RE: vpn and joining remote computers
- From: v-terliu@xxxxxxxxxxxxxxxxxxxx (Terence Liu [MSFT])
- Date: Thu, 05 Apr 2007 07:36:30 GMT
Hello Duke,
Thank you for posting here.
According to your description, I understand that you get error when you try
to join in remote domain via VPN connection. If I have misunderstood the
problem, please don't hesitate to let me know.
Based on my research, the error may occur if any one of the following
conditions is true:
a. Windows XP is not configured to use a local DNS server.
b. NetBIOS over TCP (NetBT) is disabled on Windows XP, and you are using
the NetBT domain name when you try to add the computer.
c. A third-party firewall program that is installed on the Windows XP-based
computer is blocking DNS queries.
d. You did not follow the recommended steps to set up Windows XP on a Small
Business Server network.
I suggest we try the following steps to see if we can resolve this issue:
1. Use remote Small Business Server as DNS of this client:
a. On Windows XP, click Start, and then click Control Panel.
b. If Control Panel is in Category View, click Switch to Classic View.
c. Double-click Network Connections.
d. Right-click the icon for the local area connection, and then click
Properties.
e. Click Internet Protocol (TCP/IP), and then click Properties.
f. Under Use the following DNS server addresses, type the remote Small
Business Server internal IP address, and then click OK two times.
After you make sure that Windows XP is using a remote DNS server, use the
full DNS domain name when you try to add the computer to the domain. To
determine the DNS domain name, follow these steps:
a. On Small Business Server, right-click My Computer, and then click
Properties.
b. Click the Network Identification tab, and then check the domain name
that is listed.
2. Remove third-party firewall software
a. On the Windows XP-based computer, click Start, and then click Control
Panel.
b. If Control Panel is in Category View, click Switch to Classic View.
d. Double-click Add or Remove Programs.
e. Locate any Internet security or firewall software in the list of
installed programs.
f. If you find an Internet security or firewall program in the list, click
the program, and then click Remove.
Note: The site to site VPN may include firewall, please contact Cisco to
confirm that VPN do not block any TCP or UDP port between two sides.
Meanwhile, when you set up Windows XP on a Small Business Server network,
Microsoft recommends that you add the computer to the domain before you
install any client programs. In particular, do not install Microsoft
Firewall Client (ISA firewall client). If you already installed Firewall
Client, remove the program before you add the computer to the domain.
For your reference:
DNS error when you add a Windows XP-based computer to a Small Business
Server 2000 domain
http://support.microsoft.com/?id=331072
Hope these steps will give you some help.
Thanks and have a nice day!
Best regards,
Terence Liu(MSFT)
Microsoft CSS Online Newsgroup Support
Get Secure! - www.microsoft.com/security
=====================================================
This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the corresponding
newsgroups so that they can be resolved in an efficient and timely manner.
You can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
When opening a new thread via the web interface, we recommend you check the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.
Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In doing
so, it will ensure your issues are resolved in a timely manner.
For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.
Any input or comments in this thread are highly appreciated.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
| Thread-Topic: vpn and joining remote computers
| thread-index: Acd2+kGSx8cZw88BSCeJZ3a4WZDXBQ==
| X-WBNR-Posting-Host: 207.46.19.197
| From: =?Utf-8?B?ZHVrZQ==?= <duke@xxxxxxxxxxxxxxxxxxxxxxxxx>
| Subject: vpn and joining remote computers
| Date: Wed, 4 Apr 2007 13:46:01 -0700
| Lines: 36
| Message-ID: <1FB42B69-8D84-4473-B2F9-FE9B4BC59353@xxxxxxxxxxxxx>
| MIME-Version: 1.0
| Content-Type: text/plain;
| charset="Utf-8"
| Content-Transfer-Encoding: 7bit
| X-Newsreader: Microsoft CDO for Windows 2000
| Content-Class: urn:content-classes:message
| Importance: normal
| Priority: normal
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.2757
| Newsgroups: microsoft.public.windows.server.sbs
| Path: TK2MSFTNGHUB02.phx.gbl
| Xref: TK2MSFTNGHUB02.phx.gbl microsoft.public.windows.server.sbs:27802
| NNTP-Posting-Host: tk2msftsbfm01.phx.gbl 10.40.244.148
| X-Tomcat-NG: microsoft.public.windows.server.sbs
|
| We have just completed a point to point vpn tunnel from our remote office
to
| our home office with two Cisco PIX firewalls.
|
| I can access our server across the wire via private address, and i can
also
| ping it.
|
| I am trying to join A remote computer to the domain, but it looks like it
| cannot resolve our domain name across the wire. Is there another way to
| connect? My error code is below.
|
| Note: This information is intended for a network administrator. If you
are
| not your network's administrator, notify the administrator that you
received
| this information, which has been recorded in the file
| C:\WINDOWS\debug\dcdiag.txt.
|
| The following error occurred when DNS was queried for the service
location
| (SRV) resource record used to locate a domain controller for domain
| kapproservices.local:
|
| The error was: "DNS name does not exist."
| (error code 0x0000232B RCODE_NAME_ERROR)
|
| The query was for the SRV record for
_ldap._tcp.dc._msdcs.MYDOMAINNAME.local
|
| Common causes of this error include the following:
|
| - The DNS SRV record is not registered in DNS.
|
| - One or more of the following zones do not include delegation to its
child
| zone:
|
| MYDOMAINNAMElocal
| local
| . (the root zone)
|
| For information about correcting this problem, click Help.
|
.
- Prev by Date: Re: Application DacEasy won't function if an Administrator ins't l
- Next by Date: Backup Failure - File Replication Service and other errors
- Previous by thread: Re: Application DacEasy won't function if an Administrator ins't l
- Next by thread: Backup Failure - File Replication Service and other errors
- Index(es):
Relevant Pages
|
