RE: Can't join a domain

Tech-Archive recommends: Fix windows errors by optimizing your registry


Is this a new domain? I hope so. You are using a single label DNS domain
name. This will cause you endless problems.

If it is new start again!

Best Regards
Joe Dunn MCSE


"Kolchak" wrote:

Hi,

Been killing me all day, so begging for help :)

I have a machine I want to be a DC at a remote site, but DCPROMO is failing
with:

An Active Directory domain controller for the domain DOM could not be
contacted.

The domain name DOM might be a NetBIOS domain name. If this is the case,
verify that the domain name is properly registered with WINS.

If you are certain that the name is not a NetBIOS domain name, then the
following information can help you troubleshoot your DNS configuration.

DNS was successfully queried for the service location (SRV) resource record
used to locate a domain controller for domain DOM:

The query was for the SRV record for _ldap._tcp.dc._msdcs.DOM

The following domain controllers were identified by the query:

files1.DOM
files3.DOM

Common causes of this error include:

- Host (A) records that map the name of the domain controller to its IP
addresses are missing or contain incorrect addresses.

- Domain controllers registered in DNS are not connected to the network or
are not running.

This machine is using files1 and files3 as its DNS servers. Files1 and
files3 are both at HQ, I'm at the remote site. A VPN is setup and no ports
are currently being blocked. I can also do the following:

set q=srv
_ldap._tcp.dc._msdcs.DOM
Server: files3.DOM
Address: 10.1.1.3

_ldap._tcp.dc._msdcs.DOM SRV service location:
priority = 0
weight = 100
port = 389
svr hostname = files3.DOM
_ldap._tcp.dc._msdcs.DOM SRV service location:
priority = 0
weight = 100
port = 389
svr hostname = files1.DOM
files3.DOM internet address = 10.1.1.3
files1.DOM internet address = 10.1.1.1

So srv can be located. The same error happens when I try and add the machine
to the domain. Both existing DCs can be pinged, and an nmap of them both from
the remote site returns hundreds of open ports, with all the expected ones
marked opened. I am absolutely stumped - any ideas??? I've run DCDIAG on a
domain controller and everything is fine... please help :)

Cheers,
Karl
.

Relevant Pages

  • Remote Branch DC wont Replicate With Corporate DC
    ... Active Directory could not resolve the following DNS host name of the source ... domain controller to an IP address. ... 'Event' is not recognized as an internal or external command, ... operable program or batch file. ...
    (microsoft.public.windows.server.dns)
  • Re: Domain Controllers Cant reach Default Gateway...
    ... Making the ISA a domain controller would ... area of DNS it was missing the CNAME entry with the GUID ... DNS server doesn't support this feature. ... The problem is my XP Pro laptop. ...
    (microsoft.public.win2000.active_directory)
  • Re: Domain Controllers Cant reach Default Gateway...
    ... Making the ISA a domain controller would ... one of the domain controllers the active directory DNS zone ... DNS server doesn't support this feature. ... The problem is my XP Pro laptop. ...
    (microsoft.public.win2000.active_directory)
  • Re: Domain Controllers Cant reach Default Gateway...
    ... Making the ISA a domain controller would ... one of the domain controllers the active directory DNS zone ... DNS server doesn't support this feature. ... The problem is my XP Pro laptop. ...
    (microsoft.public.win2000.active_directory)
  • Re: Domain Controllers Cant reach Default Gateway...
    ... Making the ISA a domain controller would ... DNS it was missing the CNAME entry with the GUID for the other ... DNS server doesn't support this feature. ... The problem is my XP Pro laptop. ...
    (microsoft.public.win2000.active_directory)