Re: Please help - Can't join PC to new domain
- From: Samir <Samir@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 30 May 2006 09:31:02 -0700
OK - I will try that and report back later today. Thanks for responding.
(I wish I didn't have to do this, but at this stage I'll try anything - I'm
basically blocked.)
"Ace Fekay [MVP]" wrote:
In news:AF27271B-451E-470E-BADE-8AA799267E2C@xxxxxxxxxxxxx,.
Samir <Samir@xxxxxxxxxxxxxxxxxxxxxxxxx> stated, which I commented on below:
OK, I'm a newbie at this, so please be gentle.
I installed a DC (Windows Server 2003 R2) and set up Active Directory
and DNS - no issues there.
Then I tried to join a Windows XP computer to the newly created
domain. Eight frustrating hours of the same error message:
"The server cannot perform the requested operation." (or something
really close to that).
Looked around in newsgroups and found that there's a log file (see
below) - it says "ldap_bind failed".
Tried creating the computer account first and then adding it to the
domain - no luck :-(
Disabled firewall - no luck :-(
'nslookup' says everything's ok. What gives?
And yes, I did point the IP/DNS setting on the client to the
server/DC/DNS/AD machine.
Please help!
----------------------------
05/29 17:28:48 NetpDoDomainJoin
05/29 17:28:48 NetpMachineValidToJoin: 'CLIENT'
05/29 17:28:48 NetpGetLsaPrimaryDomain: status: 0x0
05/29 17:28:48 NetpMachineValidToJoin: status: 0x0
05/29 17:28:48 NetpJoinDomain
05/29 17:28:48 Machine: CLIENT
05/29 17:28:48 Domain: MyDomain
05/29 17:28:48 MachineAccountOU: (NULL)
05/29 17:28:48 Account: MyDomain\Administrator
05/29 17:28:48 Options: 0x27
05/29 17:28:48 OS Version: 5.2
05/29 17:28:48 Build number: 3790
05/29 17:28:48 ServicePack: Service Pack 1
05/29 17:28:48 NetpValidateName: checking to see if 'MyDomain' is
valid as type 3 name
05/29 17:28:48 NetpCheckDomainNameIsValid [ Exists ] for 'MyDomain'
returned 0x0
05/29 17:28:48 NetpValidateName: name 'MyDomain' is valid for type 3
05/29 17:28:48 NetpDsGetDcName: trying to find DC in domain
'MyDomain', flags: 0x1020
05/29 17:28:48 NetpDsGetDcName: found DC '\\SERVER' in the specified
domain 05/29 17:29:48 NetpJoinDomain: status of connecting to dc
'\\SERVER': 0x0 05/29 17:29:48 NetpGetLsaPrimaryDomain: status: 0x0
05/29 17:29:48 NetpGetDnsHostName: Read NV Hostname: client
05/29 17:29:48 NetpGetDnsHostName: PrimaryDnsSuffix defaulted to DNS
domain name: MyDomain
05/29 17:29:48 NetpLsaOpenSecret: status: 0xc0000034
05/29 17:29:48 NetpGetLsaPrimaryDomain: status: 0x0
05/29 17:29:48 NetpLsaOpenSecret: status: 0xc0000034
05/29 17:29:48 NetpManageMachineAccountWithSid: NetUserAdd on
'\\SERVER' for 'CLIENT$' failed: 0x8b0
05/29 17:29:49 NetpManageMachineAccountWithSid: status of attempting
to set password on '\\SERVER' for 'CLIENT$': 0x0
05/29 17:29:49 NetpJoinDomain: status of creating account: 0x0
05/29 17:30:15 NetpLdapBind: ldap_bind failed on \\SERVER: 81: Server
Down 05/29 17:30:15 ldap_unbind status: 0x0
05/29 17:30:15 NetpSetDnsHostNameAndSpn: NetpLdapBind failed: 0x3a
05/29 17:30:15 NetpJoinDomain: status of setting DnsHostName and SPN:
0x3a 05/29 17:30:15 NetpJoinDomain: initiaing a rollback due to
earlier errors 05/29 17:30:15 NetpGetLsaPrimaryDomain: status: 0x0
05/29 17:30:15 NetpManageMachineAccountWithSid: status of disabling
account 'CLIENT$' on '\\SERVER': 0x0
05/29 17:30:15 NetpJoinDomain: rollback: status of deleting computer
account: 0x0
05/29 17:30:15 NetpLsaOpenSecret: status: 0x0
05/29 17:30:15 NetpJoinDomain: rollback: status of deleting secret:
0x0 05/29 17:30:15 NetpJoinDomain: status of disconnecting from
'\\SERVER': 0x0 05/29 17:30:15 NetpDoDomainJoin: status: 0x3a
Your DNS domain name, "MYDOMAIN" is a single label name. If this is not a
production machine or is a fresh installation, demote it, and re-promote it
with a proper AD DNS Domain name or "mydomain.com", "mydomain.local", or
"mydomain.samir".
Single label domain names are not proper DNS names and XP and 2003 have
numerous problems associated with it. It's your best interest to demote it
and promote it properly.
--
Ace
This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.
Having difficulty reading or finding responses to your post?
Instead of the website you're using, I suggest to use OEx (Outlook Express
or any other newsreader), and configure a news account, pointing to
news.microsoft.com. This is a direct link to the Microsoft Public
Newsgroups. It is FREE and requires NO ISP's Usenet account. OEx allows you
to easily find, track threads, cross-post, sort by date, poster's name,
watched threads or subject.
It's easy:
How to Configure OEx for Internet News
http://support.microsoft.com/?id=171164
Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft MVP - Directory Services
Microsoft Certified Trainer
Infinite Diversities in Infinite Combinations
Assimilation Imminent. Resistance is Futile
"Very funny Scotty. Now, beam down my clothes."
The only thing in life is change. Anything more is a blackhole consuming
unnecessary energy. - [Me]
- Follow-Ups:
- Re: Please help - Can't join PC to new domain
- From: Ace Fekay [MVP]
- Re: Please help - Can't join PC to new domain
- References:
- Please help - Can't join PC to new domain
- From: Samir
- Re: Please help - Can't join PC to new domain
- From: Ace Fekay [MVP]
- Please help - Can't join PC to new domain
- Prev by Date: Re: DNS Event Log Messages on DC
- Next by Date: DNS and hosting
- Previous by thread: Re: Please help - Can't join PC to new domain
- Next by thread: Re: Please help - Can't join PC to new domain
- Index(es):
Relevant Pages
|
