Damn Domain

Discussion in 'Networks' started by Nelix, Sep 3, 2003.

  1. Nelix
    Honorary Member

    Nelix Gigabyte Poster

    1,416
    3
    82
    Hi All

    I have just reinstalled my server and set up the domain and active directory, however, when i try to join the main computer to the domain it gives me an error pointing me to the fact that it could have been caused by a DNS lookup error, have followed the link that it provides (sorry, dont have the exact info on me at the mo) and followed the instructions to the letter but still get the same error,

    I think this is the link (if i remember rightly)

    http://go.microsoft.com/fwlink/?linkid=5171

    click on the "A. Domain Join (From the Network Identification Tab) " link and thats the instructions i followed
     
    Certifications: A+, 70-210, 70-290, 70-291, 74-409, 70-410, 70-411, 70-337, 70-347
    WIP: 70-346
  2. Sandy

    Sandy Ex-Member

    1,091
    2
    65
    Hi Nex

    Is this the only DNS on the network :?:

    when i try to join the main computer to the domain

    This comment confuses me :!:
     
  3. tripwire45
    Honorary Member

    tripwire45 Zettabyte Poster

    13,493
    180
    287
    I'm a little confused as well, Derek. If this is the only server on your network and you promoted it to domain controller, it is the domain. Natch, it requires AD and DNS to function as DC. Dumb question: Are DNS services running and, if so, is the server pointing to itself as the DNS server?

    The error you're getting is one I'd expect if you're trying to get a member server to join an already existing domain. :confused3
     
    Certifications: A+ and Network+
  4. Luton Bee

    Luton Bee Kilobyte Poster

    365
    0
    36
    I,m confused as well (no comments please!) are you getting the error on a client you are trying to join to a new domain? have you had to re-load the server and create a new Domain? If so is the error due to the client using old IP csettings either static or via DHCP?
     
    Certifications: MCSE, MCSA, MCP, A+, Network+ C&G ICT
    WIP: CCNA
  5. Nelix
    Honorary Member

    Nelix Gigabyte Poster

    1,416
    3
    82
    OK so I posted this very quickly from work and didn't explain myself properly, here's the deal.

    The server was reinstalled and set it as a DC (the only one on the network), installed Active directory and DNS as well as the DNS forward lookup zone.

    The client that i was trying to get to join the domain is currently a member of a workgroup.

    I can ping each computer from the other by Host name.

    If this is still not enough information you will have to forgive me as i have not done alot regarding 2000 server :oops: so please just list any questions that you need answered.

    P.S. yes flex the server is pointing to itself (IP address)
     
    Certifications: A+, 70-210, 70-290, 70-291, 74-409, 70-410, 70-411, 70-337, 70-347
    WIP: 70-346
  6. flex22

    flex22 Gigabyte Poster

    1,679
    0
    69
    OH, OK, glad to hear it. :unsure :confused2
     
  7. Nelix
    Honorary Member

    Nelix Gigabyte Poster

    1,416
    3
    82
    SORRY that should have been TRIP :oops:
     
    Certifications: A+, 70-210, 70-290, 70-291, 74-409, 70-410, 70-411, 70-337, 70-347
    WIP: 70-346
  8. Luton Bee

    Luton Bee Kilobyte Poster

    365
    0
    36
    Is the client Win XP?

    for some strange reason XP does not take too kindly to hai=ving it's workgroup/domain status toggled sometimes. Make sure the client does not have a machine account in the domain (or change the Host name) and keep trying it will eventually contact the DC and get itself in the Domain. Also check the DNS zone properties to make sure you are allowing updates.
     
    Certifications: MCSE, MCSA, MCP, A+, Network+ C&G ICT
    WIP: CCNA
  9. Phil
    Honorary Member

    Phil Gigabyte Poster

    1,680
    7
    87
    Derek,

    Are the SRV records for the Domain controller in DNS?
     
    Certifications: MCSE:M & S MCSA:M CCNA CNA
    WIP: 2003 Upgrade, CCNA Upgrade
  10. Nelix
    Honorary Member

    Nelix Gigabyte Poster

    1,416
    3
    82
    Luton......it's 2000

    Phil,,,,they are there in the dns forward lookup zone, it says under the name column '(same as parent folder), under type it says 'state of authority' and under data it says '[25],homesrv.home.co.uk., admin.home.co.uk'

    there are also 2 name server entrys that are under the name column as (same as parent folder) and 2 host entrys 1 says (same as parent folder) and the other says homesrv

    HTH
     
    Certifications: A+, 70-210, 70-290, 70-291, 74-409, 70-410, 70-411, 70-337, 70-347
    WIP: 70-346
  11. Nelix
    Honorary Member

    Nelix Gigabyte Poster

    1,416
    3
    82
    This problem is still not resolved, I have been talking to one of the IT guys here at work and he said that the administrator on the client machine may not have permission to add workstations to domains, i know i can change this but i can't remember how :oops: (I think i might be in for a blonde day today).

    Just for your information, the client machine in question used to be a member of this domain but i demoted the server to a standalone server due to incorrect setup, now after reinstalling the server i cant get this client machine to join again, could the fact that the client was previously a member be an issue here?
     
    Certifications: A+, 70-210, 70-290, 70-291, 74-409, 70-410, 70-411, 70-337, 70-347
    WIP: 70-346
  12. AJ

    AJ 01000001 01100100 01101101 01101001 01101110 Administrator

    6,897
    182
    221
    Hi Nelix

    We sometimes get a similar problem. The only way around it is to disjoin the client from the domain, best logged in as the local administrator, and join the machine to a workgroup (anything will do but not a workgroup that the computer will recognise). If the client has an account in active directory you might need to delete this. When it asks you to restart try and rejoin it to the domain. When it asks you for a user name and password use the Domain Administrators password and it should rejoin and make its own computer account.

    I could be wrong of course

    HTH

    Andrew
     
    Certifications: MCSE, MCSA (messaging), ITIL Foundation v3
    WIP: Breathing in and out, but not out and in, that's just wrong
  13. Phil
    Honorary Member

    Phil Gigabyte Poster

    1,680
    7
    87
    Derek

    I think Andrew's suggestion should work.

    To join a computer to a domain you will need to supply a domain users account and password when it asks. To delegate permissions to "join computers to the domain" to another user than the Domain Admin go to Active Directory Users and Computers, right click on the Domain object and select delegate control, select the user click next and then select "Join a Computer to a Domain" then follow the wizard.
     
    Certifications: MCSE:M & S MCSA:M CCNA CNA
    WIP: 2003 Upgrade, CCNA Upgrade
  14. AJ

    AJ 01000001 01100100 01101101 01101001 01101110 Administrator

    6,897
    182
    221
    Hey Derek

    How you doin, did it work or are we still in the dark.

    Andrew
     
    Certifications: MCSE, MCSA (messaging), ITIL Foundation v3
    WIP: Breathing in and out, but not out and in, that's just wrong
  15. Jakamoko
    Honorary Member

    Jakamoko On the move again ...

    9,924
    74
    229
    Ooops, Looks like Nelix just disjoined himself ! :oops:

    I would have thought the same, Andrew - surely the local Admin can't join a machine to the Domain, effectively over-ruling the Domain Admin ?

    Just didn't want to mention it before, in case I ended up all the Armadillo ar*es of the day :oops:
     
    Certifications: MCP, A+, Network+
    WIP: Clarity
  16. Luton Bee

    Luton Bee Kilobyte Poster

    365
    0
    36
    I thought i'd read somewhere that any valid domain user could add upto 10 machines to the domain?

    Then again I could have dreamed it! I always use the domain administartor account at work to join machines and create accounts.
     
    Certifications: MCSE, MCSA, MCP, A+, Network+ C&G ICT
    WIP: CCNA
  17. Jakamoko
    Honorary Member

    Jakamoko On the move again ...

    9,924
    74
    229
    Yeah, but surely at this stage, Nelix's client isn't a valid Domain User, Luton ? Not until he's joined it ? Catch 22 ?

    As usual., stand corrected if wrong :oops:
     
    Certifications: MCP, A+, Network+
    WIP: Clarity
  18. Phil
    Honorary Member

    Phil Gigabyte Poster

    1,680
    7
    87
    Luton, I don't remember seeing that anywhere but I stand to be corrected. At work nobody except domain admins or people who have been delegated the authority can join computers to a domain. Also thinking about it wouldn't that leave a great big security hole, not that thats unusual :)
     
    Certifications: MCSE:M & S MCSA:M CCNA CNA
    WIP: 2003 Upgrade, CCNA Upgrade
  19. AJ

    AJ 01000001 01100100 01101101 01101001 01101110 Administrator

    6,897
    182
    221
    Your right Phil. To add computers to the domain you must be a member of the Domain administrators group, or have the right of adding computers deligated to you by an administrator. There is one other way and that is through group policy, but that is really the same as having the rights given to you.

    We are still waiting to find out if Derek did manage to clear up his problem!!!

    I'm sure we'll find out soon.

    Andrew
     
    Certifications: MCSE, MCSA (messaging), ITIL Foundation v3
    WIP: Breathing in and out, but not out and in, that's just wrong
  20. Nelix
    Honorary Member

    Nelix Gigabyte Poster

    1,416
    3
    82
    I havent sorted the problem yet guys, have put it on hold for the time being as I have some serious family issuse that need sorting first but i will keep you updated when I have another go

    Thanks for all the hints and tips
     
    Certifications: A+, 70-210, 70-290, 70-291, 74-409, 70-410, 70-411, 70-337, 70-347
    WIP: 70-346

Share This Page

Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.