip address of the server?
Is the DC address the ip address of the server?
did u get the response while you ping your DC server ?
thanks for the information
Is the Dc adderss the ip address of the server ?
yes.
try to make host entry.
ASKER
the ip of my server is 192.168.1.1
I can successfully ping my server
I can successfully remotely log into my server
Is the DC the same address as this? How do i know if it isn't?
I am still trying to make host entry.
I can successfully ping my server
I can successfully remotely log into my server
Is the DC the same address as this? How do i know if it isn't?
I am still trying to make host entry.
Hi,
try
nslookup 192.168.1.1
it gives you the DC Name or not ?
Have you made sure the DNS server IP on your PC only points to the DNS server of your AD domain and no others? Also try disabling IPv6 for the connection test. Also make sure the Windows 7 PC has all windowsupdates installed (maybe also disable the AV software for the process).
ASKER
at the command prompt i typed: nslookup 192.168.1.1
result: non-existant domain
I changed the preferred DNS address to 192.168.1.1
I set the default gateway to my router - i can still access the internet
I set the default gateway to 192.168.1.1 - i cannot access internet
Yes, have installed all windows updates
Yes, have disabled ipv6 and tried again
Has not worked still
What is strange is it prompts me to enter the username and password after i type in the domain name, and i enter the details correctly. But i still get the error.
result: non-existant domain
I changed the preferred DNS address to 192.168.1.1
I set the default gateway to my router - i can still access the internet
I set the default gateway to 192.168.1.1 - i cannot access internet
Yes, have installed all windows updates
Yes, have disabled ipv6 and tried again
Has not worked still
What is strange is it prompts me to enter the username and password after i type in the domain name, and i enter the details correctly. But i still get the error.
"I changed the preferred DNS address to 192.168.1.1"
and you made sure the Alternate DNS address is empty?
Are there more than one NICs in the PC?
and you made sure the Alternate DNS address is empty?
Are there more than one NICs in the PC?
ASKER
That's right, the alternate dns is empty
There is only 1 NIC, which is of course my onboard NIC.
There is only 1 NIC, which is of course my onboard NIC.
ASKER
Can anyone offer any further assistance?
several times i have users trying to join the domain and i have seen the error.
when attempting to join the domain, you will get the credential pop-up window. on this window, ive seen the servername work just fine, and sometimes i've seen that not work, but entering the full fqdn work.
short: servername
long: servername.domain.com
log on exactly as you did on XP? Account you're using not locked out on AD? Using credentials with enough priveleges to get you on the domain? flush/register dns? restart netlogon? I've never had to go beyond that.
good luck
when attempting to join the domain, you will get the credential pop-up window. on this window, ive seen the servername work just fine, and sometimes i've seen that not work, but entering the full fqdn work.
short: servername
long: servername.domain.com
log on exactly as you did on XP? Account you're using not locked out on AD? Using credentials with enough priveleges to get you on the domain? flush/register dns? restart netlogon? I've never had to go beyond that.
good luck
Do you have another machine that you can try?
To rule out a specific computer or possible type.
Can you also post an output of the ipconfig of the client?
To rule out a specific computer or possible type.
Can you also post an output of the ipconfig of the client?
ASKER
Lamini:
I've tried both versions of domain name, im using the same administrator account i used for the other XP machine, already tried flushing dns cache. But i haven't tried restarting netlogon i will give that a go. \
yo_bee:
I do have a few laptops to try i didn't want them on the domain but may as well try and can convert back to workgroup anyway.
Here is the ipconfig of the problem client:
I've tried both versions of domain name, im using the same administrator account i used for the other XP machine, already tried flushing dns cache. But i haven't tried restarting netlogon i will give that a go. \
yo_bee:
I do have a few laptops to try i didn't want them on the domain but may as well try and can convert back to workgroup anyway.
Here is the ipconfig of the problem client:
can you post a ipconfig /all
we need the "ipconfig /all" to view dns settings.
ASKER
here we go:
ASKER
So i've tried using another computer to connect to the domain, but get the same error. I am thinking it is a problem with the DNS applicaiton on the server? It is a newly set up DNS server set up only a few weeks ago.
Sounds like it.
Listed below are the items that need to be in DNS for AD to work properly. Are they all there?
Listed below are the items that need to be in DNS for AD to work properly. Are they all there?
you said earlier you could ping your dns server, assuming you also tried DNS ping? do not see your pointers so just askin.
ping <servername>.
If that dont work, obviously, no logon. If thats the case, rather than troubleshooting, i'd tear it down and rebuild if possible.
ping <servername>.
If that dont work, obviously, no logon. If thats the case, rather than troubleshooting, i'd tear it down and rebuild if possible.
ASKER
Lamini:
I pinged the ip, but i didn't ping the server name.
Yo Bee:
I can't find where those items are.
I will try to re-install the DNS role again.
I pinged the ip, but i didn't ping the server name.
Yo Bee:
I can't find where those items are.
I will try to re-install the DNS role again.
if you cant ping your dns server, you know what your problem is then. easiest and quickest way to resolve this is simply rebuilding your dns server. If clearing your DNS settings (AdminTools>DNS>forwarders
@DBidesign
Open DNS > Forward lookup Zone > Domain Name > those items should be there. If not there is your problem.
Open DNS > Forward lookup Zone > Domain Name > those items should be there. If not there is your problem.
Here is a snippet of some things to look for
So you are saying you had an AD integrated zone, then you made it a non-AD integrated zone, which wiped it out of the AD database and into a text file on the machine you did this on, specifically in the system32\dns in a file called zonename.dns. Is that correct?
So do you still have that zone file name, zonename.dns? If so, load it into DNS, and go into properties, and make it AD integrated again.
Unless you lost the zone text file?
First check to see if your DNS is set to AD intergration
1:Open DNS
2: Expand Forward lookup zone
3:Right click the Domain and select Properties
4: Check to see if the DNS is working off of a file or AD/Registry
Right click the DNS server name and select properties > Advanced
How to clear bad information in Active Directory-integrated DNS
How to reinstall a dynamic DNS Active Directory-integrated zone
So you are saying you had an AD integrated zone, then you made it a non-AD integrated zone, which wiped it out of the AD database and into a text file on the machine you did this on, specifically in the system32\dns in a file called zonename.dns. Is that correct?
So do you still have that zone file name, zonename.dns? If so, load it into DNS, and go into properties, and make it AD integrated again.
Unless you lost the zone text file?
First check to see if your DNS is set to AD intergration
1:Open DNS
2: Expand Forward lookup zone
3:Right click the Domain and select Properties4: Check to see if the DNS is working off of a file or AD/RegistryRight click the DNS server name and select properties > Advanced
How to clear bad information in Active Directory-integrated DNS
How to reinstall a dynamic DNS Active Directory-integrated zone
ASKER
I have reinstalled the DNS server, and also configured it as per the screen shots by Yo_Bee. But here is a screenshot of what my forward zone looks like:
ASKER
does anyone know why it doesn't look the same as Yo_Bee?
Can you confirm that your dns is in intergrated mode.
Are there any errors or warnings in your DC event logs for DNS?
I just noticed your IPCONFIG.
I see your server ip is .10 and your DNS is .1.
Is that correct?
I just noticed your IPCONFIG.
I see your server ip is .10 and your DNS is .1.
Is that correct?
ASKER
Thats right, it is in integrated mode, doublechecked just then.
Also, the Forward lookup zone seems to have updated now to be the same as the screenshot of your forward lookup zone.
I will check on the event logs soon.
Here is an updated screenshot of the ipconfig for the server.
Also, the Forward lookup zone seems to have updated now to be the same as the screenshot of your forward lookup zone.
I will check on the event logs soon.
Here is an updated screenshot of the ipconfig for the server.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I finally got it! I followed as you said above, but i used the network id wizard instead of the other method of changing the radio tab from workgroup to domain.
All works now. Thanks a heap for your help.
All works now. Thanks a heap for your help.
You might also try to do an nslookup for the domain controllers:
At the command prompt enter nslookup
set type=srv
_ldap._tcp.dc._msdcs.domai
Your domain controller(s) should be listed if configured correctly. (Replace domain.name with your actual domain name)