Why workstation cannot create a domain list?

Posted on 2011-10-13
Last Modified: 2012-08-14
origin: single network single domain (Windows 2003):
default gateway:
svr-exch:; dns =
workstations use dhcp.
pc1: xp joined to domain 'mydomain'.
pc2: xp joined to domain 'mydomain'
all servers and workstations are in the same network.

Changes made:
segment workstations from servers as follow:
servers stay the same
workstations are put in network
use dhcp to dispatch ip (10.0.2.x) and dns (;
workstations are able to ping servers by ip and host name;
There are no dc in 10.0.2.x network.
pc1: ip=, dns=, able to ping servers by ip and host names.

remove pc1 from 'mydomain': ok
join pc1 back into 'mydomain': ok
when user logon to 'mydomain' from pc1 for the first time, a window pop up saying 'Please wait while the domain list is created'. it never finishes.
Q#1. What is really going on when the first user logon from a newly joined workstation? What networking protocols are required for this procedure? For example, is it unicast/multicast/broadcast?
Q#2. If a new domain controller is put in the same network as the workstation, will that resovle the issue?

Thanks a lot.


Question by:richtree
    LVL 39

    Accepted Solution

    Check if these ports are opened on your router/firewall

    TCP/UDP 135
    TCP/UDP 137 (NetBIOS) -> NetBIOS Domain Name uses it
    and other necessary ports. Check this list

    I know that is for AD replication but some of them are used also by clients to get authentication

    LVL 11

    Assisted Solution

    by:Paul S
    You can press ctrl alt del while it builds the list to cancel early. also, did you add the new subnet to the AD site in "AD sites and services" ??


    Author Comment

    All ports are open.
    The new subnet is not added to the AD site.
    Is it required? Why?
    Do I also need to add a DC in the new subnet?
    If ok, please comment on Q#1.
    LVL 39

    Assisted Solution

    by:Krzysztof Pytko
    OK, one more thing. Check on your client PC if in NIC properties under advanced properties on "WINS" tab you have enabled "NetBIOS over TCP/IP"? If not, enable it and re-try


    Author Comment

    I will check and update here.
    LVL 24

    Assisted Solution

    1- Press CTRL+ALT+Del Twice to skip the domain list creation

    2- Login to the system and check if the NIC DNS address is pointed to the internal DNS server , because External DNS servers does not know our internal DNS servers and so the computer can not make the domain list because it can not find any domain ( Domain list creation depends on the DNS )

    3-Try to preset your logon domain under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\DefaultDomainName (REG_SZ) before rebooting

    4-Go to Network Connections and in "Advanced TCP/IP Settings" under "DNS" Tab  and Make sure that the  "Use this connection's DNS Suffix in DNS registration" is checked and you can ping the server using its FQDN.

    5- Login to the computer locally and also check if the windows firewall is not turned on.

    6-In the command prompt enter  " Ipconfig /Flushdns and Ipconfig /Registerdns " to renew your DNS configuration .


    Author Closing Comment


    Featured Post

    What Is Threat Intelligence?

    Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

    Join & Write a Comment

    Suggested Solutions

    I know all systems administrator at some time or another has had to create a script to copy file from a server share to a desktop. Well now there is an easy way to do this in Group Policy. Using Group policy preferences is not hard. The first thing …
    ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
    This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
    This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

    745 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    16 Experts available now in Live!

    Get 1:1 Help Now