Unable to connect to Domain Controller

I have one computer in the office that is unable to connect to the domain controller on our server.  The computer is running Windows XP Pro and the server is Windows Server 2003R2.  I was unable to print to the printer on that computer and was unable to find it listed in the directory when trying to add printers.  I can ping the server from the computer and computer from the server.  I removed the computer from the domain and tried to rejoin and get the error "A domain controller for the domain *******.local could not be contacted.  Ensure the domain name is typed correctly.  

The query was for the SRV record for _ldap._tcp.dc._msdcs.******.local.  
The DNS  servers used by this computer for name resolution are not responding.  This computer is configured to use DNS servers with the following IP addresses:  

192.168.1.1

Verify that this computer is connect to the network, that these are the correct DNS server IP addresses, and that at least one of the DNS servers is running.  "

Any ideas?
LVL 1
sypv_mullinsAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Jason WatkinsIT Project LeaderCommented:
The IP of the DC, which should be hosting Active Directory integrated DNS, should be the client's primary DNS server. The DNS settings provide by DHCP, either by a router or from other source, should be set to the IP of the DC.
0
Thomas GrassiSystems AdministratorCommented:
Are you sure that the computer is on the network?

ipconfig /all what do you get?

Make sure it is getting to the dhcp server?

Bad network adapter? Bad network cable etc.
0
Michael MachieFull-time technical multi-taskerCommented:
Try adding .local after your domain name when joining to the domain.
You cannot add a printer by \\servername\printersharename so try \\(ServerIP)\PrinterShareName . help to identify a DNS issue if that is the case.

You can ping the Server/PC from each other so you have connection to the network. Verify that your NIC on the PC is set for DHCP and as suggested above, ipconfig /all to see if the proper DNS Servers are listed.
0
Introducing Cloud Class® training courses

Tech changes fast. You can learn faster. That’s why we’re bringing professional training courses to Experts Exchange. With a subscription, you can access all the Cloud Class® courses to expand your education, prep for certifications, and get top-notch instructions.

sypv_mullinsAuthor Commented:
I have been using a static address:  
ip:  192.168.1.46
subnet:  255.255.255.0
gateway:  192.168.1.254 (router ip)

dns1:  192.168.1.1 (server ip)
dns2:  xx.xx.192.2  (isp ip)  

I changed it to DHCP and did an ipconfig /all and the DHCP is coming from the router 192.168.1.254.  Could the server and the router both be doing DHCP?  Could that be the problem?  If so, which would be the best to disable?  Or does it matter?
0
Jason WatkinsIT Project LeaderCommented:
Both could be providing DHCP. Most if not all routers are set to hand out DHCP addresses on local ports by default. Windows Server 2003, not SBS 2003, has to be configured as a DHCP server intentionally then activated/authorized in a Windows domain. SBS sets up and configures DHCP by default.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
sypv_mullinsAuthor Commented:
Yeah, I'm using Server 2003 R2.  The DHCP is enabled on the server.  The router is doing it as well.  If I disable the DHCP on the router, then I should be good, right?
0
Jason WatkinsIT Project LeaderCommented:
Sure. As long as the DHCP service on the Server hands-out the correct IP's for your subnet (DNS, WINS (if used), Netmask and Gateway). Try it and see what breaks :)
0
sypv_mullinsAuthor Commented:
I disabled the DHCP on the router and now the computer gets loop back (169.254.247.6).  It only responds to a static IP put in manually.
0
Jason WatkinsIT Project LeaderCommented:
Did you do an ipconfig /release, ipconfig /renew operation on the client?

Is the server handing out addresses to other clients, i.e. is it activated and authorized?
0
sypv_mullinsAuthor Commented:
Should I authorize the server to do it or is it best to keep it all on the router?  How do I tell if the server is authorized?  It's been added to the Manage your Server.  DHCP and DNS are there.
0
Jason WatkinsIT Project LeaderCommented:
A Windows-based DHCP server will not hand out addresses unless it is authorized to do so in Active Directory. That is meant to prevent against rogue DHCP servers on the network. If the server is authorized there will be a green triangle over the server's icon in the DHCP console.
0
Michael MachieFull-time technical multi-taskerCommented:
make sure your dns scopes are correct and flush/renew your ips.
0
sypv_mullinsAuthor Commented:
The DNS address pool says the scope is 192.168.0.10-192.168.0.254.  The computers and the server are all on 192.168.1.xxx.
0
sypv_mullinsAuthor Commented:
And there is no triangle over the server on the DHCP module.  Just shows a computer with a circle that has a green arrow pointing up in it.
0
Jason WatkinsIT Project LeaderCommented:
That sounds right. Is there a list of leased addresses, which have been handed out, in the console?
0
sypv_mullinsAuthor Commented:
No leases.
0
Jason WatkinsIT Project LeaderCommented:
It is not handing out addresses, yet it appears to be activated/authorized. If you right-click the server object in the console, does the option to authorize become available?
0
sypv_mullinsAuthor Commented:
yes it does.  It gives the option to Authorize..
0
Thomas GrassiSystems AdministratorCommented:
IF your DHCP server gives you the option to Authorize then you must Authorize. otherwise it will not hand out any ip addresses.
0
sypv_mullinsAuthor Commented:
I did that and discovered that all computers no longer recognize our domain and if I try to add a network printer on the server, it doesn't find any except the generic text printer.  It's not a firewall because I disabled it.  Also, it has been DCPromoed.
0
Thomas GrassiSystems AdministratorCommented:
Does the DHCP server have a scope setup with 192.168.1.0 ??
Then the address pool must be 192.168.1.100 to 192.168.1.200 as and example

It sounds like the router was the dhcp server. Are you sure the Router DHCP is off?

You can have two dhcp servers on the network but you must make sure none of the ip addresses overlap. Best to only have one dhcp server.

If you can post a screen print of your dhcp server config we can take a look at it.

My quess is the router dhcp is still on

What type of router is it?  post its config too.
0
sypv_mullinsAuthor Commented:
the router DHCP is on.  The scope on the server is 192.168.0.1 - 192.168.0.xxx   The computers are set up on 192.168.1.xxx and the server's ip is 192.168.1.1.
0
Jason WatkinsIT Project LeaderCommented:
I would also suggest that only a single DHCP server be used. If you are running in a domain environment, use the Windows DHCP server
0
sypv_mullinsAuthor Commented:
Only one DHCP running now.  I've got a scope of 192.168.0.10 - 192.168.0.254.  None of these are being used.
0
Thomas GrassiSystems AdministratorCommented:
Sypv_mullins

The scope is need to be 192.168.1.0
Address pool 192.168.1.100 to 102.168.1.200



What type of router is this?
0
sypv_mullinsAuthor Commented:
I can ping the server with the 192.168.1.1 ip but cannot find it using nslookup.  If that helps.
0
sypv_mullinsAuthor Commented:
I'm using the server for DHCP now instead of the router per previous suggestions.  In DHCP, I can change scope1 and I get start ip:  192.168.0.10 and end ip:  192.168.0.254.  What should these be changed to, if anything?
0
Jason WatkinsIT Project LeaderCommented:
You need a scope for the 192.168.1.0-.255 range
0
Thomas GrassiSystems AdministratorCommented:
nslookup uses dns that's another thing to look at but first get your computers working with dhcp server as I posted above your scope needs to be 192.168.1.0
Address pool 192.168.1.100 to 102.168.1.200 this range can be what ever you require.

Since your server is 192.168.1.1 what is the router lan address 192.168.1.X

If you have any printers that are networked make sure they are not in the range.

Give yourself enough room to grow with static addresses. so start your address pool somewhere high.
0
sypv_mullinsAuthor Commented:
the router ip is 192.168.1.254
0
sypv_mullinsAuthor Commented:
On the ip range of 192.168.1.100 - 192.168.1.200, I get the message "the specified range either overlaps another range or is invalid"
0
Thomas GrassiSystems AdministratorCommented:
Ok that's good so your address pool can be 192.168.1.100 to 192.168.1.200  with no issue.

How many network devices do you have?

Static

Server
Router
Printers

DHCP
Computers
0
Thomas GrassiSystems AdministratorCommented:
How many scopes do you have defined on this dhcp server?

Only need one
0
sypv_mullinsAuthor Commented:
Just one scope is listed in DHCP on the server.  We have 10 computers, one router wired, one wireless, and 4 printers.
0
sypv_mullinsAuthor Commented:
Also, any computer that reboots cannot log in to the domain anymore.  It keeps popping up that the domain controller is unavailable.
0
Jason WatkinsIT Project LeaderCommented:
You have two routers (One wired, one wireless)?
0
Thomas GrassiSystems AdministratorCommented:
That means a dhcp server is still running somewhere else.

What is the ip address of the computer not getting on?

do ipconfig /all post results.

The Wireless router by default is a dhcp server.
Needs to be turned off also.

What is the LAN ip address of the wirelsss router?
0
sypv_mullinsAuthor Commented:
the wireless router has the dhcp turned off already.  the ip of one of the computers is 192.168.1.46.  This one cannot find the domain.  I cannot map a network drive by using \\medserver\xxxxxxx but I can map one using \\192.1681.1\xxxxxxxx.  Seems like a DNS issue, perhaps?
0
Jason WatkinsIT Project LeaderCommented:
Its a DNS issue make sure the DNS settings for that client are correct. The DC's IP should be that for DNS as well.
0
Thomas GrassiSystems AdministratorCommented:
Yes when you map with sharename dns must be working

Is this Windows 2003 server running DNS also?

We can look at dns after ok.

Make sure the scope has all the values defined so when a computer acquires and ip address it will be defined properly

003 Router  192.168.1.254
006 DNS Server  ???????
015 DNS Domain Name    your FQDN
044 WINS Servers
046 WINS/NBT Type 0x8
0
sypv_mullinsAuthor Commented:
Everything seems to check out.  It's still not working.
0
Thomas GrassiSystems AdministratorCommented:
What is the computers ip address? ipconfig /all post results

Is server 192.168.1.254 a DNS server?

On the computer are you restarting ?

If windows 7 you can do ipconfig /release then ipconfig /renew
0
sypv_mullinsAuthor Commented:
server ip config all is:  

ip:  192.168.1.1
subnet:  255.255.255.0
gateway:  192.168.1.254 (router ip)

dsn1:  192.168.1.1
dns2:  66.63.XX.XX
0
Jason WatkinsIT Project LeaderCommented:
DHCP should be handing out 192.168.1.1 as the DNS IP, if it is in-fact a domain controller.
0
Thomas GrassiSystems AdministratorCommented:
Sypv_mullins

Need ipconfig /all from the computers not the server

server is static ip address we need to see what dhcp is doing?

Please post ipconfig /all from computer
0
sypv_mullinsAuthor Commented:
I have the computers all set to static ip's and dns.
0
Thomas GrassiSystems AdministratorCommented:
Then what are you using DHCP for?
0
Jason WatkinsIT Project LeaderCommented:
If they were to be set to DHCP, their address should come from the 192.168.1.0/24 subnet and use the IP address of your domain controller (192.168.1.1) for DNS and presumably WINS as well.
0
sypv_mullinsAuthor Commented:
If I take the computers off of static and run them DHCP, I get the 169.254.xxx.xxx address on all of them, if that helps any.
0
Thomas GrassiSystems AdministratorCommented:
Yes when you get that ip address it means the devices cannot find a dhcp server.

On your windows 2003 server DHCP is started? Authorized?

Also

Are all the devices plugged into the same switch?
0
sypv_mullinsAuthor Commented:
I was able to resolve the problem by Authorizing DHCP on the server, turning it off on the router, then removing each computer from the domain, reset the account in Active Directory, and then readding it back to the domain.
0
Jason WatkinsIT Project LeaderCommented:
Great! Glad to hear you have it working now.
0
Thomas GrassiSystems AdministratorCommented:
Great news glad it is working now.

Also glad we could be of help to you.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Legacy OS

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.