General discussion

Locked

Domain

By ingulkarvj ·
Hi everybody ,
for last 2 to 3 days i m facing strange problem, i
m having windows 2000 server SP4 with around 100 clients (win xp ), the problem is,i m not able to add any new machine to domain. it keeps giving me errors eg. comp name already exists on domain, or u don't have rights.i have updated my server but still no use, also tried for viruses but nothing seems to working. PLSssss help me !!!!!!!!!!!


Thanks in advance

This conversation is currently closed to new comments.

4 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

by Neil Cotton In reply to Domain

I know this sounds silly, and you probably gonna hit me for saying this....you aren't trying to add machines who's name on the domain site already exist are you? Also, if you are getting errors that you don't have permission to add, make sure that you are logging on with the AD machine administrators account, and not a newly created domain user account that was created and called Admin, but not part of the localgroup Administrators group. An AD server request ACLs for the "net localgroup Administrators" group. Not domain admins. You can use domain admins, but you will need to add the domain\adminuser to the localgroup Administrators.

To check local groups......go to cmd and type
"net localgroup Administrators"

to add to this list...
"net localgroup Adminstrators domainname\domainuser /add"

and that is Administrators (plural, with an S)

Having loged on with a local or domain user account, you can view the group list (the first cmd command line) with any user. However, only a member of the Administrators group can add to any other group. The only accounts that are defaulted to local administrators are:
Administrator (local machine account created at Windows install) and
domainname\Administrator and the group
domainname\Domain Admins

if you can not create a new user in the group, then you are logged in as a user not in Administors group.

Collapse -

by Neil Cotton In reply to Domain

I know this sounds silly, and you probably gonna hit me for saying this....you aren't trying to add machines who's name on the domain site already exist are you? Also, if you are getting errors that you don't have permission to add, make sure that you are logging on with the AD machine administrators account, and not a newly created domain user account that was created and called Admin, but not part of the localgroup Administrators group. An AD server request ACLs for the "net localgroup Administrators" group. Not domain admins. You can use domain admins, but you will need to add the domain\adminuser to the localgroup Administrators.

To check local groups......go to cmd and type
"net localgroup Administrators"

to add to this list...
"net localgroup Adminstrators domainname\domainuser /add"

and that is Administrators (plural, with an S)

Having loged on with a local or domain user account, you can view the group list (the first cmd command line) with any user. However, only a member of the Administrators group can add to any other group. The only accounts that are defaulted to local administrators are:
Administrator (local machine account created at Windows install) and
domainname\Administrator and the group
domainname\Domain Admins

if you can not create a new user in the group, then you are logged in as a user not in Administors group, and therefore, will not be able to add anything in AD Manager.

Collapse -

by rickrbyrne In reply to Domain

Hi,

here is a link to add a computer to a domain
http://support.microsoft.com/kb/q295017/

Now the problem with your name already exist. What you need to do is go into the Active Directory users and computers, and under the computer container or the OU that you put your computers in, make sure that none of the computer names that you are trying to add exist in that container or OU. If they do delete them. Also, when you change from a workgroup to a domain, you need to changed the computer name (to what you want it to be) then make it a different workgroup, it will then ask you to restart. After the restart you then need to go in and change the computer from the workgroup to the domain you wish to join. After you do this you need to restart again. Also you want to make sure that you have permissions to add new computers to the Domain. You will either need to be a Domain Admin or give the user account that you are using to add the computers to the domain "Add workstations to domain right".

Hope that helped
Rick

Collapse -

by John-A In reply to Domain

An addendum to Rick Byrnes' answer 2... Right click on your domain in AD and try a FIND for the computer name. You may find that the computer has made it's way into an OU that you did not expect.

Back to Windows Forum
4 total posts (Page 1 of 1)  

Related Forums