Question

Locked

Joining a Domain (Win 2003 Server)

By McIntyreM ·
I am trying to setup a test environment so that I can learn how to
install, manage and maintain a Microsoft network. I successfully
installed a 180-day trial version of Microsoft Windows 2003 Server -
Enterprise Edition. I have also installed all of the critical and high
priority updates. After that, I installed Active Directory, DNS, DHCP,
WINS and File Server.

In Active Directory, I created a computer account. Then in DNS, I
created a Host (A) record for my workstation. The workstation is
running Windows Vista Ultimate Edition. When I try to join this
computer to my domain, I consistently get an error message and I
don't understand why. Would someone be willing to help me figure
this out. The following is a copy of the two types of errors that I
receive.

ERROR - Joining MaxSim1 to the Domain (maximusnet)

Note: This information is intended for a network administrator. If you
are not your network's administrator, notify the administrator that you
received this information, which has been recorded in the file
C:\Windows\debug\dcdiag.txt.

The domain name maximusnet might be a NetBIOS domain name. If
this is the case, verify that the domain name is properly registered
with WINS.

If you are certain that the name is not a NetBIOS domain name, then
the following information can help you troubleshoot your DNS
configuration.

The following error occurred when DNS was queried for the service
location (SRV) resource record used to locate an Active Directory
Domain Controller for domain maximusnet:

The error was: "This operation returned because the timeout period
expired."
(error code 0x000005B4 ERROR_TIMEOUT)

The query was for the SRV record for
_ldap._tcp.dc._msdcs.maximusnet

The DNS servers used by this computer for name resolution are not
responding. This computer is configured to use DNS servers with the
following IP addresses:

192.168.10.10

Verify that this computer is connected to the network, that these are
the correct DNS server IP addresses, and that at least one of the DNS
servers is running.

For more information on how to correct this problem, click Help.


ERROR - Joining MaxSim1 to the Domain FQDN (maximusnet.local)

Note: This information is intended for a network administrator. If you
are not your network's administrator, notify the administrator that you
received this information, which has been recorded in the file
C:\Windows\debug\dcdiag.txt.

The following error occurred when DNS was queried for the service
location (SRV) resource record used to locate an Active Directory
Domain Controller for domain maximusnet.local:

The error was: "This operation returned because the timeout period
expired."
(error code 0x000005B4 ERROR_TIMEOUT)

The query was for the SRV record for
_ldap._tcp.dc._msdcs.maximusnet.local

The DNS servers used by this computer for name resolution are not
responding. This computer is configured to use DNS servers with the
following IP addresses:

192.168.10.10

Verify that this computer is connected to the network, that these are
the correct DNS server IP addresses, and that at least one of the DNS
servers is running.

For more information on how to correct this problem, click Help.

This conversation is currently closed to new comments.

12 total posts (Page 1 of 2)   01 | 02   Next
| Thread display: Collapse - | Expand +

All Answers

Collapse -

Missing SRV records

by p.j.hutchison In reply to Joining a Domain (Win 200 ...

Maybe the SRV records are missing, load the DNS console and check that SRV records have been automatically added to Dns when you dcpromo'd the server.

When setting up a DNS server for first time, make sure that in Computer Name in System control panel, that the full domain is set e.g. .local or .mycompany.com or whatever is set otherwise DNS will not recognise the that the server belongs to that domain (since it is the authoratative server for that DNS zone) and when you dcpromo, it may not add all the SRV records correctly.

See KB 241505 for more info - restart the Netlogon service to ensure SRV records are auto added.

Collapse -

SRV entries look fine

by McIntyreM In reply to Missing SRV records

I looked at the entry for my server in the DNS console. It
looks like it setup properly. Also, when I compare it with
another server that I know is working correctly, this part
looks the same.

Collapse -

I agree with P.J.

One other thought is to make sure you run DCdiag and Netdiag before you setup AD. It will show you what problems you have and you need to fix them before AD will even think about working.

http://technet2.microsoft.com/windowsserver/en/library/108124dd-31b1-4c2c-9421-6adbc1ebceca1033.mspx?mfr=true

Collapse -

Diags don't work

by McIntyreM In reply to I agree with P.J.

When I go to the command prompt on my server and type
"dcdiag" or "netdiag", I get an error saying that these are
invalid commands. They are not recognized as internal or
external commands.

Collapse -

Support Tools

by Michael Kassner Contributor In reply to Diags don't work

As per the link I provided, you need to download the support tools for Win2K3 server.

http://www.microsoft.com/downloads/details.aspx?FamilyId=6EC50B78-8BE1-4E81-B3BE-4E7AC4F0912D&displaylang=en

Collapse -

Since your running DHCP

by CG IT In reply to Joining a Domain (Win 200 ...

you didn't have to create a record in DNS for the client computer. You also didn't have to create a computer account in Active Directory. It's possible the record you created is wrong and that when you try to join the domain, the process also tries to create a record in DNS for the computer thus causing a problem. Further when you join the computer to the domain, the joining process tries to create a computer account in Active Directory and thus also runs into a problem.

Collapse -

Entries removed from AD and DNS

by McIntyreM In reply to Since your running DHCP

I have deleted the computer account that I created in
Active Directory and in DNS. Now I get the following
results when I try to join the domain:

Note: This information is intended for a network
administrator. If you are not your network's
administrator, notify the administrator that you received
this information, which has been recorded in the file
C:\Windows\debug\dcdiag.txt.

The domain name maximusnet might be a NetBIOS
domain name. If this is the case, verify that the domain
name is properly registered with WINS.

If you are certain that the name is not a NetBIOS domain
name, then the following information can help you
troubleshoot your DNS configuration.

The following error occurred when DNS was queried for
the service location (SRV) resource record used to locate
an Active Directory Domain Controller for domain
maximusnet:

The error was: "DNS name does not exist."
(error code 0x0000232B RCODE_NAME_ERROR)

The query was for the SRV record for
_ldap._tcp.dc._msdcs.maximusnet

Common causes of this error include the following:

- The DNS SRV records required to locate a AD DC for the
domain are not registered in DNS. These records are
registered with a DNS server automatically when a AD DC
is added to a domain. They are updated by the AD DC at
set intervals. This computer is configured to use DNS
servers with the following IP addresses:

192.168.10.10

- One or more of the following zones do not include
delegation to its child zone:

maximusnet
. (the root zone)

For information about correcting this problem, click Help.

Collapse -

Several things

by Dumphrey In reply to Entries removed from AD a ...

1) I assume 192.168.10.10 is your dns server?
2) I would delete the root zone if I was you.
3) Have you enabled wins on the domain controller?
4) on your domain controller, in a command line try ipconfig /registerdns and see if that forces a dns record update.
5) try to avoid one word domain names, so instead of maximusnet, use maximusnet.local
This becomes a little more important with exchange, but AD with sometimes poot on these single name space domains.

Collapse -

RE: Several things

by McIntyreM In reply to Several things

1) Yes, that is the IP for my DNS server.
2) When I open the DNS Management console, there is
nothing labeled as "root". What does the error message
refer to when it says "root"?
3) WINS is already enabled and running.
4) No change appears to have ocurred when performing
this DNS update.
5) The actual domain name is already maximusnet.local. I
have used this and just the first part when trying to join
the domain. But neither method works, I just get the
same error message.

Collapse -

DNS is the problem

by CG IT In reply to Entries removed from AD a ...

here is a Microsoft Technet article on how to setup your DNS server for AD.

http://technet2.microsoft.com/windowsserver/en/library/4e1c7b17-16ab-4e7d-a333-15befb15c82e1033.mspx?mfr=true

Follow links in the article for step by step instructions on how to setup your DNS server, roles, records.

Once you have properly setup your DNS server , joining other workstations and server to the domain will work.

note: typically if you run the wizards during setup for Active Directory, the wizard automatically installs and configures DNS for you. Active Directory does not work without DNS. If this is an inital install, I would start over and use the installation wizard for Active Directory which will install and configure DNS for you.

Back to Networks Forum
12 total posts (Page 1 of 2)   01 | 02   Next

Related Discussions

Related Forums