Adding Windows 10 to Windows server 2016
Facts:
I have:
Windows 10 Enterprise Machine
Windows Server 2016 Standard Ed.
Windows Server 2016 has been promoted to Domain Controller
I have provided static IPs for Client and Server.
I have given client DNS IP of the server
I have DNS installed on the server.(I don't know how to prove that I did it right)
I can ping client from the server by Name I get the IPV4 address in return
I can ping the server from the client by Name I get IPV6 address in return.(I don't know if this matters)
My internet provider is Comcast and the internet comes thru that router.
I really don't know what I can do at this point.
This is the error I get after I enter user administrator and password
Here is my Net work setup on the client
In case your wondering the server IP is 10.0.0.21
Can someone please help I have been going this now 2 days. Can seem to get anywhere. I looked this issue on line and it seems like many people have issues adding windows 10 to domain
Please help!!
Thank you in advance.
I have:
Windows 10 Enterprise Machine
Windows Server 2016 Standard Ed.
Windows Server 2016 has been promoted to Domain Controller
I have provided static IPs for Client and Server.
I have given client DNS IP of the server
I have DNS installed on the server.(I don't know how to prove that I did it right)
I can ping client from the server by Name I get the IPV4 address in return
I can ping the server from the client by Name I get IPV6 address in return.(I don't know if this matters)
My internet provider is Comcast and the internet comes thru that router.
I really don't know what I can do at this point.
This is the error I get after I enter user administrator and password
Here is my Net work setup on the client
In case your wondering the server IP is 10.0.0.21
Can someone please help I have been going this now 2 days. Can seem to get anywhere. I looked this issue on line and it seems like many people have issues adding windows 10 to domain
Please help!!
Thank you in advance.
McKnife
If netbios ports are closed at the server (they should), we cannot use the netbios domain name but instead, need to use the full qualified domain name for joining.
Possibly the firewall?
As McKnife mention.. use the FQDN to join the domain.
ASKER
Firewalls are turned off both sides
As for the name I have used
Name.Domain.local
domain.local
Domain
All three same could not connect.
As for the name I have used
Name.Domain.local
domain.local
Domain
All three same could not connect.
Open the System control panel on on of the clients and click on Advanced system settings. Select Computer name, and click Change button, then More button and and set the Primary DNS suffix to the same as the FQDN as the domain controller. This will ensure the client will fully use the DNS. And as other experts state, use the FQDN name when joining the domain. To use short names you need to have WINS installed for Netbios name resolution.
How did you turn off the firewall? Don't disable the firewall service, but deactivate it using the GUI. Please note that deactivation is not needed (of course) in order for domain joining to work. But if you disabled the service, please re-enable the firewall service now, it will only lead to trouble if deactivated.
All the others above are correct, the windows firewall needs to be off on both devices (but do not disable the firewall service) and you must use the full (longest) name of the computer in the format computername.subdomainname
But what about other general connectivity ideas? Do you have network discovery turned on on the Win10 machine? Can it "see" the other devices in the local subnet? Are both the server and the PC plugged into the same switch and on the same vlan (if you even have vlans)? Just because you can ping in both directions doesn't mean that other non-ping (icmp) protocols are going to be able to be passed back and forth.
Also, you said:
When you look at the DNS management mmc, or better yet, the DNS role section in the Server Manager on your server, it will tell you if there is anything not working in DNS. Also you might consider doing a basic dcdiag and see if anything looks obviously not right on there. Here's the syntax: https://technet.microsoft.com/en-us/library/cc731968(v=ws.11).aspx
Another thing you might look at is the "advanced" button in your ipv4 properties - at the bottom of your screenshot above. All that does is go into a bit more detail but in that area you might try changing a setting or two ... for instance a few people have already mentioned the netbios over tcpip settings ... and that might be a setting to experiment with since you are not using a dhcp server to provide everything. So basically here:
But what about other general connectivity ideas? Do you have network discovery turned on on the Win10 machine? Can it "see" the other devices in the local subnet? Are both the server and the PC plugged into the same switch and on the same vlan (if you even have vlans)? Just because you can ping in both directions doesn't mean that other non-ping (icmp) protocols are going to be able to be passed back and forth.
Also, you said:
I have DNS installed on the server.(I don't know how to prove that I did it right)
When you look at the DNS management mmc, or better yet, the DNS role section in the Server Manager on your server, it will tell you if there is anything not working in DNS. Also you might consider doing a basic dcdiag and see if anything looks obviously not right on there. Here's the syntax: https://technet.microsoft.com/en-us/library/cc731968(v=ws.11).aspx
Another thing you might look at is the "advanced" button in your ipv4 properties - at the bottom of your screenshot above. All that does is go into a bit more detail but in that area you might try changing a setting or two ... for instance a few people have already mentioned the netbios over tcpip settings ... and that might be a setting to experiment with since you are not using a dhcp server to provide everything. So basically here:
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Agree with McKnife. I learned years ago with 2008 that disabling the Firewall service stops things from working like RDP Access. As McKnife suggested goto control panel on your DC and turn of the firewall there.
ASKER
Thanks folks for all the help on this. But I resolved the issue. It was the stupidest thing. Turns out for windows 10 and Server 2016 IPV6 is the preferred method of communication as I have read. That was causing a problem resolving my domain. I turned off IPv6 on the client only and I was able to get on the domain instantly.
Glad you figured it out! Although its interesting that we all didn't catch that when you said that pinging your server returned only an ipv6 addres. Honestly I just skipped right over over those two points as meaning "pings back and forth" and didn't really focus on the ip protocols being different. Oops! Yup they both need to be talking on both ip protocols or at least have one in common.
Just briefly a thought about ipv6 - I have ipv6 turned on everywhere now but as recently as six months ago we had it literally turned off on everything by group policy. I was that way for decades. But for us admins, ipv6 is going to be a necessary thing for communicating with the outside world later, just because the world is running out of ipv4 addresses. But inside a private network between inside devices, you can use only ipv4 if you want. It reduces dns traffic (affecting load in general) when you do that, too. But later on if you build a DMZ and have anything web-facing in there talking to the world ... you'll need to get accustomed to having ipv6 in play. But in your case, probably not just yet, thankfully :-)
Just briefly a thought about ipv6 - I have ipv6 turned on everywhere now but as recently as six months ago we had it literally turned off on everything by group policy. I was that way for decades. But for us admins, ipv6 is going to be a necessary thing for communicating with the outside world later, just because the world is running out of ipv4 addresses. But inside a private network between inside devices, you can use only ipv4 if you want. It reduces dns traffic (affecting load in general) when you do that, too. But later on if you build a DMZ and have anything web-facing in there talking to the world ... you'll need to get accustomed to having ipv6 in play. But in your case, probably not just yet, thankfully :-)
ASKER
Thank you Jane for all the great insight!!! :)