Solved

Problems joining Windows 8 to Server 2003 Domain

Posted on 2013-01-23
27
6,968 Views
Last Modified: 2013-02-23
I am having trouble joining a Windows 8 Pro desktop to our domain. I have added XP & Windows 7 machines with no problems. Nothing has changed in the server configuration and I even removed and re-added an XP machine just to test. It joined normally.

The Windows 8 machine seemed like it worked the first time and allowed me to logon as one domain user and it correctly mapped a drive.

"The system cannot contact a domain controller to service the authentication request."

Can open and browse folders on server by IP but not name, although it worked last night when i first joined. I cannot logon as any other domain user besides the first one.

When I try to logon on as another user I get this "There are currently no logon servers available to service the logon request."

I appreciate any help troubleshooting this.
0
Comment
Question by:jmolhava
  • 15
  • 7
  • 3
  • +2
27 Comments
 
LVL 23

Expert Comment

by:Thomas Grassi
Comment Utility
ipconfig /all  check dns settings

try ipconfig /flushdns

ipconfig /registerdns

nslookup

post results
0
 
LVL 11

Expert Comment

by:BillBondo
Comment Utility
Sounds like the same issue as win 7.... Rejoin the domain and pull the network cable if you cant log on.
0
 
LVL 18

Expert Comment

by:sarang_tinguria
Comment Utility
How DNS is configured in Windows 8 agree with trgrassijr55 ..plz post ipconfig /all from DC & Win8 system
0
 
LVL 5

Expert Comment

by:vin_shooter
Comment Utility
Hi jmolhava,

can you kindly check the "system event logs" in eventviewer in windows8 workstation and share the results here. Also check the "Primary DNS" Configured in the workstation. Check able to ping and resolve the "Primary DNS" configured in the workstation.

To know the Primary DNS server, type IPCONFIG /ALL in your windows 8 workstation command prompt.

Check the Netlogon service status in windows 8 workstation also restart the netlogon service once and give a try.

The restarting of netlogon service may fix this issue if not kindly share the event logs as requested above.
0
 

Author Comment

by:jmolhava
Comment Utility
Here is from the SERVER:

Windows IP Configuration

   Host Name . . . . . . . . . . . . : server
   Primary Dns Suffix  . . . . . . . : domain.com
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : domain.com

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel(R) PRO/1000 CT Network Connection
   Physical Address. . . . . . . . . : 00-04-23-B9-17-22
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : 192.168.0.10
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.0.1
   DNS Servers . . . . . . . . . . . : 192.168.0.10

Here is from the WORKSTATION:

Windows IP Configuration

   Host Name . . . . . . . . . . . . : workstation
   Primary Dns Suffix  . . . . . . . : domain.com
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : domain.com

Ethernet adapter Ethernet:

   Connection-specific DNS Suffix  . : domain.com
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : EC-A8-6B-C0-62-4B
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::38a2:3408:f669:3d94%12(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.0.97(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Friday, January 25, 2013 10:05:06 AM
   Lease Expires . . . . . . . . . . : Monday, January 28, 2013 7:45:30 PM
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.10
   DHCPv6 IAID . . . . . . . . . . . : 267167851
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-90-F1-2E-EC-A8-6B-C0-62-4B

   DNS Servers . . . . . . . . . . . : 192.168.0.10
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.nlcci.com:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : domain.com
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:1067:36de:3f57:ff9e(Pref
erred)
   Link-local IPv6 Address . . . . . : fe80::1067:36de:3f57:ff9e%14(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
0
 

Author Comment

by:jmolhava
Comment Utility
I have already rejoined the domain a couple times and it does join the domain initially and lets me logon with one domain user. Currently if I try to logon with another domain user it says: "There are currently no logon servers available to service the logon request."

I can ping the server from the workstation with no problem using either "ping server" or "ping server.domain.com"

When I open a share on the server it prompts for credentials and says "The system cannot contact a domain controller to service the authentication request." I can browse the shares with credentials.

I checked the netlogon service and it is set to automatic and was started. I restarted it but it made no difference.

NSLOOKUP resolves correctly.
0
 

Author Comment

by:jmolhava
Comment Utility
More info:
There are a bunch of these from the event viewer on the workstation:

Event ID: 1129
The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has successfully processed. If you do not see a success message for several hours, then contact your administrator.

I am troubleshooting the network connections; replaced a couple cables but so far no change.

However I am able to do a continuous ping with a packet of 25000 bytes. The results are consistent with a time of 5ms. I would assume if the problem was actually a bad connection or port etc, then it would show here.
0
 
LVL 23

Expert Comment

by:Thomas Grassi
Comment Utility
What happens if you type gpupdate from command prompt?
0
 

Author Comment

by:jmolhava
Comment Utility
Here is the result:

Updating policy...

Computer policy could not be updated successfully. The following errors were enc
ountered:

The processing of Group Policy failed because of lack of network connectivity to
 a domain controller. This may be a transient condition. A success message would
 be generated once the machine gets connected to the domain controller and Group
 Policy has successfully processed. If you do not see a success message for seve
ral hours, then contact your administrator.
User Policy could not be updated successfully. The following errors were encount
ered:

The processing of Group Policy failed because of lack of network connectivity to
 a domain controller. This may be a transient condition. A success message would
 be generated once the machine gets connected to the domain controller and Group
 Policy has successfully processed. If you do not see a success message for seve
ral hours, then contact your administrator.

To diagnose the failure, review the event log or run GPRESULT /H GPReport.html f
rom the command line to access information about Group Policy results.
0
 
LVL 23

Expert Comment

by:Thomas Grassi
Comment Utility
Which active directory functional level you running on your windows 2003 domain controllers?
0
 

Author Comment

by:jmolhava
Comment Utility
Windows Server 2003
0
 
LVL 23

Expert Comment

by:Thomas Grassi
Comment Utility
run this  dcdiag /s:<DCName>

post results
0
 

Author Comment

by:jmolhava
Comment Utility
I ran it on the server, here it is:

Domain Controller Diagnosis

Performing initial setup:
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\NLCC-SERVER
      Starting test: Connectivity
         ......................... NLCC-SERVER passed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\NLCC-SERVER
      Starting test: Replications
         ......................... NLCC-SERVER passed test Replications
      Starting test: NCSecDesc
         ......................... NLCC-SERVER passed test NCSecDesc
      Starting test: NetLogons
         ......................... NLCC-SERVER passed test NetLogons
      Starting test: Advertising
         ......................... NLCC-SERVER passed test Advertising
      Starting test: KnowsOfRoleHolders
         ......................... NLCC-SERVER passed test KnowsOfRoleHolders
      Starting test: RidManager
         ......................... NLCC-SERVER passed test RidManager
      Starting test: MachineAccount
         ......................... NLCC-SERVER passed test MachineAccount
      Starting test: Services
         ......................... NLCC-SERVER passed test Services
      Starting test: ObjectsReplicated
         ......................... NLCC-SERVER passed test ObjectsReplicated
      Starting test: frssysvol
         ......................... NLCC-SERVER passed test frssysvol
      Starting test: frsevent
         ......................... NLCC-SERVER passed test frsevent
      Starting test: kccevent
         ......................... NLCC-SERVER passed test kccevent
      Starting test: systemlog
         An Error Event occured.  EventID: 0xC0001B59
            Time Generated: 01/28/2013   16:01:16
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0xC0001B59
            Time Generated: 01/28/2013   16:29:16
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0xC0001B59
            Time Generated: 01/28/2013   16:41:56
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0xC0001B59
            Time Generated: 01/28/2013   16:52:10
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0xC0001B59
            Time Generated: 01/28/2013   16:52:13
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0xC0001B59
            Time Generated: 01/28/2013   16:52:17
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0xC0001B59
            Time Generated: 01/28/2013   16:52:20
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0xC0001B59
            Time Generated: 01/28/2013   16:52:24
            (Event String could not be retrieved)
         ......................... NLCC-SERVER failed test systemlog
      Starting test: VerifyReferences
         ......................... NLCC-SERVER passed test VerifyReferences

   Running partition tests on : ForestDnsZones
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test CrossRefValidation

      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom

   Running partition tests on : DomainDnsZones
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test CrossRefValidation

      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom

   Running partition tests on : Schema
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom

   Running partition tests on : Configuration
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom

   Running partition tests on : nlcci
      Starting test: CrossRefValidation
         ......................... nlcci passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... nlcci passed test CheckSDRefDom

   Running enterprise tests on : nlcci.com
      Starting test: Intersite
         ......................... nlcci.com passed test Intersite
      Starting test: FsmoCheck
         ......................... nlcci.com passed test FsmoCheck
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 

Author Comment

by:jmolhava
Comment Utility
btw - it will not run on Windows 8 which is what the workstation has.
0
 
LVL 23

Expert Comment

by:Thomas Grassi
Comment Utility
Sounds like you have a DNS issue

on windows 8 computer does it show up in the DNS server?

try ipconfig /flushdns

ipconfig /registerdns
0
 

Author Comment

by:jmolhava
Comment Utility
That made no difference. It also resolves the server name just fine when pinging so...
0
 
LVL 23

Expert Comment

by:Thomas Grassi
Comment Utility
Did the windows 8 computer show up in the DNS server as registered?

How many DC's do you have?

Lets try cleaning up the meta database

http://support.microsoft.com/kb/216498

Also another thing Are you sure that the windows 8 computer is not still in AD?

Try renaming the computer and see if it joins.
0
 

Author Comment

by:jmolhava
Comment Utility
Yes the workstation is registered in DNS on the server.

There is one DC, and it is the only server on the network.

Joining the domain has always worked, and when I have left and rejoined the domain I did rename the computer. I also deleted it from AD to be sure. The first time I login after joining the domain it works and I was able to browse server shares. Shortly afterwards the problems began.
0
 
LVL 23

Expert Comment

by:Thomas Grassi
Comment Utility
This is puzzling  An Error Event occured.  EventID: 0xC0001B59

Something is not correct on the server here.

On the server event viewer what errros are we seeing from syslog?
0
 

Author Comment

by:jmolhava
Comment Utility
That error was just related to the DHCP client service which was turned off for testing. I turned it back on.
0
 
LVL 5

Expert Comment

by:vin_shooter
Comment Utility
Can you check the time sync between the windows 8 workstation and the domain controller.

Stop the windows time service and start it.

Then execute below command will help to synchronize the time with Domain controller,

w32tm /resync

After completion of time sync try to access the shares in the network.

If you're still facing the issue, login to the Domain controller and execute the below command,

klist /tickets

Check for most recently granted ticket by the domain controller also share the results here.

Most probably after execution of time SYNC command, the issue may get resolved.
0
 

Author Comment

by:jmolhava
Comment Utility
Here is what I get:

C:\Windows\system32>w32tm /resync
Sending resync command to local computer
The computer did not resync because no time data was available.
0
 

Author Comment

by:jmolhava
Comment Utility
This may be relevant, when I run gpupdate i get this:

C:\Windows\system32>gpupdate /force
Updating policy...

Computer policy could not be updated successfully. The following errors were enc
ountered:

The processing of Group Policy failed because of lack of network connectivity to
 a domain controller. This may be a transient condition. A success message would
 be generated once the machine gets connected to the domain controller and Group
 Policy has successfully processed. If you do not see a success message for seve
ral hours, then contact your administrator.
User Policy could not be updated successfully. The following errors were encount
ered:

The processing of Group Policy failed because of lack of network connectivity to
 a domain controller. This may be a transient condition. A success message would
 be generated once the machine gets connected to the domain controller and Group
 Policy has successfully processed. If you do not see a success message for seve
ral hours, then contact your administrator.

To diagnose the failure, review the event log or run GPRESULT /H GPReport.html f
rom the command line to access information about Group Policy results.
0
 

Author Comment

by:jmolhava
Comment Utility
A couple days ago I used a different network cable and jack from a workstation that is connecting to the DC just fine but it made no difference.

I also checked a handful of other workstations running XP and 7 (mostly 7). All of these communicate successfully with the DC. I tested server shares, logons, and gpupdate.

I have two other Windows 8 laptops that were added a month ago but have not heard of any problem from their users.

It seems to me that the problem is on the Windows 8 workstation. The confusing thing is that when I first join the domain it says "welcome to the domain" and accepts my credentials. Then it's like communication on the domain level vanishes.
0
 
LVL 5

Expert Comment

by:vin_shooter
Comment Utility
Can you execute the below command in problematic workstation and share the result here,

w32tm /query /source
0
 

Accepted Solution

by:
jmolhava earned 0 total points
Comment Utility
We ended up opening a paid support case with Microsoft and even they could not figure it out. The final solution we went with is to replace the server.

This issue has not been resolved but at this point it doesn't matter anymore. Thank you to those who offered help.
0
 

Author Closing Comment

by:jmolhava
Comment Utility
This question should be closed now. It was not resolved but it no longer an issue.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Suggested Solutions

In this article, we will see the basic design consideration while designing a Multi-tenant web application in a simple manner. Though, many frameworks are available in the market to develop a multi - tenant application, but do they provide data, cod…
When you start your Windows 10 PC and got an "Operating system not found" error or just saw  "Auto repair for startup". After a while, you have entered a loop for Auto repair which does not fix anything and you will be in a  panic as all your work w…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now