Mike Satterfield
asked on
Joining a windows XP machine to a 2016 functional domain with 2019 domain controllers.
I have a windows XP machine that i need to connect to AD (2016 functional)... SMB1 has been enabled. it actually creates the computer in ad, but then just throws up an internal error.
It is a validated system. I cannot patch it, or upgrade the OS.
I do understand that XP is no longer officially supported, however thought someone here might have an idea or two.
Here is the netsetup.log file from the xp machine when it try's to join.
05/13 09:13:51 -----------------------------------------------------------------
05/13 09:13:51 NetpDoDomainJoin
05/13 09:13:51 NetpMachineValidToJoin: 'PC263'
05/13 09:13:51 NetpGetLsaPrimaryDomain: status: 0x0
05/13 09:13:51 NetpMachineValidToJoin: status: 0x0
05/13 09:13:51 NetpJoinDomain
05/13 09:13:51 Machine: PC263
05/13 09:13:51 Domain: c-mlabs.local
05/13 09:13:51 MachineAccountOU: (NULL)
05/13 09:13:51 Account: c-mlabs.local\a-xxxxx
05/13 09:13:51 Options: 0x25
05/13 09:13:51 OS Version: 5.1
05/13 09:13:51 Build number: 2600
05/13 09:13:51 ServicePack: Service Pack 2
05/13 09:13:51 NetpValidateName: checking to see if 'c-mlabs.local' is valid as type 3 name
05/13 09:13:52 NetpCheckDomainNameIsValid [ Exists ] for 'c-mlabs.local' returned 0x0
05/13 09:13:52 NetpValidateName: name 'c-mlabs.local' is valid for type 3
05/13 09:13:52 NetpDsGetDcName: trying to find DC in domain 'c-mlabs.local', flags: 0x1020
05/13 09:13:59 NetpDsGetDcName: failed to find a DC having account 'PC263$': 0x525
05/13 09:13:59 NetpDsGetDcName: found DC '\\GER-DC02.c-mlabs.local' in the specified domain
05/13 09:13:59 NetpJoinDomain: status of connecting to dc '\\GER-DC02.c-mlabs.local': 0x0
05/13 09:13:59 NetpGetLsaPrimaryDomain: status: 0x0
05/13 09:13:59 NetpGetDnsHostName: Read NV Hostname: PC263
05/13 09:13:59 NetpGetDnsHostName: PrimaryDnsSuffix defaulted to DNS domain name: c-mlabs.local
05/13 09:13:59 NetpLsaOpenSecret: status: 0xc0000034
05/13 09:13:59 NetpGetLsaPrimaryDomain: status: 0x0
05/13 09:13:59 NetpLsaOpenSecret: status: 0xc0000034
05/13 09:13:59 NetpJoinDomain: status of setting machine password: 0x0
05/13 09:13:59 NetpGetComputerObjectDn: Unable to bind to DS on '\\GER-DC02.c-mlabs.local': 0x54f
05/13 09:13:59 NetpSetDnsHostNameAndSpn: NetpGetComputerObjectDn failed: 0x54f
05/13 09:13:59 ldap_unbind status: 0x0
05/13 09:13:59 NetpJoinDomain: status of setting DnsHostName and SPN: 0x54f
05/13 09:13:59 NetpJoinDomain: initiaing a rollback due to earlier errors
05/13 09:13:59 NetpLsaOpenSecret: status: 0x0
05/13 09:13:59 NetpJoinDomain: rollback: status of deleting secret: 0x0
05/13 09:13:59 NetpJoinDomain: status of disconnecting from '\\GER-DC02.c-mlabs.local': 0x0
05/13 09:13:59 NetpDoDomainJoin: status: 0x54f
05/13 09:13:59 -----------------------------------------------------------------
05/13 09:13:59 NetpDoDomainJoin
05/13 09:13:59 NetpMachineValidToJoin: 'PC263'
05/13 09:13:59 NetpGetLsaPrimaryDomain: status: 0x0
05/13 09:13:59 NetpMachineValidToJoin: status: 0x0
05/13 09:13:59 NetpJoinDomain
05/13 09:13:59 Machine: PC263
05/13 09:13:59 Domain: c-mlabs.local
05/13 09:13:59 MachineAccountOU: (NULL)
05/13 09:13:59 Account: c-mlabs.local\a-msatterfield
05/13 09:13:59 Options: 0x27
05/13 09:13:59 OS Version: 5.1
05/13 09:13:59 Build number: 2600
05/13 09:13:59 ServicePack: Service Pack 2
05/13 09:13:59 NetpValidateName: checking to see if 'c-mlabs.local' is valid as type 3 name
05/13 09:13:59 NetpCheckDomainNameIsValid [ Exists ] for 'c-mlabs.local' returned 0x0
05/13 09:13:59 NetpValidateName: name 'c-mlabs.local' is valid for type 3
05/13 09:13:59 NetpDsGetDcName: trying to find DC in domain 'c-mlabs.local', flags: 0x1020
05/13 09:14:00 NetpDsGetDcName: found DC '\\GER-DC02.c-mlabs.local' in the specified domain
05/13 09:14:00 NetpJoinDomain: status of connecting to dc '\\GER-DC02.c-mlabs.local': 0x0
05/13 09:14:00 NetpGetLsaPrimaryDomain: status: 0x0
05/13 09:14:00 NetpGetDnsHostName: Read NV Hostname: PC263
05/13 09:14:00 NetpGetDnsHostName: PrimaryDnsSuffix defaulted to DNS domain name: c-mlabs.local
05/13 09:14:00 NetpLsaOpenSecret: status: 0xc0000034
05/13 09:14:00 NetpGetLsaPrimaryDomain: status: 0x0
05/13 09:14:00 NetpLsaOpenSecret: status: 0xc0000034
05/13 09:14:00 NetpManageMachineAccountWithSid: NetUserAdd on '\\GER-DC02.c-mlabs.local' for 'PC263$' failed: 0x8b0
05/13 09:14:00 NetpManageMachineAccountWithSid: status of attempting to set password on '\\GER-DC02.c-mlabs.local' for 'PC263$': 0x0
05/13 09:14:00 NetpJoinDomain: status of creating account: 0x0
05/13 09:14:00 NetpGetComputerObjectDn: Unable to bind to DS on '\\GER-DC02.c-mlabs.local': 0x54f
05/13 09:14:00 NetpSetDnsHostNameAndSpn: NetpGetComputerObjectDn failed: 0x54f
05/13 09:14:00 ldap_unbind status: 0x0
05/13 09:14:00 NetpJoinDomain: status of setting DnsHostName and SPN: 0x54f
05/13 09:14:00 NetpJoinDomain: initiaing a rollback due to earlier errors
05/13 09:14:00 NetpGetLsaPrimaryDomain: status: 0x0
05/13 09:14:00 NetpManageMachineAccountWithSid: status of disabling account 'PC263$' on '\\GER-DC02.c-mlabs.local': 0x0
05/13 09:14:00 NetpJoinDomain: rollback: status of deleting computer account: 0x0
05/13 09:14:00 NetpLsaOpenSecret: status: 0x0
05/13 09:14:00 NetpJoinDomain: rollback: status of deleting secret: 0x0
05/13 09:14:00 NetpJoinDomain: status of disconnecting from '\\GER-DC02.c-mlabs.local': 0x0
05/13 09:14:00 NetpDoDomainJoin: status: 0x54f
Thanks for looking.
It is a validated system. I cannot patch it, or upgrade the OS.
I do understand that XP is no longer officially supported, however thought someone here might have an idea or two.
Here is the netsetup.log file from the xp machine when it try's to join.
05/13 09:13:51 -----------------------------------------------------------------
05/13 09:13:51 NetpDoDomainJoin
05/13 09:13:51 NetpMachineValidToJoin: 'PC263'
05/13 09:13:51 NetpGetLsaPrimaryDomain: status: 0x0
05/13 09:13:51 NetpMachineValidToJoin: status: 0x0
05/13 09:13:51 NetpJoinDomain
05/13 09:13:51 Machine: PC263
05/13 09:13:51 Domain: c-mlabs.local
05/13 09:13:51 MachineAccountOU: (NULL)
05/13 09:13:51 Account: c-mlabs.local\a-xxxxx
05/13 09:13:51 Options: 0x25
05/13 09:13:51 OS Version: 5.1
05/13 09:13:51 Build number: 2600
05/13 09:13:51 ServicePack: Service Pack 2
05/13 09:13:51 NetpValidateName: checking to see if 'c-mlabs.local' is valid as type 3 name
05/13 09:13:52 NetpCheckDomainNameIsValid [ Exists ] for 'c-mlabs.local' returned 0x0
05/13 09:13:52 NetpValidateName: name 'c-mlabs.local' is valid for type 3
05/13 09:13:52 NetpDsGetDcName: trying to find DC in domain 'c-mlabs.local', flags: 0x1020
05/13 09:13:59 NetpDsGetDcName: failed to find a DC having account 'PC263$': 0x525
05/13 09:13:59 NetpDsGetDcName: found DC '\\GER-DC02.c-mlabs.local' in the specified domain
05/13 09:13:59 NetpJoinDomain: status of connecting to dc '\\GER-DC02.c-mlabs.local': 0x0
05/13 09:13:59 NetpGetLsaPrimaryDomain: status: 0x0
05/13 09:13:59 NetpGetDnsHostName: Read NV Hostname: PC263
05/13 09:13:59 NetpGetDnsHostName: PrimaryDnsSuffix defaulted to DNS domain name: c-mlabs.local
05/13 09:13:59 NetpLsaOpenSecret: status: 0xc0000034
05/13 09:13:59 NetpGetLsaPrimaryDomain: status: 0x0
05/13 09:13:59 NetpLsaOpenSecret: status: 0xc0000034
05/13 09:13:59 NetpJoinDomain: status of setting machine password: 0x0
05/13 09:13:59 NetpGetComputerObjectDn: Unable to bind to DS on '\\GER-DC02.c-mlabs.local': 0x54f
05/13 09:13:59 NetpSetDnsHostNameAndSpn: NetpGetComputerObjectDn failed: 0x54f
05/13 09:13:59 ldap_unbind status: 0x0
05/13 09:13:59 NetpJoinDomain: status of setting DnsHostName and SPN: 0x54f
05/13 09:13:59 NetpJoinDomain: initiaing a rollback due to earlier errors
05/13 09:13:59 NetpLsaOpenSecret: status: 0x0
05/13 09:13:59 NetpJoinDomain: rollback: status of deleting secret: 0x0
05/13 09:13:59 NetpJoinDomain: status of disconnecting from '\\GER-DC02.c-mlabs.local': 0x0
05/13 09:13:59 NetpDoDomainJoin: status: 0x54f
05/13 09:13:59 -----------------------------------------------------------------
05/13 09:13:59 NetpDoDomainJoin
05/13 09:13:59 NetpMachineValidToJoin: 'PC263'
05/13 09:13:59 NetpGetLsaPrimaryDomain: status: 0x0
05/13 09:13:59 NetpMachineValidToJoin: status: 0x0
05/13 09:13:59 NetpJoinDomain
05/13 09:13:59 Machine: PC263
05/13 09:13:59 Domain: c-mlabs.local
05/13 09:13:59 MachineAccountOU: (NULL)
05/13 09:13:59 Account: c-mlabs.local\a-msatterfield
05/13 09:13:59 Options: 0x27
05/13 09:13:59 OS Version: 5.1
05/13 09:13:59 Build number: 2600
05/13 09:13:59 ServicePack: Service Pack 2
05/13 09:13:59 NetpValidateName: checking to see if 'c-mlabs.local' is valid as type 3 name
05/13 09:13:59 NetpCheckDomainNameIsValid [ Exists ] for 'c-mlabs.local' returned 0x0
05/13 09:13:59 NetpValidateName: name 'c-mlabs.local' is valid for type 3
05/13 09:13:59 NetpDsGetDcName: trying to find DC in domain 'c-mlabs.local', flags: 0x1020
05/13 09:14:00 NetpDsGetDcName: found DC '\\GER-DC02.c-mlabs.local' in the specified domain
05/13 09:14:00 NetpJoinDomain: status of connecting to dc '\\GER-DC02.c-mlabs.local': 0x0
05/13 09:14:00 NetpGetLsaPrimaryDomain: status: 0x0
05/13 09:14:00 NetpGetDnsHostName: Read NV Hostname: PC263
05/13 09:14:00 NetpGetDnsHostName: PrimaryDnsSuffix defaulted to DNS domain name: c-mlabs.local
05/13 09:14:00 NetpLsaOpenSecret: status: 0xc0000034
05/13 09:14:00 NetpGetLsaPrimaryDomain: status: 0x0
05/13 09:14:00 NetpLsaOpenSecret: status: 0xc0000034
05/13 09:14:00 NetpManageMachineAccountWithSid: NetUserAdd on '\\GER-DC02.c-mlabs.local' for 'PC263$' failed: 0x8b0
05/13 09:14:00 NetpManageMachineAccountWithSid: status of attempting to set password on '\\GER-DC02.c-mlabs.local' for 'PC263$': 0x0
05/13 09:14:00 NetpJoinDomain: status of creating account: 0x0
05/13 09:14:00 NetpGetComputerObjectDn: Unable to bind to DS on '\\GER-DC02.c-mlabs.local': 0x54f
05/13 09:14:00 NetpSetDnsHostNameAndSpn: NetpGetComputerObjectDn failed: 0x54f
05/13 09:14:00 ldap_unbind status: 0x0
05/13 09:14:00 NetpJoinDomain: status of setting DnsHostName and SPN: 0x54f
05/13 09:14:00 NetpJoinDomain: initiaing a rollback due to earlier errors
05/13 09:14:00 NetpGetLsaPrimaryDomain: status: 0x0
05/13 09:14:00 NetpManageMachineAccountWithSid: status of disabling account 'PC263$' on '\\GER-DC02.c-mlabs.local': 0x0
05/13 09:14:00 NetpJoinDomain: rollback: status of deleting computer account: 0x0
05/13 09:14:00 NetpLsaOpenSecret: status: 0x0
05/13 09:14:00 NetpJoinDomain: rollback: status of deleting secret: 0x0
05/13 09:14:00 NetpJoinDomain: status of disconnecting from '\\GER-DC02.c-mlabs.local': 0x0
05/13 09:14:00 NetpDoDomainJoin: status: 0x54f
Thanks for looking.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Well, you should be able to join WinXP to a domain with a domain controller running Windows Server 2016. Under some circumstances you should be able to join WinXP to a domain with a DC2019. However, you can find many discussions describing issues with joining it to a domain with a DC2019. Some people fixed it by installing specific KBs on the WinXP machine (for instance KB969442, KB968389, etc.), some people claim it's due to the RC4 cipher. Anyway, the fact is that WinXP wasn't designed or even tested to work under DC 2019 so...
You can try to install these KBs and see but you'll be very lucky if you ever get it working. This system is EOL and the chance that it will work is pretty low.
https://social.technet.microsoft.com/Forums/en-US/05b74c9c-7a80-4a03-8136-455cba9f95cc/windows-xp-and-active-directory-2019?forum=ws2019
You can try to install these KBs and see but you'll be very lucky if you ever get it working. This system is EOL and the chance that it will work is pretty low.
https://social.technet.microsoft.com/Forums/en-US/05b74c9c-7a80-4a03-8136-455cba9f95cc/windows-xp-and-active-directory-2019?forum=ws2019
ASKER
yeah.. thing is i can't even patch it, without vendor support and validation. I will try it with a 2016 DC.. .
ASKER