Adding laptop to a domain

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

Cheers, i'll give that a go if all else fails!

I don't recall it coming with any installation discs though, I think it's got a recovery partition instead. So i'll have to see if we've got the right stuff at work before I delete all that off!

 

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

Hi again,

I finally got the laptop to join the domain. I haven't removed Norton yet because my boss wants me to keep it on there! I don't think they want to shell out for a new license on antivirus or firewall so i've been trying everything else.

Anyway, on Friday there were fewer users in the office than normal and the laptop joined to the domain at the 1st time of asking. All i did was go to System Properties and went from there. I'm not sure if this was a coincedence (due to less users) or there's more to it.

So I can join the domain, but I can't see the print server, any other computers on the LAN or any of the servers.

The way the network is setup is a bit screwy. We have a VPN between us and our servers that are based in Edinburgh, we're in Leicester! There is no seperate LAN at the office so we exist as an extension of the domian, but over a VPN. Confused??

I can map drives off the servers by typing in the full directory path, and I can dial into the servers with Remote Desktop or VNC. But I can't see anything through Network places except the node for the domain. The node doesn't expand and I just get this error when I try to expand it:

xxxxx is not accessible. You might not have permission to use this network resource. Contact the administrator of this server to find out if you have access permissions.

The list of servers for this workgroup is not currently available.

I am an administrator, domain administrator along with other many others. My account is configured the same as the other admins who have no problems connecting, and the laptop is configured the same as other pc's that have no connectivity problems.

I am all out of options on this one, (except delete Norton which my boss wont let me do!!).

Any help/ideas greatly appreciated.

Paul

 

So you *can* connect to the DHCP server but you *can't* connect to the DNS server. I assume you ran the ipconfig/all command to discover your IP settings and that you had a valid IP address on the network. Verify that the IP for the DNS server and gateway are correct. It's odd that you can ping the DHCP server but no other computer at all. Sounds like something is misconfigured.

Is anyone else having this problem at work? Just a shot in the dark.

 

There's another guy who got a new Vaio laptop a few months ago and he's never been able to join the domain. Also the print server is a little hit and miss aswell!!

 

Is the same server (and interface) serving DNS and DHCP requests?
Is the lappies primary DNS set to the DC?
Have you tried ipconfig with the /registerDNS switch?
Most of these issues are either Norton, or Windows firewall.

Something's ringing a bell here....

 

I finally sorted this out the other day and I thought i'd post up the resolution because it's one of those 'not so obvious' things.

First up, let me just say that this problem started in the 1st week of my new job. I originally thought I was doing systems support but it looks like i'm the network administrator!!

The company I work for is quite small (30 -40 users) and the IT dept consists of 6 people, 4 of those are programmers, 1 software support/programmer, and little 'ol me, who has had a shoddy installation of a growing network dumped on his hands, and left to sort it out because no-one else knows what they're doing! That's not a rant as such, because i'm actually quite excited about the challenge of sorting it all out, and getting it up and running how it should be.

Anyway, the problem turned out to be a DNS issue as suggested previously. The DNS address that I got through IP config did not match the DHCP address. So I checked other computers and they all had the same DNS address that I did, but they could all access resources on the network.

I didn't think much else of it, thinking maybe there was a proxy server or something because our servers are based up the other end of the country.

After a bit more digging about I contacted the guys who host our servers and got them to tell me the IP Address of the DNS server up there. What do you know, it's something completely different to the DNS address's we have down here. So I add the new DNS address in and voila! i'm logged straight into the domain.

The bit that really threw me is that other users can access network resources yet their DNS address is wrong?

I can only make assumptions about some of this, but I think when the network was originally put together, the guys who did it didn't know what they were doing. Fair enough as none of them have a networking background, and i think they were asked to do it just because they were labelled as IT guys. But it would appear they couldn't get DNS resolution, probably because they had the wrong address.

To get around this, they put an lmhosts file (containing the IP address's of the servers and stuff) in every machine on the network. This allowed them to get by without DNS and still access resources across the network.

This appears to have got them working, but it has proved a right headache for me getting to the root of this problem!

So since day one, not one user has logged on to the domain! Every user logs on locally to their own machine and they're constantly swapping passwords so they can get onto other users machines when they need documents and things! Crazyness!!

Well at least I know where the problem is now and I know how to fix it. I just have the small issue of configuring every pc to join the domain so that users can finally work together!!

Thanks for your input guys!

 

One old one that's just used as test server, not sure of the spec of it. I'm thinking of using it as a second domain controller (they only have one at the mo!!), maybe making it the primary DC.

 

Sorry, I didn't clarify this bit. We lease our servers through a hosting company so there's only one subnet (i think?).

We do have a number of users based in various locations around the country and our main office in Leicester. I'm assuming (because i haven't checked yet) that it's all one big subnet. I think we (main office) have a permanent connection with Edinburgh, but i'm not sure about the remote users.

I was thinking that setting up the primary DC in the office would reduce network traffic between our office and the Edinburgh servers, and also mean I can physically touch the server for maintenance. Then setup the 2nd DC on a server in Edinburgh and configure the remote users to use that as their primary DNS.

Only drawback is we don't have a UPS in our office to protect the server, and i'm sure some melon would turn it off or unplug something they shouldn't!

 

lol, cheers sparky, i'll let you know when you can throw the switch!

One is a DC with AD and Exchnage on it. 1 web server. 2 database servers. 5 or 7 (can't remember) servers running application modules that support our in house software.

I've spent the last 2 weeks trying to understand how the network is setup. It appears there's a network but it's not being used!! Active Directory has no structure to it, everything's plopped into 1 domain, no OU's, no group's, no distinction between various elements of the business, nudda, nothing, nout!!

I setup some email groups the other day, so staff could email just the guys in their dept and my boss thought it was amazing!!

Oh I have sooooo much to do.............

 

It all sounds messy to me. Active directory should always be designed and set up by someone that knows what they are doing. It's a can of worms to sort problems out after it's been mis-configured.

One domain is fine, that is what Active Directory is all about, you only need more than one domain if you require different account policies in different places.

One more thing to know is that configuring the LMHOSTS file is a manual way of configuring name resolution for NetBIOS names. In other words, it replaces a *WINS* server functionality not a DNS server.

The HOSTS file is used for mapping a FQDN (fully qualified domain name) to an IP address. Like DNS does but as Active Directory relies so much on DNS, it is vital to have an accessible DNS server available at all times. Just configuring HOST files on clients will not work.

 

Thanks for that Bluerinse. I suppose that means I don't actually know why the other computers could see network resources when they weren't even loggged on to the domain! Not that i'm too bothered, but it's been nagging at me a bit.

I was planning on keeping just the 1 domain, but adding more structure to it using OU's and groups etc. I would prefer to do a clean start and rebuild the AD from scratch but i'm not to sure how feasible that would be?