Unable to join server to domain

Posted on 2011-10-17
Last Modified: 2012-05-12
I have a server that was having an issue talking to the domain.

- Installed windows updates to see if that would solved problem.
- Scanned for infections (using malwarebytes) and cleaned up 2 trojans. Still could not ping or be pinged by name.
- Tried repairing NIC and received error: "clearing NetBT".
- I uninstalled NIC drivers and reinstalled drivers for the NIC.
- resetting IP stack using netsh command. I was then able to see network devices and ping by name, fqdn, and IP without a problem. Still unable to browse other network devices
- I removed server from domain. Rejoin to domain failed. Error DNS- checked DNS for incorrect entries or missing server entries.

Urgently need assistance. Microsoft Support is a joke if you aren't in the US.
Question by:IAmDH
    LVL 18

    Expert Comment

    by:Don S.
    this looks like a clasic unable to resolve the name problem.  That is typically caused by one or more of the following:
    -Incorrect DNS server and/or domain suffix entries in your IP configuration
    -Malware generated Host file intercepting name resolution
    -A firewall is on somewhere between the the server and the DNS that is blocking the DNS request.
    -the specified DNS server is either not reponding at all or does not have the requested information.
    LVL 8

    Expert Comment


    1- Could you update NIC Firmware (not driver)
    2- Use different NIC port if available
    3- Make sure manual IP settings are correct (Double check recommended)
    4- Replace the patch cable (Cheap data cables gives up frequently even they physically OK)
    5- Change the switch port


    Author Comment


    When attempting to add to domain, the error in screenshot shows up. It's detecting the two DCs, because it lists the servers by name. So the DNS suffix is definitely correct. I've run Malwarebytes through twice and haven't detected any further infections other than the ones initially detected. The DNS servers are servicing all other devices beside this one server.


    I can try firmware, but for the problem arise as a result of the infection on the server leads me to believe there's a different route to take. I already tried a different NIC port. IP settings are correct. I haven't tried the patch cable or the switch port. Though I'm sure the problem is within the NIC, since the netsh command restored my ability to see actually see devices on the network.
    LVL 1

    Expert Comment

    Verify your hosts file:

    Once you take out the server of the domain remove its DNS register from the dns server and remove the computer account from the domain, reboot. Then upon adding it to the domain use FQDN for the registration ( instead of just domain) I would suggest you try to ping the dc first to see if it 'sees' it.

    I've had similar issues with Win7 workstations and this solved the issue.

    Author Comment

    So here's a little further insight into the problem.

    I believe there's an infection that I cannot remove on the server. I tried to run SuperAntiSpyware and after about 20 seconds of scanning it just disappears. If I try to run the executable it says I don't have permission to run this file. Same thing for my Malwarebytes shortcut.

    I'm pretty sure that's what it actually jacking up my ability to connect to the domain.

    Can anyone provide any assistance with this?
    LVL 1

    Accepted Solution

    You then need to try and scan the server offline (either from a recovery media like UBCD or from safe mode), please be advised that if there are binaries infected this will remove them.

    Running this form a secured usb disk or dvd from live mode could also avoid it from being hijacked by the virus/trojan


    Author Comment

    Thanks for the assistance. I was finally able to remove the infection by using Kaspersky removal tool in Safe Mode. Had to run the scan through twice to totally remove infections.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    I wrote this article to explain some important DNS concepts that should be known to avoid some typical configuration errors I often see in forums. I assume that what is described here is the typical behavior of Microsoft DNS client. I don't know …
    I've written instructions for one router type, but this principle may be useful for others of the same brand and even other brands of router. Problem: I had an issue especially with mobile devices that refused to use DNS information supplied via…
    how to add IIS SMTP to handle application/Scanner relays into office 365.
    This video is in connection to the article "The case of a missing mobile phone (". It will help one to understand clearly the steps to track a lost android phone.

    761 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    12 Experts available now in Live!

    Get 1:1 Help Now