Azim Ali
asked on
Unable to join Windows Server 2008 R2 to a windows server 2003 Domain
I am trying to add Windows 2008 R2 server to windows 2003 Domain server. It says " the following error occurred attempting to join the domain the specified server cannot perform the requested operation." I did almost all the steps i found online to troubleshoot but none of them worked. When i try to join other machines to the same domain, it gets joined so no issue with Domain Controller. I have disabled IPV6 in the machine having trouble joining to the domain. I can ping domain with server name and FQDN. DNS is set to DC server IP. Below is the NetSetup log:
08/29/2017 17:48:00:817 --------------------------
08/29/2017 17:48:01:315 NetpValidateName: checking to see if 'QAKSQOOOMDM' is valid as type 1 name
08/29/2017 17:48:01:790 NetpCheckNetBiosNameNotInU
08/29/2017 17:48:01:790 NetpValidateName: name 'QAKSQOOOMDM' is valid for type 1
08/29/2017 17:48:01:998 --------------------------
08/29/2017 17:48:01:998 NetpValidateName: checking to see if 'QAKSQOOOMDM' is valid as type 5 name
08/29/2017 17:48:01:998 NetpValidateName: name 'QAKSQOOOMDM' is valid for type 5
08/29/2017 17:48:02:487 --------------------------
08/29/2017 17:48:02:487 NetpValidateName: checking to see if 'keppelseghers.com.qa' is valid as type 3 name
08/29/2017 17:48:02:487 NetpValidateName: 'keppelseghers.com.qa' is not a valid NetBIOS domain name: 0x7b
08/29/2017 17:48:03:210 NetpCheckDomainNameIsValid
08/29/2017 17:48:03:210 NetpValidateName: name 'keppelseghers.com.qa' is valid for type 3
08/29/2017 17:48:13:532 --------------------------
08/29/2017 17:48:13:567 NetpDoDomainJoin
08/29/2017 17:48:13:567 NetpMachineValidToJoin: 'QAKSQOOOMDM'
08/29/2017 17:48:13:567 OS Version: 6.1
08/29/2017 17:48:13:567 Build number: 7601 (7601.win7sp1_ldr.170512-0
08/29/2017 17:48:13:567 ServicePack: Service Pack 1
08/29/2017 17:48:13:567 SKU: Windows Server 2008 R2 Standard
08/29/2017 17:48:13:567 NetpDomainJoinLicensingChe
08/29/2017 17:48:13:567 NetpGetLsaPrimaryDomain: status: 0x0
08/29/2017 17:48:13:567 NetpMachineValidToJoin: status: 0x0
08/29/2017 17:48:13:567 NetpJoinDomain
08/29/2017 17:48:13:567 Machine: QAKSQOOOMDM
08/29/2017 17:48:13:567 Domain: keppelseghers.com.qa
08/29/2017 17:48:13:567 MachineAccountOU: (NULL)
08/29/2017 17:48:13:811 Account: keppelseghers.com.qa\admin
08/29/2017 17:48:13:811 Options: 0x25
08/29/2017 17:48:13:861 NetpLoadParameters: loading registry parameters...
08/29/2017 17:48:13:861 NetpLoadParameters: DNSNameResolutionRequired not found, defaulting to '1' 0x2
08/29/2017 17:48:13:861 NetpLoadParameters: DomainCompatibilityMode not found, defaulting to '0' 0x2
08/29/2017 17:48:13:861 NetpLoadParameters: status: 0x2
08/29/2017 17:48:13:861 NetpValidateName: checking to see if 'keppelseghers.com.qa' is valid as type 3 name
08/29/2017 17:48:13:861 NetpValidateName: 'keppelseghers.com.qa' is not a valid NetBIOS domain name: 0x7b
08/29/2017 17:48:13:964 NetpCheckDomainNameIsValid
08/29/2017 17:48:13:964 NetpValidateName: name 'keppelseghers.com.qa' is valid for type 3
08/29/2017 17:48:13:964 NetpDsGetDcName: trying to find DC in domain 'keppelseghers.com.qa', flags: 0x40001010
08/29/2017 17:48:28:970 NetpDsGetDcName: failed to find a DC having account 'QAKSQOOOMDM$': 0x525, last error is 0x0
08/29/2017 17:48:28:970 NetpLoadParameters: loading registry parameters...
08/29/2017 17:48:28:970 NetpLoadParameters: DNSNameResolutionRequired not found, defaulting to '1' 0x2
08/29/2017 17:48:28:970 NetpLoadParameters: DomainCompatibilityMode not found, defaulting to '0' 0x2
08/29/2017 17:48:28:970 NetpLoadParameters: status: 0x2
08/29/2017 17:48:28:971 NetpDsGetDcName: status of verifying DNS A record name resolution for 'qadnsv01.Keppelseghers.co
08/29/2017 17:48:28:971 NetpDsGetDcName: found DC '\\qadnsv01.Keppelseghers.
08/29/2017 17:48:28:971 NetpJoinDomainOnDs: NetpDsGetDcName returned: 0x0
08/29/2017 17:48:29:156 NetUseAdd to \\qadnsv01.Keppelseghers.c
08/29/2017 17:48:29:156 NetpJoinDomain: status of connecting to dc '\\qadnsv01.Keppelseghers.
08/29/2017 17:48:29:156 NetpJoinDomainOnDs: Function exits with status of: 0x3a
08/29/2017 17:48:29:156 NetpDoDomainJoin: status: 0x3a
08/29/2017 17:48:29:741 --------------------------
08/29/2017 17:48:29:741 NetpDoDomainJoin
08/29/2017 17:48:29:741 NetpMachineValidToJoin: 'QAKSQOOOMDM'
08/29/2017 17:48:29:741 OS Version: 6.1
08/29/2017 17:48:29:741 Build number: 7601 (7601.win7sp1_ldr.170512-0
08/29/2017 17:48:29:741 ServicePack: Service Pack 1
08/29/2017 17:48:29:741 SKU: Windows Server 2008 R2 Standard
08/29/2017 17:48:29:741 NetpDomainJoinLicensingChe
08/29/2017 17:48:29:742 NetpGetLsaPrimaryDomain: status: 0x0
08/29/2017 17:48:29:742 NetpMachineValidToJoin: status: 0x0
08/29/2017 17:48:29:742 NetpJoinDomain
08/29/2017 17:48:29:742 Machine: QAKSQOOOMDM
08/29/2017 17:48:29:742 Domain: keppelseghers.com.qa
08/29/2017 17:48:29:742 MachineAccountOU: (NULL)
08/29/2017 17:48:29:742 Account: keppelseghers.com.qa\admin
08/29/2017 17:48:29:742 Options: 0x27
08/29/2017 17:48:29:742 NetpLoadParameters: loading registry parameters...
08/29/2017 17:48:29:742 NetpLoadParameters: DNSNameResolutionRequired not found, defaulting to '1' 0x2
08/29/2017 17:48:29:742 NetpLoadParameters: DomainCompatibilityMode not found, defaulting to '0' 0x2
08/29/2017 17:48:29:742 NetpLoadParameters: status: 0x2
08/29/2017 17:48:29:742 NetpValidateName: checking to see if 'keppelseghers.com.qa' is valid as type 3 name
08/29/2017 17:48:29:742 NetpValidateName: 'keppelseghers.com.qa' is not a valid NetBIOS domain name: 0x7b
08/29/2017 17:48:29:845 NetpCheckDomainNameIsValid
08/29/2017 17:48:29:845 NetpValidateName: name 'keppelseghers.com.qa' is valid for type 3
08/29/2017 17:48:29:845 NetpDsGetDcName: trying to find DC in domain 'keppelseghers.com.qa', flags: 0x40001010
08/29/2017 17:48:44:843 NetpDsGetDcName: failed to find a DC having account 'QAKSQOOOMDM$': 0x525, last error is 0x0
08/29/2017 17:48:44:843 NetpLoadParameters: loading registry parameters...
08/29/2017 17:48:44:843 NetpLoadParameters: DNSNameResolutionRequired not found, defaulting to '1' 0x2
08/29/2017 17:48:44:843 NetpLoadParameters: DomainCompatibilityMode not found, defaulting to '0' 0x2
08/29/2017 17:48:44:843 NetpLoadParameters: status: 0x2
08/29/2017 17:48:44:845 NetpDsGetDcName: status of verifying DNS A record name resolution for 'qadnsv01.Keppelseghers.co
08/29/2017 17:48:44:845 NetpDsGetDcName: found DC '\\qadnsv01.Keppelseghers.
08/29/2017 17:48:44:845 NetpJoinDomainOnDs: NetpDsGetDcName returned: 0x0
08/29/2017 17:48:44:848 NetUseAdd to \\qadnsv01.Keppelseghers.c
08/29/2017 17:48:44:848 NetpJoinDomain: status of connecting to dc '\\qadnsv01.Keppelseghers.
08/29/2017 17:48:44:848 NetpJoinDomainOnDs: Function exits with status of: 0x3a
08/29/2017 17:48:44:848 NetpDoDomainJoin: status: 0x3a
08/29/2017 17:57:33:302 --------------------------
08/29/2017 17:57:33:302 NetpValidateName: checking to see if 'QADSSV12' is valid as type 1 name
08/29/2017 17:57:36:302 NetpCheckNetBiosNameNotInU
08/29/2017 17:57:36:302 NetpValidateName: name 'QADSSV12' is valid for type 1
08/29/2017 17:57:36:784 --------------------------
08/29/2017 17:57:36:784 NetpValidateName: checking to see if 'QADSSV12' is valid as type 5 name
08/29/2017 17:57:36:784 NetpValidateName: name 'QADSSV12' is valid for type 5
This machine was joined to domain before. Due to failure, we restored from backup. Its a hyper v machine. FYI We have deleted the computer from server before joining it again.
Tried adding DNS Suffix- No go
Any quick suggestion would be appreciated.
08/29/2017 17:48:00:817 --------------------------
08/29/2017 17:48:01:315 NetpValidateName: checking to see if 'QAKSQOOOMDM' is valid as type 1 name
08/29/2017 17:48:01:790 NetpCheckNetBiosNameNotInU
08/29/2017 17:48:01:790 NetpValidateName: name 'QAKSQOOOMDM' is valid for type 1
08/29/2017 17:48:01:998 --------------------------
08/29/2017 17:48:01:998 NetpValidateName: checking to see if 'QAKSQOOOMDM' is valid as type 5 name
08/29/2017 17:48:01:998 NetpValidateName: name 'QAKSQOOOMDM' is valid for type 5
08/29/2017 17:48:02:487 --------------------------
08/29/2017 17:48:02:487 NetpValidateName: checking to see if 'keppelseghers.com.qa' is valid as type 3 name
08/29/2017 17:48:02:487 NetpValidateName: 'keppelseghers.com.qa' is not a valid NetBIOS domain name: 0x7b
08/29/2017 17:48:03:210 NetpCheckDomainNameIsValid
08/29/2017 17:48:03:210 NetpValidateName: name 'keppelseghers.com.qa' is valid for type 3
08/29/2017 17:48:13:532 --------------------------
08/29/2017 17:48:13:567 NetpDoDomainJoin
08/29/2017 17:48:13:567 NetpMachineValidToJoin: 'QAKSQOOOMDM'
08/29/2017 17:48:13:567 OS Version: 6.1
08/29/2017 17:48:13:567 Build number: 7601 (7601.win7sp1_ldr.170512-0
08/29/2017 17:48:13:567 ServicePack: Service Pack 1
08/29/2017 17:48:13:567 SKU: Windows Server 2008 R2 Standard
08/29/2017 17:48:13:567 NetpDomainJoinLicensingChe
08/29/2017 17:48:13:567 NetpGetLsaPrimaryDomain: status: 0x0
08/29/2017 17:48:13:567 NetpMachineValidToJoin: status: 0x0
08/29/2017 17:48:13:567 NetpJoinDomain
08/29/2017 17:48:13:567 Machine: QAKSQOOOMDM
08/29/2017 17:48:13:567 Domain: keppelseghers.com.qa
08/29/2017 17:48:13:567 MachineAccountOU: (NULL)
08/29/2017 17:48:13:811 Account: keppelseghers.com.qa\admin
08/29/2017 17:48:13:811 Options: 0x25
08/29/2017 17:48:13:861 NetpLoadParameters: loading registry parameters...
08/29/2017 17:48:13:861 NetpLoadParameters: DNSNameResolutionRequired not found, defaulting to '1' 0x2
08/29/2017 17:48:13:861 NetpLoadParameters: DomainCompatibilityMode not found, defaulting to '0' 0x2
08/29/2017 17:48:13:861 NetpLoadParameters: status: 0x2
08/29/2017 17:48:13:861 NetpValidateName: checking to see if 'keppelseghers.com.qa' is valid as type 3 name
08/29/2017 17:48:13:861 NetpValidateName: 'keppelseghers.com.qa' is not a valid NetBIOS domain name: 0x7b
08/29/2017 17:48:13:964 NetpCheckDomainNameIsValid
08/29/2017 17:48:13:964 NetpValidateName: name 'keppelseghers.com.qa' is valid for type 3
08/29/2017 17:48:13:964 NetpDsGetDcName: trying to find DC in domain 'keppelseghers.com.qa', flags: 0x40001010
08/29/2017 17:48:28:970 NetpDsGetDcName: failed to find a DC having account 'QAKSQOOOMDM$': 0x525, last error is 0x0
08/29/2017 17:48:28:970 NetpLoadParameters: loading registry parameters...
08/29/2017 17:48:28:970 NetpLoadParameters: DNSNameResolutionRequired not found, defaulting to '1' 0x2
08/29/2017 17:48:28:970 NetpLoadParameters: DomainCompatibilityMode not found, defaulting to '0' 0x2
08/29/2017 17:48:28:970 NetpLoadParameters: status: 0x2
08/29/2017 17:48:28:971 NetpDsGetDcName: status of verifying DNS A record name resolution for 'qadnsv01.Keppelseghers.co
08/29/2017 17:48:28:971 NetpDsGetDcName: found DC '\\qadnsv01.Keppelseghers.
08/29/2017 17:48:28:971 NetpJoinDomainOnDs: NetpDsGetDcName returned: 0x0
08/29/2017 17:48:29:156 NetUseAdd to \\qadnsv01.Keppelseghers.c
08/29/2017 17:48:29:156 NetpJoinDomain: status of connecting to dc '\\qadnsv01.Keppelseghers.
08/29/2017 17:48:29:156 NetpJoinDomainOnDs: Function exits with status of: 0x3a
08/29/2017 17:48:29:156 NetpDoDomainJoin: status: 0x3a
08/29/2017 17:48:29:741 --------------------------
08/29/2017 17:48:29:741 NetpDoDomainJoin
08/29/2017 17:48:29:741 NetpMachineValidToJoin: 'QAKSQOOOMDM'
08/29/2017 17:48:29:741 OS Version: 6.1
08/29/2017 17:48:29:741 Build number: 7601 (7601.win7sp1_ldr.170512-0
08/29/2017 17:48:29:741 ServicePack: Service Pack 1
08/29/2017 17:48:29:741 SKU: Windows Server 2008 R2 Standard
08/29/2017 17:48:29:741 NetpDomainJoinLicensingChe
08/29/2017 17:48:29:742 NetpGetLsaPrimaryDomain: status: 0x0
08/29/2017 17:48:29:742 NetpMachineValidToJoin: status: 0x0
08/29/2017 17:48:29:742 NetpJoinDomain
08/29/2017 17:48:29:742 Machine: QAKSQOOOMDM
08/29/2017 17:48:29:742 Domain: keppelseghers.com.qa
08/29/2017 17:48:29:742 MachineAccountOU: (NULL)
08/29/2017 17:48:29:742 Account: keppelseghers.com.qa\admin
08/29/2017 17:48:29:742 Options: 0x27
08/29/2017 17:48:29:742 NetpLoadParameters: loading registry parameters...
08/29/2017 17:48:29:742 NetpLoadParameters: DNSNameResolutionRequired not found, defaulting to '1' 0x2
08/29/2017 17:48:29:742 NetpLoadParameters: DomainCompatibilityMode not found, defaulting to '0' 0x2
08/29/2017 17:48:29:742 NetpLoadParameters: status: 0x2
08/29/2017 17:48:29:742 NetpValidateName: checking to see if 'keppelseghers.com.qa' is valid as type 3 name
08/29/2017 17:48:29:742 NetpValidateName: 'keppelseghers.com.qa' is not a valid NetBIOS domain name: 0x7b
08/29/2017 17:48:29:845 NetpCheckDomainNameIsValid
08/29/2017 17:48:29:845 NetpValidateName: name 'keppelseghers.com.qa' is valid for type 3
08/29/2017 17:48:29:845 NetpDsGetDcName: trying to find DC in domain 'keppelseghers.com.qa', flags: 0x40001010
08/29/2017 17:48:44:843 NetpDsGetDcName: failed to find a DC having account 'QAKSQOOOMDM$': 0x525, last error is 0x0
08/29/2017 17:48:44:843 NetpLoadParameters: loading registry parameters...
08/29/2017 17:48:44:843 NetpLoadParameters: DNSNameResolutionRequired not found, defaulting to '1' 0x2
08/29/2017 17:48:44:843 NetpLoadParameters: DomainCompatibilityMode not found, defaulting to '0' 0x2
08/29/2017 17:48:44:843 NetpLoadParameters: status: 0x2
08/29/2017 17:48:44:845 NetpDsGetDcName: status of verifying DNS A record name resolution for 'qadnsv01.Keppelseghers.co
08/29/2017 17:48:44:845 NetpDsGetDcName: found DC '\\qadnsv01.Keppelseghers.
08/29/2017 17:48:44:845 NetpJoinDomainOnDs: NetpDsGetDcName returned: 0x0
08/29/2017 17:48:44:848 NetUseAdd to \\qadnsv01.Keppelseghers.c
08/29/2017 17:48:44:848 NetpJoinDomain: status of connecting to dc '\\qadnsv01.Keppelseghers.
08/29/2017 17:48:44:848 NetpJoinDomainOnDs: Function exits with status of: 0x3a
08/29/2017 17:48:44:848 NetpDoDomainJoin: status: 0x3a
08/29/2017 17:57:33:302 --------------------------
08/29/2017 17:57:33:302 NetpValidateName: checking to see if 'QADSSV12' is valid as type 1 name
08/29/2017 17:57:36:302 NetpCheckNetBiosNameNotInU
08/29/2017 17:57:36:302 NetpValidateName: name 'QADSSV12' is valid for type 1
08/29/2017 17:57:36:784 --------------------------
08/29/2017 17:57:36:784 NetpValidateName: checking to see if 'QADSSV12' is valid as type 5 name
08/29/2017 17:57:36:784 NetpValidateName: name 'QADSSV12' is valid for type 5
This machine was joined to domain before. Due to failure, we restored from backup. Its a hyper v machine. FYI We have deleted the computer from server before joining it again.
Tried adding DNS Suffix- No go
Any quick suggestion would be appreciated.
Hi,
Delete the entries (from AD & DNS) of the affected server from the DC.
Disable if additional NICs in the affected server.
Is there any antivirus or Firewall, uninstall or disable them and try.
Is it makes any difference?
If not, whats the output for.
a) nslookup
b) nltest /dsgetdc:< domain-name >
If there any specific reason you cant re-install OS on the affected server?
Thanks,
Delete the entries (from AD & DNS) of the affected server from the DC.
Disable if additional NICs in the affected server.
Is there any antivirus or Firewall, uninstall or disable them and try.
Is it makes any difference?
If not, whats the output for.
a) nslookup
b) nltest /dsgetdc:< domain-name >
If there any specific reason you cant re-install OS on the affected server?
Thanks,
ASKER
@jeremy I am not sure how the command works, Please find the image attached when i try to run the command
@Abhi As i mentioned in my post , i have already deleted the computer from DC still no go. Tried disabeling firewall: No go. We are using one NIC card.
On performing nltest:
DC: \\qadnsv01,keppelseghers.c
Address: \\10.4.227.16
Dom Guid: a003c911-e7c6-48b6-b484-01
Don Name: Keppelseghers.com.qa
Forest Name: Keppelseghers.com.qa
DC Site Name: QADN
Our Site Name: QADN
I have even tried renaming the machine, still it is not able to join to the domain
@Abhi As i mentioned in my post , i have already deleted the computer from DC still no go. Tried disabeling firewall: No go. We are using one NIC card.
On performing nltest:
DC: \\qadnsv01,keppelseghers.c
Address: \\10.4.227.16
Dom Guid: a003c911-e7c6-48b6-b484-01
Don Name: Keppelseghers.com.qa
Forest Name: Keppelseghers.com.qa
DC Site Name: QADN
Our Site Name: QADN
I have even tried renaming the machine, still it is not able to join to the domain
Interesting. 2003 might have different syntax.
There is an update for it: https://support.microsoft.com/en-us/help/970536/an-update-for-setspn-exe-in-windows-server-2003-is-available
But you can try this:
There is an update for it: https://support.microsoft.com/en-us/help/970536/an-update-for-setspn-exe-in-windows-server-2003-is-available
But you can try this:
setspn -L QADSSV12ASKER
@Jeremy I tried the comment mentioned above but there was no record . It ended up showing could not find qadssv12. Also i did what was mentioned in the KB article earlier apart from testing udp port. Please le me know if anything else could be done since this is the only image we have for backup so we cant just reinstall server os
Is the server on the same subnet as the DC?
Are there any firewalls, proxies, or WAN optimization devices in between the server and the DC?
Have you tried rebooting the DC?
How many DCs do you have?
Are there any firewalls, proxies, or WAN optimization devices in between the server and the DC?
Have you tried rebooting the DC?
How many DCs do you have?
ASKER
@jeremy We have 3 DC in 3 different sites. I have tried adding this machine to the domain in all the 3 sites. My point is when i can join all other machines to the domain without making any changes it means that server and connection between server is fine. I am not getting any clue whats missing in this machine, the error code is not relevant in finding the root cause. I tried joining to domain without firewall and it still fails. There are no proxy
I'm not sure at this point. Can you try restoring again? Maybe choose a point further back?
ASKER
@jeremy, How do I do that?
Also I would like to open these ports, any command to do so?
Port Protocol Purpose
135 TCP RPC Port Mapper
389 TCP LDAP
3289 TCP GC
88 UDP Kerberos
53 UDP DNS
Also I would like to open these ports, any command to do so?
Port Protocol Purpose
135 TCP RPC Port Mapper
389 TCP LDAP
3289 TCP GC
88 UDP Kerberos
53 UDP DNS
Due to failure, we restored from backup.
@jeremy, How do I do that?You would run the restore process again. I also assume you have multiple restore points, can you try restoring an older point and see if it works?
Also I would like to open these ports, any command to do so?I assume you're talking about the DC. I don't think you need to do this or else all users and computers would be having issues.
Port Protocol Purpose
135 TCP RPC Port Mapper
389 TCP LDAP
3289 TCP GC
88 UDP Kerberos
53 UDP DNS
ASKER
@jeremy i dont have any other backup. This is a virtual machine and i had only one vhd copy backed up. The original one is corrupted so i am left with only one copy of vhd
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Looks to me the same way.
No comment has been added to this question in more than 21 days, so it is now classified as abandoned.
I have recommended this question be closed as follows:
Accept: Jeremy Weisinger (https:#a42277722)
If you feel this question should be closed differently, post an objection and the moderators will review all objections and close it as they feel fit. If no one objects, this question will be closed automatically the way described above.
seth2740
Experts-Exchange Cleanup Volunteer
I have recommended this question be closed as follows:
Accept: Jeremy Weisinger (https:#a42277722)
If you feel this question should be closed differently, post an objection and the moderators will review all objections and close it as they feel fit. If no one objects, this question will be closed automatically the way described above.
seth2740
Experts-Exchange Cleanup Volunteer
Open in new window
Replace servername with the name of the deleted server. If any are there delete them.Also check to see if this is relevant: https://support.microsoft.com/en-in/help/2018583/windows-7-or-windows-server-2008-r2-domain-join-displays-error-changin