Re: Cannot join domain

Tech-Archive recommends: Fix windows errors by optimizing your registry

Daniel <danieltbt05@xxxxxxxxx> wrote:
I redo the user and permission on the netlogon folder. I'm using wins
but i don;t know why netdiag shows i didnt use wins. i cannot use
netdiag from win xp client there is an error which i do not know
whether is it not compatible.

Make sure you're using the right version of netdiag....
http://www.microsoft.com/downloads/details.aspx?FamilyId=49AE8576-9BB9-4126-9761-BA8011FABF38&displaylang=en

You might also try a winsock repair.


ISA has nothing to do with it. I've
open all comm. for internal network. I reinstall my OS as precaution
and now i can't even ping my server fqdn even tho i point to my dns.

Daniel



"Lanwench [MVP - Exchange]"
<lanwench@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message news:uHrlWaybHHA.2448@xxxxxxxxxxxxxxxxxxxxxxx
Daniel <danieltbt04@xxxxxxxxx> wrote:
In the first place, i put Daniel as my computer account but it is
not working then i rename it to daniel123 then there are daniel123
in ADUC and it joins domain. But something stop it from login. I
forget to tell that i did some changes in permission to the
netlogon folder from network client.

Can you undo that?

That is i thought some permission problem. I
found that permission changes from network client is different from
doing it on the server. Would that be the problem ? The reason
having 2 nics is that this server also acts as isa server, so it
needs 2 interfaces. !92.168.1.249 is the internal and 192.168.0.250
is the external interface that link to WAN. I'll post netdiag from
server and client later. Btw is there anything wrong with the
dcdiag ? Thanks

No, other than the fact that I think you ought to be using WINS....

Since you're using ISA, which I don't know at all, that may be
playing a role here. Try crossposting a new, updated message to an
ISA group and an AD group for more help - sorry I can't do more.

(ISA is probably fine stuff, but I wouldn't want it running on a DC).

Daniel


"Lanwench [MVP - Exchange]"
<lanwench@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message news:udcwwEjbHHA.4808@xxxxxxxxxxxxxxxxxxxxxxx
Inline -

Daniel <danieltbt04@xxxxxxxxx> wrote:
Sorry it should be 'The system cannot log you on because the
domain is not available'. In has event id of 5805 "
The session setup from the computer Daniel failed to authenticate.
The following error occured:Access is denied.

Another event id is 5723, The session setup from computer 'DANIEL'
failed because the security database does not contain a trust
account 'DANIEL$' referenced by the specified computer.

Do you see a computer account for DANIEL in ADUC?


I'd start from scratch....
Disjoin the domain (rename the workstation in the meantime)
Look for the computer account in ADUC and delete it if you see it
Rename your PC to DANIEL and reboot
Try to join the domain again

You also didn't post an ipconfig /all from your workstation as
asked.
Below is the result
of netdiag

I actually meant, run this on the workstation - but this is useful
too. DCDiag is another good tool. You may have more than one
problem going on here, but I'll take a whack at it.


......................................

Computer Name: W2K3SERVER
DNS Host Name: w2k3server.dist.dyndns.org
System info : Microsoft Windows Server 2003 (Build 3790)
Processor : x86 Family 15 Model 47 Stepping 2, AuthenticAMD
List of installed hotfixes :
Q147222


Netcard queries test . . . . . . . : Passed
Per interface results:
Adapter : Local Area Connection 2

What's the reason you have two NICs in this server? It's rarely a
good idea, esp on a DC/DNS box.



Netcard queries test . . . : Passed
Host Name. . . . . . . . . : w2k3server.dist.dyndns.org
IP Address . . . . . . . . : 192.168.1.249
Subnet Mask. . . . . . . . : 255.255.255.0
Default Gateway. . . . . . :
Dns Servers. . . . . . . . : 192.168.1.249

What is this NIC attached to?


AutoConfiguration results. . . . . . : Passed
Default gateway test . . . : Skipped
[WARNING] No gateways defined for this adapter.

NetBT name test. . . . . . : Passed
[WARNING] At least one of the <00> 'WorkStation Service',
<03> 'Messenger Service', <20> 'WINS' names is missing.

WINS service test. . . . . : Skipped
There are no WINS servers configured for this
interface. Adapter : Local Area Connection
Netcard queries test . . . : Passed
Host Name. . . . . . . . . : w2k3server
IP Address . . . . . . . . : 192.168.0.250
Subnet Mask. . . . . . . . : 255.255.255.0
Default Gateway. . . . . . : 192.168.0.2
Dns Servers. . . . . . . . : 192.168.1.249

Given that I don't know much about your setup, and am not too savvy
about multihomed DCs, this looks odd to me.


AutoConfiguration results. . . . . . : Passed
Default gateway test . . . : Passed
NetBT name test. . . . . . : Passed
[WARNING] At least one of the <00> 'WorkStation Service',
<03> 'Messenger Service', <20> 'WINS' names is missing.
No remote names have been found.

Unless you're disabling NetBIOS over TCP/IP in all your servers &
workstations, I'd use WINS...

WINS service test. . . . . : Skipped
There are no WINS servers configured for this
interface. Adapter : {EEADFA71-EE6F-4CE8-AF73-3B7FA006BBAA}

Netcard queries test . . . : Passed
Host Name. . . . . . . . . : w2k3server
IP Address . . . . . . . . : 169.254.111.51
Subnet Mask. . . . . . . . : 255.255.255.255
Default Gateway. . . . . . :
Dns Servers. . . . . . . . :

AutoConfiguration results. . . . . . : Passed

Default gateway test . . . : Skipped
[WARNING] No gateways defined for this adapter.

NetBT name test. . . . . . : Passed
[WARNING] At least one of the <00> 'WorkStation Service',
<03> 'Messenger Service', <20> 'WINS' names is missing.
No remote names have been found.

WINS service test. . . . . : Skipped
There are no WINS servers configured for this
interface. Global results:
Domain membership test . . . . . . : Passed
NetBT transports test. . . . . . . : Passed
List of NetBt transports currently configured:
NetBT_Tcpip_{244B5688-4DF2-40E1-B359-C76C201E6E12}
NetBT_Tcpip_{D6211B53-9E8F-40BA-88BB-4A8A6C2FF2CF}
NetBT_Tcpip_{EEADFA71-EE6F-4CE8-AF73-3B7FA006BBAA}
3 NetBt transports currently configured.


Autonet address test . . . . . . . : Passed
IP loopback ping test. . . . . . . : Passed
Default gateway test . . . . . . . : Passed
NetBT name test. . . . . . . . . . : Passed
[WARNING] You don't have a single interface with the <00>
'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names
defined.

Winsock test . . . . . . . . . . . : Passed
DNS test . . . . . . . . . . . . . : Passed
PASS - All the DNS entries for DC are registered on DNS server
'192.168.1.249' and other DCs also have some of the names
registered. Redir and Browser test . . . . . . : Passed
List of NetBt transports currently bound to the Redir
NetBT_Tcpip_{244B5688-4DF2-40E1-B359-C76C201E6E12}
NetBT_Tcpip_{D6211B53-9E8F-40BA-88BB-4A8A6C2FF2CF}
NetBT_Tcpip_{EEADFA71-EE6F-4CE8-AF73-3B7FA006BBAA}
The redir is bound to 3 NetBt transports.

List of NetBt transports currently bound to the browser
NetBT_Tcpip_{244B5688-4DF2-40E1-B359-C76C201E6E12}
NetBT_Tcpip_{D6211B53-9E8F-40BA-88BB-4A8A6C2FF2CF}
NetBT_Tcpip_{EEADFA71-EE6F-4CE8-AF73-3B7FA006BBAA}
The browser is bound to 3 NetBt transports.


DC discovery test. . . . . . . . . : Passed
DC list test . . . . . . . . . . . : Passed
Trust relationship test. . . . . . : Skipped
Kerberos test. . . . . . . . . . . : Passed
LDAP test. . . . . . . . . . . . . : Passed
Bindings test. . . . . . . . . . . : Passed
WAN configuration test . . . . . . : Skipped
No active remote access connections.
Modem diagnostics test . . . . . . : Passed
IP Security test . . . . . . . . . : Skipped
Note: run "netsh ipsec dynamic show /?" for more detailed
information
The command completed successfully


Daniel


<snipped for length>

Some DNS guru may step in here - corrections are always welcome.



.

Relevant Pages

  • Re: ereigniskennung 1030
    ... - Microsoft-Netzwerk (Client) Kommunikation digital signieren (wenn Server ... > .:Daniel Melanchthon:. ...
    (microsoft.public.de.german.windows.server.general)
  • Re: Com+ remote calls
    ... What Daniel says is true, however you can go into the Component Services ... "stub" or proxy DLL's setup and ready to connect to your server. ... need to do is reference these DLL's on the client. ...
    (microsoft.public.dotnet.distributed_apps)
  • RE: Problem after migrate
    ... please let me know the exact output of the netdiag results on client ... The CAB file will be generated for your convenience in the ... If I execute the Netdiag in the server does not report problems, ...
    (microsoft.public.windows.server.migration)
  • Re: Replacing primary DC with new server...
    ... Open DNS management console and check that you are running Active directory integrated zone (easier for replication, if you have more then one DNS server) ... to be sure that everything runs fine, disconnect the old DC from the network and check with clients and servers the connectivity, logon and also with one client a restart to see that everything is ok ... dcdiag and netdiag on the old machine to check for errors ...
    (microsoft.public.windows.server.setup)
  • Re: Cannot join domain (There are no more endpoints available from the
    ... or is it a new server and you've never been able ... to successfully join a client? ... When you run dcdiag and netdiag as it says in the KB, ... There are no more endpoints available from the endpoint mapper. ...
    (microsoft.public.windows.server.sbs)