Can't join Win 7 PC to domain
-
Saturday, January 14, 2012 5:54 AMMy network consists of a Win 2003 DC with a Win 2008 server and an XP client (VM) joined to the domain.
When I try to add a Win 7 PC to the domain I get the error message:
DNS was successfully queried for the service location (SRV) resource record used to locate a domain controller for domain "dbtaylor.dev":
The query was for the SRV record for _ldap._tcp.dc._msdcs.dbtaylor.dev
The following domain controllers were identified by the query:
dtserver2.dbtaylor.dev
However no domain controllers could be contacted.
Common causes of this error include:
- Host (A) or (AAAA) records that map the names of the domain controllers to their IP addresses are missing or contain incorrect addresses.
- Domain controllers registered in DNS are not connected to the network or are not running.
==========================================
ipconfig/all for Win 7 client PC
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.
C:\Users\dreddog>ipconfig/all
Windows IP Configuration
Host Name . . . . . . . . . . . . : DTWS1
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8168C(P)/8111C(P) Family PCI-E
Gigabit Ethernet NIC (NDIS 6.20)
Physical Address. . . . . . . . . : 00-1F-C6-04-9D-C1
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::ac53:29ff:ebcc:7b13%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.5(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Friday, 13 January 2012 07:09:30 PM
Lease Expires . . . . . . . . . . : Saturday, 14 January 2012 07:09:31 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 234889158
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-A2-5F-83-00-1F-C6-04-9D-C1
DNS Servers . . . . . . . . . . . : 192.168.1.6
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter isatap.{35D3524A-A328-4F0D-ABC5-277B595B2688}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 9:
Connection-specific DNS Suffix .
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:18d1:331b:3f57:fefa(Preferred)
Link-local IPv6 Address . . . . . : fe80::18d1:331b:3f57:fefa%13(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
==========================================================
ipconfig/all for domain controler
Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.
C:\Documents and Settings\Administrator.DTSERVER2.000>ipconfig/all
Windows IP Configuration
Host Name . . . . . . . . . . . . : dtserver2
Primary Dns Suffix . . . . . . . : dbtaylor.dev
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : dbtaylor.dev
Ethernet adapter Local Area Connection 3:
Connection-specific DNS Suffix . : dbtaylor.dev
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 90-E6-BA-A2-70-1F
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.6
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 192.168.1.6
Thanks for your assistance,
DT
All Replies
-
Saturday, January 14, 2012 6:03 AM
This problem common Related :
1- Direct your DNS client to DC IP. (Type DC IP Static in TCP/IP Properties in preferred DNS)
OR
2- Checking Antvirus (try disable it)
3- Checking Firewall (try disable it)
Mohamed Abd Elhamid Abd Elaziz Microsoft System Administrator My blog: http://Mabdelhamid.wordpress.com/- Edited by M.Abdelhamid Saturday, January 14, 2012 8:04 AM
-
Saturday, January 14, 2012 6:37 AM
It seems that DHCP client are not able register dns record refer below link.
http://www.computing.net/answers/windows-2003/dhcp-not-updating-the-ptr-records/9499.html
http://social.technet.microsoft.com/Forums/fi-FI/winserverNIS/thread/d588af29-a6e3-40f3-9f6e-15f7762ad12c
Since Ip address is assigned by dhcp,assign Static IP address and check the same.
Also ensure that Register this connection's address in DNS is checked in the TCPIP setting of DNS tab.
Disable unrequired NIC if multiple NIC is present on the Clent PC.
Hope this helpsRegards,
Sandesh Dubey.
-------------------------------
MCSE|MCSA:Messaging|MCTS|MCITP:Enterprise Adminitrator
My Blog: http://sandeshdubey.wordpress.com
This posting is provided AS IS with no warranties, and confers no rights.
- Edited by Sandesh DubeyMicrosoft Community Contributor Saturday, January 14, 2012 6:55 AM
-
Saturday, January 14, 2012 11:47 AM
Hello,
are you able to ping the DC with ip address, computername and FQDN?
Is the DC listed in the forward lookup zone with A and Nameserver record and are all SRV records located in the folder structure?
Do you use secure dynamic updates on the DNS zones?
DO you use also a reverse lookup zone for the 192.168.1.x network?
Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights. -
Saturday, January 14, 2012 2:38 PM
are you able to ping the DC with ip address, computername and FQDN?
Yes
Is the DC listed in the forward lookup zone with A and Nameserver record
Yes
and are all SRV records located in the folder structure?
Not sure.
Do you use secure dynamic updates on the DNS zones?
Yes
DO you use also a reverse lookup zone for the 192.168.1.x network?
YesDT
- Edited by DRedDog Saturday, January 14, 2012 3:55 PM
-
Sunday, January 15, 2012 7:17 AMModerator
Can you try to disable local windows firewall service on both the DC and the problem client machine as well as any security software like antivirus etc temporarily to verify if they are not the cause of the problem. Verify the connectivity between DC and client first and also see to it firewall is not blocking the ports.
Troubleshooting DNS server issues.
http://technet.microsoft.com/en-us/library/cc787724%28WS.10%29.aspx
Troubleshooting domain join issues
Regards
Awinish Vishwakarma
MY BLOG: http://awinish.wordpress.com/
This posting is provided AS-IS with no warranties/guarantees and confers no rights. -
Sunday, January 15, 2012 11:46 AM
Hello,
the DNS looks ok, what about the firewall Awinish suggested and also the provided articles?
Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights. -
Monday, January 16, 2012 1:19 AM
NetSetup.log ==>
=======================
01/15/2012 20:49:11:033 -----------------------------------------------------------------
01/15/2012 20:49:11:064 NetpValidateName: checking to see if 'DBTAYLOR.DEV' is valid as type 3 name
01/15/2012 20:49:26:077 NetpCheckDomainNameIsValid for DBTAYLOR.DEV returned 0x54b, last error is 0x0
01/15/2012 20:49:26:077 NetpCheckDomainNameIsValid [ Exists ] for 'DBTAYLOR.DEV' returned 0x54b
01/15/2012 20:57:41:873 -----------------------------------------------------------------
01/15/2012 20:57:41:873 NetpValidateName: checking to see if 'DBTAYLOR.DEV' is valid as type 3 name
01/15/2012 20:57:56:885 NetpCheckDomainNameIsValid for DBTAYLOR.DEV returned 0x54b, last error is 0x0
01/15/2012 20:57:56:885 NetpCheckDomainNameIsValid [ Exists ] for 'DBTAYLOR.DEV' returned 0x54b
========================Will someone please interpret? Is this relevant to my problem?DT -
Monday, January 16, 2012 2:17 AM
I can join the domain if I disable the firewall on the Win 2003 DC. How do I configure the DC's firewall for normal operation?
DT
-
Monday, January 16, 2012 3:02 AMModerator
Hi,
Please refer to the below link for ports needed for DC:
Active Directory Firewall Ports - Let's Try To Make This Simple
Best Regards,
Yan Li
Yan Li
TechNet Community Support
- Marked As Answer by Yan Li_Microsoft Contingent Staff, Moderator Thursday, January 19, 2012 1:52 AM
-
Monday, January 16, 2012 7:42 AM
Hello,
for AD required ports see: http://technet.microsoft.com/en-us/library/dd772723(WS.10).aspx
You can configure the firewall ports with GPOs for the machines. http://technet.microsoft.com/en-us/library/bb490626.aspx
Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.- Edited by Meinolf WeberMVP Monday, January 16, 2012 7:43 AM
- Marked As Answer by DRedDog Wednesday, January 18, 2012 3:33 PM
-
Monday, January 16, 2012 7:44 AM
I would recommend to disable the windows firewall group policy if any on DC and disable the windows firewall service.
Also ensure the required firewall port is open on h/w firewall.
http://technet.microsoft.com/en-us/library/dd772723%28WS.10%29.aspx
Later if all goes well you can deploy the window firewall again.
http://technet.microsoft.com/en-us/library/bb490626.aspx
http://technet.microsoft.com/en-us/library/bb457149.aspxRegards,
Sandesh Dubey.
-------------------------------
MCSE|MCSA:Messaging|MCTS|MCITP:Enterprise Adminitrator
My Blog: http://sandeshdubey.wordpress.com
This posting is provided AS IS with no warranties, and confers no rights.- Marked As Answer by DRedDog Wednesday, January 18, 2012 3:32 PM
.png)
