Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 372
  • Last Modified:

cannot join pc to server 2008 domain

Hi there,
I have a Windows 7 Pro PC i am trying to join to my domain. I already have an XP Pro PC joined to the domain, but my windows 7 pc will not join.
I have tried setting a manual ip address to the same subnet as the server, tried setting the dns server as my server, setting the ip settings on the pc to automatic.

When i go to join the domain, i am prompted for the username and password, which is entered correctly, then i am faced with the following error:

"an attempt to resolve the dns name of a domain controller in the domain being joined has failed. please verify this client is configured to reach an dns server that can resolve dns names in the target domain."

What could possibly be the issue?

0
dbidesign
Asked:
dbidesign
  • 15
  • 8
  • 8
  • +3
1 Solution
 
gaurav05Commented:
Hi,

You might also try to do an nslookup for the domain controllers:
At the command prompt enter nslookup
set type=srv
_ldap._tcp.dc._msdcs.domain.name

Your domain controller(s) should be listed if configured correctly. (Replace domain.name with your actual domain name)
0
 
gaurav05Commented:
Hi,

If you open up the DNS console from Administrative Tools on your server, then expand Forward Lookup Zones, can you see "domain.name"?
0
 
gaurav05Commented:
Hi,

computer to join the domain by doing the following:  in the network adapter IP 4 properties, set the DNS ip address to that of the domain controller, NOT the DNS.

OR

cmputer by turning off or unchecking IPv6
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
rodecaCommented:
In my network (SBS 2008) I had to configure and set my DC as DNS server, and then set its IP as DNS address for the clients (in fact, I configured DHCP and set client IP to automatic).

I cannot remember where I saw it, but there was something like that for win7 - Server2008 to work you must enable IPv6, although you don't employ it (perhaps some expert may help on this ;-)

HIH
RĂ˜
0
 
dbidesignAuthor Commented:
Guarav05
 - the domain controller was not listed when i entered that command
- yes, the domain is listed in DNS under forward lookup
- i set the dns ip address to that of my server (the same ip address i use to remote into the server)
- unchecking ipv6 did not fix it


Rodeca
i have tried with DHCP turned off and turned on, no luck


               
0
 
gaurav05Commented:
Hi,

add your DC(s) addresses to your Windows 7 machine's HOSTS file
0
 
gaurav05Commented:
Hi,

Could be you don't have a reverse lookup zone configured. In DNS on your server right-click reverse lookup zone - select New Zone. Make sure it and the rest of your DNS is active directory integrated and in the network address enter the first three octets of your subnet - 10.0.0 or 192.168.0, then next and finish.

Nslookup won't work without correctly configured a reverse lookup zone on the dns server
0
 
gaurav05Commented:
0
 
rindiCommented:
Try joining using the following method:

On the Windows 7 PC right click on "Computer", select "Properties", then in the Computer name section select "Change Settings". Now select "Network ID" and now answer the Questions to join the PC to the Domain.

0
 
dbidesignAuthor Commented:
gaurav05:
-I set up a reverse lookup zone, still can't find the domain using the command you gave me before and still can't join domain
- Disabled firewall, still can't join domain

Rindi:
I ran the wizard and restarted my PC, nothing changed.

It's a tough one but we can get crack this!
0
 
dbidesignAuthor Commented:
I found the hosts file, but i cannot save because i need administrator privileges. I ran notepad as administrator and then tried to open hosts file - still will not let me save it.
Is the DC address the ip address of the server?
0
 
gaurav05Commented:

did u get the response while you ping your DC server ?

thanks for the information

Is the Dc adderss the ip address of the server ?

yes.

try to make host entry.





0
 
dbidesignAuthor Commented:
the ip of my server is 192.168.1.1
I can successfully ping my server
I can successfully remotely log into my server

Is the DC the same address as this? How do i know if it isn't?
I am still trying to make host entry.
0
 
gaurav05Commented:


Hi,

try

nslookup  192.168.1.1

it gives you the DC Name or not ?





0
 
rindiCommented:
Have you made sure the DNS server IP on your PC only points to the DNS server of your AD domain and no others? Also try disabling IPv6 for the connection test. Also make sure the Windows 7 PC has all windowsupdates installed (maybe also disable the AV software for the process).
0
 
dbidesignAuthor Commented:
at the command prompt i typed: nslookup 192.168.1.1
result: non-existant domain

I changed the preferred DNS address to 192.168.1.1
I set the default gateway to my router - i can still access the internet
I set the default gateway to 192.168.1.1 - i cannot access internet

Yes, have installed all windows updates
Yes, have disabled ipv6 and tried again
Has not worked still

What is strange is it prompts me to enter the username and password after i type in the domain name, and i enter the details correctly. But i still get the error.



0
 
rindiCommented:
"I changed the preferred DNS address to 192.168.1.1"

and you made sure the Alternate DNS address is empty?

Are there more than one NICs in the PC?
0
 
dbidesignAuthor Commented:
That's right, the alternate dns is empty
There is only 1 NIC, which is of course my onboard NIC.
0
 
dbidesignAuthor Commented:
Can anyone offer any further assistance?
0
 
LaminiCommented:
several times i have users trying to join the domain and i have seen the error.

when attempting to join the domain, you will get the credential pop-up window. on this window, ive seen the servername work just fine, and sometimes i've seen that not work, but entering the full fqdn work.

short: servername
long: servername.domain.com

log on exactly as you did on XP? Account you're using not locked out on AD? Using credentials with enough priveleges to get you on the domain? flush/register dns? restart netlogon?  I've never had to go beyond that.

good luck
0
 
yo_beeDirector of ITCommented:
Do you have another machine that you can try?
To rule out a specific computer or possible type.
Can you also post an output of the ipconfig of the client?
0
 
dbidesignAuthor Commented:
Lamini:

I've tried both versions of domain name, im using the same administrator account i used for the other XP machine, already tried flushing dns cache. But i haven't tried restarting netlogon i will give that a go. \

yo_bee:
I do have a few laptops to try i didn't want them on the domain but may as well try and can convert back to workgroup anyway.

Here is the ipconfig of the problem client:
 ipconfig
0
 
yo_beeDirector of ITCommented:
can you post a ipconfig /all
0
 
LaminiCommented:
we need the "ipconfig /all" to view dns settings.
0
 
dbidesignAuthor Commented:
here we go:

 ip
0
 
dbidesignAuthor Commented:
So i've tried using another computer to connect to the domain, but get the same error. I am thinking it is a problem with the DNS applicaiton on the server? It is a newly set up DNS server set up only a few weeks ago.
0
 
yo_beeDirector of ITCommented:
Sounds like it.

Listed below are the items that need to be in DNS for AD to work properly. Are they all there?
   Foward Lookup ZOne
0
 
LaminiCommented:
you said earlier you could ping your dns server, assuming you also tried DNS ping? do not see your pointers so just askin.

ping <servername>.

If that dont work, obviously, no logon. If thats the case, rather than troubleshooting, i'd tear it down and rebuild if possible.
0
 
dbidesignAuthor Commented:
Lamini:
I pinged the ip, but i didn't ping the server name.

Yo Bee:
I can't find where those items are.


I will try to re-install the DNS role again.
0
 
LaminiCommented:
if you cant ping your dns server, you know what your problem is then. easiest and quickest way to resolve this is simply rebuilding your dns server. If clearing your DNS settings (AdminTools>DNS>forwarders/reverse lookup) (and i dont know what yours looks like) doesnt do the job (most of the time it has for me), simply reinstalling the DNS role will do it, as long as everything else is set correctly.
0
 
yo_beeDirector of ITCommented:
@DBidesign
Open DNS > Forward lookup Zone > Domain Name >  those items should be there.  If not there is your problem.
0
 
yo_beeDirector of ITCommented:
Here is a snippet of some things to look for
So you are saying you had an AD integrated zone, then you made it a non-AD integrated zone, which wiped it out of the AD database and into a text file on the machine you did this on, specifically in the system32\dns in a file called zonename.dns. Is that correct?
 
So do you still have that zone file name, zonename.dns? If so, load it into DNS, and go into properties, and make it AD integrated again.

Unless you lost the zone text file?

First check to see if your DNS is set to AD intergration
1:Open DNS
2: Expand Forward lookup zone
  DNS structure3:Right click the Domain and select Properties
 Propteries of Domain DNS4: Check to see if the DNS is working off of a file or AD/Registry
Right click the DNS server name and select properties > Advanced
Server DNS Properties
How to clear bad information in Active Directory-integrated DNS
How to reinstall a dynamic DNS Active Directory-integrated zone
 
0
 
dbidesignAuthor Commented:
I have reinstalled the DNS server, and also configured it as per the screen shots by Yo_Bee. But here is a screenshot of what my forward zone looks like:

 hg
0
 
dbidesignAuthor Commented:
does anyone know why it doesn't look the same as Yo_Bee?
0
 
yo_beeDirector of ITCommented:
Can you confirm that your dns is in intergrated mode.
0
 
yo_beeDirector of ITCommented:
Are there any errors or warnings in your DC event logs for DNS?
I just noticed your IPCONFIG.

I see your server ip is .10 and your DNS is .1.
Is that correct?
0
 
dbidesignAuthor Commented:
Thats right, it is in integrated mode, doublechecked just then.
Also, the Forward lookup zone seems to have updated now to be the same as the screenshot of your forward lookup zone.
I will check on the event logs soon.

Here is an updated screenshot of the ipconfig for the server.

 fg
0
 
yo_beeDirector of ITCommented:
0
 
LaminiCommented:
your dns stuff looks a bit screwed.

open tcp/ip properties, check your dns tab. make sure apped parent suffixes... radio tab is checked, and check the box below it "Apped parent suffixes..."; and on the bottom, make sure the bottom check boxes are both checked. follow by a refresh a couple times in you DNS Manager. If that dont do it, restarting the dns server (right click, restart) should do it.
0
 
dbidesignAuthor Commented:
I finally got it! I followed as you said above, but i used the network id wizard instead of the other method of changing the radio tab from workgroup to domain.
All works now. Thanks a heap for your help.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 15
  • 8
  • 8
  • +3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now