none
Cannot join Vista RC1 to domain.

    Question

  • I have troble joining my computer running Vista RC1 to a domain. The domain server is running Windows 2000 server.

    The error msg is:

    "An attempt to resolve the DNS name of a DC in the domain being joined has failed. Please verify this client is configured to reach a DNS server that can resolve DNS names in the target domain."

    I can browse the network and connect to any computer in the network. The only thing missing is joining my domain.

    Can anyone help?

     

    Tommy

     

    Monday, September 11, 2006 11:50 AM

All replies

  • Stabs in the dark based on my past experiences.  (Better than nothing, especially since they haven't answered MY question about joining a domain in this forum). These attempts assume that you have access to the DC box.

    On the server, enable WINS service.
    On the client, enable WINS and NetBios name lookup (under TCP/IP properties dialog for your LAN connection). 
    Bring down the firewall temporarily on both client/server.  (If this works, it's due to a specific port, probably LDAP related, but I haven't figured out which one.)

    If anyone can explain to me *why* WINS is needed for domain joining, I'd love to learn about it.

    Brian

    Tuesday, September 12, 2006 9:48 PM
  • I had this same problem. I disabled IPv6 on the connection and I was finally able to connect after restarting the connection. Didn't have to use WINS or NetBIOS.

     Good luck.

     -Mike

    Tuesday, September 19, 2006 4:26 PM
  • Interesting. I'll have to try that.

    I think Vista networking disappoints in some respects: if one of the dominos isn't lined up right, it gives you some error that doesn't lead to a resolution.   Home networking has improved, but diagnostics on networking against domain controllers still confuses. Displaying to the user the results of GetLastError() is bad.

     

    Tuesday, September 19, 2006 4:29 PM
  • Brian, are you saying that with DNS properly configured you are still needing WINS and NetBios to join a domain? I am not currently near a Vista machine to test this. On thing I have seen in W2K and XP and W2K3 is that computers are set up with external DNS which can not resolve DCs or they use and external DNS as a secondary DNS server. If it can not connect to the primary DNS it makes the secondary the primary for a period of time and can not find the domain. Accessing DCs is a matter of finding SRV records. The DC itself can not find the domain without DNS and SRV records even if WINS is setup and working. Try and give the DC an external DNS server and internal WINS and open Active Directory Users and Computers, you will get an error message that a domain controller can not be found. I would be shocked if the behavior had changed in Vista. (I have been shocked before)

    Tuesday, September 19, 2006 6:38 PM
  • I heard this (needing WINS/NetBIOS) second hand on a newsgroup forum that I had meant to verify but forgot.  I know it was the case under XP.  I had another problem in joining a domain (in this forum) that I resolved by physically bringing the machine to the same subnet--this was an issue also with XP, but with different error results.  Because it "finally worked" I didn't go back to verify whether the join could have occured w/o NetBios and WINS.

    Question: why do NT domains require a DNS with SRV records?  Where does the traditional IP address/port method of getting a service fail to meet the needs of an NT domain?

    I spent days trying to set up my own DC in Windows Server 2003 to discover that 1. I need WINS and NetBios running, 2. I need to run a DNS with the SRV records (I use the same machine as the DNS server and dcdiag.exe was happy), and 3. I needed to bring down my firewall (the LDAP ones I knew about were not enough).  These points of failure are woefully underdocurmented (perhaps undocumented) in Windows Server 2003.   Experimenting for this long to get something to work is usually a sign of bad design.  Hopefully Longhorn Server, DCs "just work" and when there is a real configuration issue (i.e. beyond the capabilities of the OS to resolve), the error is more informative and the workaround readily available, both from from the admin's perspective as well as the client's persepective.  "It just works" is more than just a selling point, it is the recognition that users don't know or shouldn't know all the operational parameters, and the designer of the software should know more than the user does in terms of diagnostics and self-repair.

    I seriously didn't mean to rant.  I'm starving for knowledgeable people in this area in the forums (Microsoft managers need to take note and get their engineers here from time to time).  I really want to understand this stuff under the hood, and have the right perspective about the actual quality of Active Directory software and its approach to networking.  While I am at it, I have another question: once you take yourself off a Workgroup (e.g. a home network) and onto a domain (e.g. a coroprate network), how can you continue to see all the Workgroup computers and printers from the Vista client?  I know I can use the dynamic IP addresses that were DHCP-assigned in the subnet, but I'd prefer to see the Workgroup as I did before.  Can I be a member of both the domain and a Workgroup, perhaps just a one way membership (I see other Workgroup computers, but they don't see me.)?  If not, why is this the case in Windows?

    Brian

    Tuesday, September 19, 2006 7:18 PM
  • I had the same problem and my DNS server did not have an SRV Resource record. Checked out KBartice 239897 to resolve my DNS issue and all was happy.
    Wednesday, September 27, 2006 4:52 PM
  • Jrod is on the money here. I followed the instruction here ..

     http://support.microsoft.com/kb/239897

    not quite to the tee as 2003 datacenter is a little different.

    I just followed down to 2g and all was good.

    I guess its our DNS forward lookups weren't quite confiqured right.

    Sunday, October 08, 2006 8:25 AM
  • I've an identical problem. Before the RC1 update, my Vista desktop was connected to my 2003 Server (DC/DNS/DHCP) fine.

    On installing the upgrade (to build 5600), my LAN died. I went back to the default WORKGROUP and LAN worked. But now I can't re-join the domain - I get the same error message:

    "An attempt to resolve the DNS name of a DC in the domain being joined has failed. Please verify this client is configured to reach a DNS server that can resolve DNS names in the target domain."

    I've disabled IPv6 (un-ticking the box in Network Properties) but still no luck.

    As far as I can tell, the DC has a SRV Resource record.

    Any help greatfully received!

     

    Friday, November 03, 2006 1:30 PM
  • Do you have WINS enabled on the client?
    Friday, November 03, 2006 1:56 PM
  • Thanks for the prompt reply Brian.

    I think not (can you advise how?) ... "ipconfig /all" tells me:

    Windows IP Configuration

       Host Name . . . . . . . . . . . . : Egg
       Primary Dns Suffix  . . . . . . . : mydomain.local
       Node Type . . . . . . . . . . . . : Hybrid
       IP Routing Enabled. . . . . . . . : No
       WINS Proxy Enabled. . . . . . . . : No
       DNS Suffix Search List. . . . . . : mydomain.local

    Ethernet adapter Local Area Connection:

       Connection-specific DNS Suffix  . : mydomain.local
       Description . . . . . . . . . . . : ULi M526X Ethernet Controller
       Physical Address. . . . . . . . . : 00-13-8F-C5-29-41
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes
       Link-local IPv6 Address . . . . . : fe80::fc77:1d2f:9ca1:5a62%7(Preferred)
       IPv4 Address. . . . . . . . . . . : 192.168.1.7 Preferred)
       Subnet Mask . . . . . . . . . . . : 255.255.255.0
       Lease Obtained. . . . . . . . . . : 03 November 2006 11:59:48
       Lease Expires . . . . . . . . . . : 10 December 2142 21:29:15
       Default Gateway . . . . . . . . . : 192.168.1.1
       DHCP Server . . . . . . . . . . . : 192.168.1.1
       DHCPv6 IAID . . . . . . . . . . . : 184554383
       DNS Servers . . . . . . . . . . . : 192.168.1.2
                                           192.168.1.1
       NetBIOS over Tcpip. . . . . . . . : Enabled

    Tunnel adapter Local Area Connection* 9:

       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
       Physical Address. . . . . . . . . : 02-00-54-55-4E-01
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes
       IPv6 Address. . . . . . . . . . . : 2001:0:4136:e378:180c:22ce:3f57:fef8(Preferred)
       Link-local IPv6 Address . . . . . : fe80::180c:22ce:3f57:fef8%10(Preferred)
       Default Gateway . . . . . . . . . : ::
       NetBIOS over Tcpip. . . . . . . . : Disabled

    Tunnel adapter Local Area Connection*:

       Connection-specific DNS Suffix  . : mydomain.local
       Description . . . . . . . . . . . : Microsoft ISATAP Adapter
       Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes
       Link-local IPv6 Address . . . . . : fe80::5efe:192.168.1.7%11(Preferred)
       Default Gateway . . . . . . . . . :
       DNS Servers . . . . . . . . . . . : 192.168.1.2
                                           192.168.1.1
       NetBIOS over Tcpip. . . . . . . . : Disabled

    192.168.1.1 being the router
    192.168.1.2 being the DC/DHCP/DNS 2003 server

    Friday, November 03, 2006 2:46 PM
  • Is the DC running an WINS server?  I don't know if WINS is the real cause of this error, however. After this I would be out of ideas.

    Friday, November 03, 2006 3:09 PM
  • Yes, the DC is running as a WINS server.

    Is that a good/bad sign?

    Friday, November 03, 2006 3:19 PM
  • Good in the sense WINS should be on.  Bad in the sense that this finding isn't helping you on your problem.

    I noticed that your DNS server is behind a subnet.  I am uncertain if this should work--I don't see why it shouldn't, but its a scenario I've never run across.

    You can also run dcdiag.exe on the server to see if it tells you of any problems.  This is something you download separately.

    Brian

     

    Sunday, November 05, 2006 12:11 AM
  • SOLUTION:

    I had this problem connecting to Server 2003.  In Vista (client machine), i unchecked the IPv6 box in LAN Status box and set WINS to Enable Netbios over TCP/IP.

    Tried to connect to domain again, and voila, it worked...

    Hope this helps...

    Thursday, November 16, 2006 9:05 PM
  • Hi,

    To me, joining vista to a domain is no different than joining an XP SP2 machine to the domain. WINS is not necessary in this situation. You have to make sure that the DC and DNS are up and running and the SRV records are properly created. You can ping and see if you have IPv4 connectivity. Removing IPv6 is not necessary according to my knowledge.

    When you type the domain name make sure you type the "DNS Domain Name" rather than the NetBIOS domain name. If the DNS name of the domain  is "mydomain.local" make sure you type it instead of just "mydomain". NetBIOS name resolution will take different methods defending your network infrastructure (availability of WINS, NBT Node type, multiple subnets ...etc) and it will be slower than DNS if you don’t have the correct infrastructure settings.

    For example, if you have configured your clients to use a WINS server and if the server is not available, the clients will fall back to broadcasts. This might take some time. If your DC and DNS are on another subnet separated by a router, NetBIOS broadcasts might fail and you will not be able to contact the DNS and DC.

    Check your infrastructure settings and see you can connect to the domain again

    This is the output of ipconfig /all which I got by running it on my Vista RC1 (build 5600) running on Virtual PC 2007 beta and is joined to my active directory domain on Windows Server 2003 R2. As you can see, IPv6 is also there.

    C:\Users\Lakmal>ipconfig /all

    Windows IP Configuration

       Host Name . . . . . . . . . . . . : Lakmal-Vista-VPC
       Primary Dns Suffix  . . . . . . . : sa.local
       Node Type . . . . . . . . . . . . : Hybrid
       IP Routing Enabled. . . . . . . . : No
       WINS Proxy Enabled. . . . . . . . : No
       DNS Suffix Search List. . . . . . : sa.local

    Ethernet adapter Local Area Connection:

       Connection-specific DNS Suffix  . : sa.local
       Description . . . . . . . . . . . : Intel 21140-Based PCI Fast Ethernet Adapt
    er (Emulated)
       Physical Address. . . . . . . . . : 00-03-FF-0F-44-7C
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes
       Link-local IPv6 Address . . . . . : fe80::74fe:77fe:7c33:d1e5%10(Preferred)
       IPv4 Address. . . . . . . . . . . : 192.168.169.65(Preferred)
       Subnet Mask . . . . . . . . . . . : 255.255.255.0
       Lease Obtained. . . . . . . . . . : 2006 ????????? ?? 20 ?????? ????? 11:53:0
    8 ??.?.
       Lease Expires . . . . . . . . . . : 2006 ????????? ?? 22 ?????? ????? 11:53:0
    0 ??.?.
       Default Gateway . . . . . . . . . : 192.168.169.1
       DHCP Server . . . . . . . . . . . : 192.168.169.7
       DHCPv6 IAID . . . . . . . . . . . : 234882047
       DNS Servers . . . . . . . . . . . : 192.168.169.7
                                                       192.168.168.4
       Primary WINS Server . . . . . . . : 192.168.169.7
       NetBIOS over Tcpip. . . . . . . . : Enabled

    Tunnel adapter Local Area Connection*:

       Connection-specific DNS Suffix  . : sa.local
       Description . . . . . . . . . . . : isatap.sa.local
       Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes
       Link-local IPv6 Address . . . . . : fe80::5efe:192.168.169.65%11(Preferred)
       Default Gateway . . . . . . . . . :
       DNS Servers . . . . . . . . . . . : 192.168.169.7
                                                       192.168.168.4
       NetBIOS over Tcpip. . . . . . . . : Disabled

    Tunnel adapter Local Area Connection* 2:

       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
       Physical Address. . . . . . . . . : 02-00-54-55-4E-01
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes
       IPv6 Address. . . . . . . . . . . : 2001:0:4136:e37a:141f:f4bd:2308:14fb(Pref
    erred)
       Link-local IPv6 Address . . . . . : fe80::141f:f4bd:2308:14fb%12(Preferred)
       Default Gateway . . . . . . . . . : ::
       NetBIOS over Tcpip. . . . . . . . : Disabled

    C:\Users\Lakmal>

     

    Regards,

    Lakmal

     

    Monday, November 20, 2006 6:56 AM
  • I´m also getting this error :

    "An attempt to resolve the DNS name of a DC in the domain being joined has failed. Please verify this client is configured to reach a DNS server that can resolve DNS names in the target domain."

    Tried everything to solve it, enabled/disable IPv6, enabled/disable Netbios, enabled/disabled Client for MS Networks.

    Nothing solved it.

    I tried everything said in this thread.

    As the first poster, I can see the other computers of the domain I want to join, I can access internet, but I cannot at all add the computer to my office domain.

    I´m using Vista Ultimate Final release.
    I can add any XP or 2000 machine to that domain, but Vista refuses to.

    Any help will be greatly appreciated.

    My ipconfig /all shows the following on the client machine :
    Windows IP Configuration

       Host Name . . . . . . . . . . . . : DESKTOP
       Primary Dns Suffix  . . . . . . . :
       Node Type . . . . . . . . . . . . : Hybrid
       IP Routing Enabled. . . . . . . . : No
       WINS Proxy Enabled. . . . . . . . : No
       DNS Suffix Search List. . . . . . : DOMAINNAME

    Ethernet adapter Local Area Connection:

       Connection-specific DNS Suffix  . : DOMAINNAME
       Description . . . . . . . . . . . : VIA Rhine II Compatible Fast Ethernet Ada
    pter
       Physical Address. . . . . . . . . : 00-17-31-76-84-DF
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes
       Link-local IPv6 Address . . . . . : fe80::3cd7:bf25:e097:a721%8(Preferred)
       IPv4 Address. . . . . . . . . . . : 192.168.0.126(Preferred)
       Subnet Mask . . . . . . . . . . . : 255.255.255.0
       Lease Obtained. . . . . . . . . . : Wednesday, January 24, 2007 6:31:35 PM
       Lease Expires . . . . . . . . . . : Thursday, January 25, 2007 7:25:30 PM
       Default Gateway . . . . . . . . . : 192.168.0.1
       DHCP Server . . . . . . . . . . . : 192.168.0.1
       DHCPv6 IAID . . . . . . . . . . . : 201332529
       DNS Servers . . . . . . . . . . . : 192.168.0.1
       NetBIOS over Tcpip. . . . . . . . : Enabled

    Tunnel adapter Local Area Connection* 6:

       Connection-specific DNS Suffix  . : DOMAINNAME
       Description . . . . . . . . . . . : isatap.DOMAINNAME
       Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes
       Link-local IPv6 Address . . . . . : fe80::5efe:192.168.0.126%10(Preferred)
       Default Gateway . . . . . . . . . :
       DNS Servers . . . . . . . . . . . : 192.168.0.1
       NetBIOS over Tcpip. . . . . . . . : Disabled

    Tunnel adapter Local Area Connection* 7:

       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
       Physical Address. . . . . . . . . : 02-00-54-55-4E-01
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes

    Wednesday, January 24, 2007 9:56 PM
  • In my case, I found that if I bring my computer to the same subnet, I can connect.  This involves a very inconvenient activity of putting my computer in the car, and walking it to a building, etc.  The problem somehow happens because I'm doing it remotely, and there's a non-Windows network in between.  Oh well.  Just wished the windows client gave a more informative error.
    Wednesday, January 24, 2007 10:11 PM
  • That wouldn´t be my problem as I am the same subnet (It´s a small network, a machine running server 2003, and some other windows XP's on the network.
    Thanks for answering tho...
    Thursday, January 25, 2007 11:36 AM
  • Just got the final release (business edition) DVD through and I'm still having the same problems.

    Unchecking IPv6 doesn't help.

    It says it has connected to the domain. But when I restart and tyr to log in, it says there's no DC to authenticate the logon process (or words to that effect).

    (pre-rc2 this never occured)

    Thursday, January 25, 2007 12:12 PM
  • Have you set the NetBios setting under the WINS tab of TCP/IP Settings to "Enable NetBios over TCP/IP?

    I know these different switches shouldn't work, but sometimes i find fiddling with them will eventually get it sorted.

     

     

    Thursday, January 25, 2007 12:21 PM
  • I have and still no luck.

    I can join the domain but on reboot I get the message "There are currently no logon servers available to service the logon request." when trying to login. The only way back online is to leave the domain.

    I've noticed that I can't ping the DNS suffix "mydomain.local". When I add this to the host file with its IP address I can then ping it but I still can't join the domain.

     

    Thursday, January 25, 2007 12:50 PM
  • Have you run dcdiag.exe on the Server 2003 box?

    Is the Windows Server 2003 box acting as the DC also a DNS?  If not, try making it a DNS also, and set the IP address of the server as the primary DNS in your client network setting.

    BTW, I'm really a rookie at this sort of thing.  But since is there is no real expert presence on this forum, half a loaf is better than none. :)

    Brian

    Thursday, January 25, 2007 3:24 PM
  • I'm thankful and greatful for any help Brian.

    I ran dcdiag which returnd the following errors:

         Starting test: NetLogons
             Unable to connect to the NETLOGON share! (\\SERVER\netlogon)
             [SERVER] An net use or LsaPolicy operation failed with error 1203, No network provider accepted the given network path..
             ......................... SERVER failed test NetLogons

          Starting test: systemlog
             An Error Event occured.  EventID: 0x00000457
                Time Generated: 01/25/2007   15:26:37
                (Event String could not be retrieved)
             ......................... SERVER failed test systemlog

    Obviously it's the first error thats interesting but I can't ifnd much support for this report to correct the issue. Any ideas?

    Thursday, January 25, 2007 3:58 PM
  •  Egg wrote:

    I have and still no luck.

    I can join the domain but on reboot I get the message "There are currently no logon servers available to service the logon request." when trying to login. The only way back online is to leave the domain.

    I've noticed that I can't ping the DNS suffix "mydomain.local". When I add this to the host file with its IP address I can then ping it but I still can't join the domain.

     

    Are you trying to join Vista RTM to an AD domain when Vista is on the same physical network, or is this done remotely outside of the corporate LAN?

    Thursday, January 25, 2007 8:47 PM
  • Thanks for your reply.

    Yes, I'm attempting to join a Vista box to an AD domain (2003 box) on a LAN.

    Friday, January 26, 2007 9:39 AM
  • A DCDIAG on my 2003 server returned the following :

    Domain Controller Diagnosis

    Performing initial setup:
       Done gathering initial info.

    Doing initial required tests

       Testing server: Default-First-Site-Name\COMP0
          Starting test: Connectivity
             COMP0's server GUID DNS name could not be resolved to an
             IP address.  Check the DNS server, DHCP, server name, etc
             Although the Guid DNS name
             (863e47e7-5478-41bf-72d8-e2428d2e2aa4._msdcs.COMP.COM)
             couldn't be resolved, the server name (COMP0.COMP.COM)
             resolved to the IP address (192.168.0.100) and was pingable.  Check
             that the IP address is registered correctly with the DNS server.
             ......................... COMP0 failed test Connectivity

    Doing primary tests

       Testing server: Default-First-Site-Name\COMP0
          Skipping all tests, because server COMP0 is
          not responding to directory service requests

       Running enterprise tests on : COMP.COM
          Starting test: Intersite
             ......................... COMP.COM passed test Intersite
          Starting test: FsmoCheck
             ......................... COMP.COM passed test FsmoCheck

    Obviously the problem seems to be with my 2003 and not with Vista after looking at the above error. (Weird that XP and win2000 can be added to the domain without problems).
    However if anyone can help me fixing it (or can point me to a solution) I´d be very grateful.
    Thanks a lot in advance for any help.

    Friday, January 26, 2007 11:39 AM
  • I searched the web and came across this:

    http://searchwincomputing.techtarget.com/tip/0,289483,sid68_gci1107664,00.html?topic=301201

    Of course, I cannot claim that your error is caused by the same problem referred to in that article, but it's worth a shot to look at.

    Brian

    • Proposed as answer by RafaelF82 Friday, April 29, 2011 6:02 PM
    Friday, January 26, 2007 3:07 PM
  • Brian,

    Is is possible to have expert opinion's on this type of thing?! You know what Windows is like... sometimes the same machine built the same way can act totally differently!!

    Still, we can but try! :)

    Stim.

    Friday, January 26, 2007 3:40 PM
  • I feel your pain, Stim. :)  Hopefully, someone with the right contacts can increase expert presence in this forum.
    Friday, January 26, 2007 3:43 PM
  • All that this link mentioned was already set ... this is turning into a right little party!

    Friday, January 26, 2007 3:49 PM
  • As a reasonable next step, I would aggressively search the web using keywords from the error message.   After that... hopefully someone with insight can help.  But you might have to start from the ground up: disable all services, and reenable them.  But I can't say how "clean" this would be (i.e. it may still retain old and invalid settings).
    Friday, January 26, 2007 3:53 PM
  • Brian, thanks a lot, the link you provided fixed my 2003 server problem, then I managed to add Vista to the Domain perfectly.

    BTW, I had to use the Wizard to join a Domain, trying to change it directly with the "to rename or change" option was still failing.

    Thanks a lot for your help man, now I can use Vista more comfortably.
    Friday, January 26, 2007 4:20 PM
  • Pleased to hear that!
    Friday, January 26, 2007 4:29 PM
  • I had the same problem, here is what helped me out, I hope it works for you as well
     
    On the server and Vista client make sure that you enable NetBIOS and WINS over tcp/ip, and make sure to type the address of the server on DNS and WINS.
     
    On the server create a primary forward lookup zone that has the same name as your domain (ex. mydomail.local)
     
    In the command prompt in your server type "net stop netlogon" and then "net start netlogon"
     
    Also turn off the firewall settings in both the server and the client.
     
    If you need clarification on this or step by step instructions just mention it in the forum.
    Be glad to help out
    Wednesday, February 21, 2007 2:45 AM
  • I am also having the same problems. Has anyone tried anything different or additional to fix the problem?

    The computer is brand new and the OS is brand new. I would think Microsoft would give you a break on support but they are charging $245.00.

     

    Anyone?

    Friday, February 23, 2007 6:15 PM
  • FYI, un-ticking the IPv6 box in Network Properties worked for me.
    Friday, February 23, 2007 10:41 PM
  • For almost 3 days of frustration going in and out of this forum.. I finally found a logical / proper way in fixing this thing.  Vista has no bug or what so ever, it's just the way we set our server and DNS... It's all about FQDN implementation instead of being contented in an old fashion way of AD querying.

    I noticed that Vista is also querying AD using FQDN even if you used NetBIOS name unlike previous version of Windows (which I realized after being frustrated, so why use NetBIOS name if I could comply with FQDN?).  Unchecking IPv6 / using local DNS or even Enabling NetBIOS over TCP/IP are not relevant at all.. Well, it could be, if you use the old, conventional way of AD querying... OMHO, even if you use old method, you don't need to tweak those.

     Ok, here's the trick:

    Vista is querying LDAP entry in your domain's SRV record, so you need to add this record properly in your DNS server to make it work.  You also need to open up port 389 / LDAP service (TCP/UDP) in your firewall for incoming queries.  In fact, when you initially setup AD, it automatically add SRV record in your domain (provided that you enable dynamic update) but, you need to verify and make sure that the entry should be in following format:

     _ldap._tcp.dc._mscds.<AD domain name>

     Finally, use <FQDN> instead of <NetBIOS name> when joining a domain.

    Just want to ask you not to get frustrated if it still didn't work after you created an entry... Probable cause could be:

    1) if you're using external DNS, it would take time to propagate your records in the internet.

    2) Your SRV record isn't properly configured... (if you want to know how, just ask and I'll be glad to assist you)

      

    Well, I think FQDN is an innovation in AD querying.  Probably, Microsoft utilizes internet era which I think is logical and beneficial... In this case, you could join the domain where ever you are as long as you have internet connection (which Im doing right now)

    Regards,

    Anthony

    Saturday, February 24, 2007 2:49 PM
  • That is what I found to be the trick. I used KB239897 for details. Anothony, I have been watching this thread since my first reply back in Oct. and you are right on to what may just be the root cause. Many workarounds have gotten machines attached to the domain but the problem may just be DNS from the beginning.
    Saturday, February 24, 2007 10:43 PM
  • Well, for those who doesn't use DNS service in Win2K or 2K3, you need to set it up now to comply with FQDN and use Vista without problem.  Even if you don't have registered domain, you only need to put your DNS server address as your primary DNS (TCP/IP) and everything will be translated and forwarded.  Make sure you set up your DNS properly and everything will go smooth.

    Tuesday, February 27, 2007 3:50 AM
  • I am having the same problem trying to join Vista to my domain. I have tried several things that have been suggested here, enabling netbios and disabling IPv6 ect. but I still can't get it to join. I am new to working in a server 2003 and I don't understand how to implement your solution Anthony. I would appreciate it if you could explain a little how to do what you said. Thanks!
    Tuesday, March 06, 2007 7:20 PM
  • I assume:

    - You host your own DNS Server

    - You own a Fully Qualified Domain Name (ex: myCompany.com)

    - You have static, public IP address.

    - Your Active Directory server / host name is myCompany.com (your FQDN)

    In your myCompany.com's DNS record, add host "A" record  and name it after your AD server's NetBIOS name (ex: myServer). Then, point it to your AD's public Static IP so, it will be reacheable if someone ping myServer.myCompany.com (I didn't say you need to activate PING service as it's not necessary here) from net.

    Open LDAP Service or Port 389 (UPD/TCP) in your firewall for incoming query and port forward to Active Directory server.  Make sure that you also open an access for DNS query (where ever that server may be).

     

    Next, add new domain (within the root domain, myCompany.com), and named it _msdcs (that's it, that new sub domain will read as:  _msdcs.myCompany.com).  Go inside that newly created sub domain and create another sub and name it dc.  Again, go inside that new sub domain (dc._msdcs.myCompany.com) and there, you create SRV record (Service Locator).

    SVR record info:

    domain: dc._msdcs.myCompany.com

    Service: _ldap

    Protocol: _tcp

    Priority: 0

    Weight: 0

    Port Number: 389

    Host Offering this Service: myServer.myCompany.com

     

    Allow records to propagate in the web.. if you couldn't wait.. you could set client's primary DNS (TCP/IP setup) to your DNS server's IP.  When joining domain, use FQDN (myCompany.com) not NetBIOS name (which is myServer).  I hope above instructions are comprehensive enough...

    Wednesday, March 07, 2007 6:23 AM
  • Yes I have a server running windows server 2003 R2 with SP on a 5 computer home LAN. I am an IT college student and I am trying to learn server 2003. I set up AD in the server manager and selected the option to install DNS server. So both Domain controller and DNS server are installed.

    I don't have a FQDN.  Can you just make up your own domain in private LAN?

    I have a verizon DSL connection and I  am not sure if it is a static IP address address or not. Being that I only want my domain in my local LAN, how does this matter?

    With my setup please let me know if your further instructions are applicable. I was able to add my computer to my domain before I installed Vista (with XP pro) thats why I thought Vista was the problem. However I did reinstall server 2003 at about the same time I installed vista, so I guess there is a chance I set up AD differently, but I am pretty sure I set it up the same. I need to try and see if I can get another XP pro computer to join...
    Thursday, March 08, 2007 2:35 PM
  • Yes I have a server running windows server 2003 R2 with SP on a 5 computer home LAN. I am an IT college student and I am trying to learn server 2003. I set up AD in the server manager and selected the option to install DNS server. So both Domain controller and DNS server are installed.

    I don't have a FQDN. Can you just make up your own domain in private LAN?

    I have a verizon DSL connection and I am not sure if it is a static IP address address or not. Being that I only want my domain in my local LAN, how does this matter?

    With my setup please let me know if your further instructions are applicable. I was able to add my computer to my domain before I installed Vista (with XP pro) thats why I thought Vista was the problem. However I did reinstall server 2003 at about the same time I installed vista, so I guess there is a chance I set up AD differently, but I am pretty sure I set it up the same. I need to try and see if I can get another XP pro computer to join...



    I don't know why it duplicated my post! When I tried deleting this post it deleted my other post as well.

    Thursday, March 08, 2007 3:34 PM
  • The problem with Vista is.. it searches SRV records.  WinXP has no problem even if you use NetBIOS name and it doesn't require to check or retrieve SRV records.

    Well there's a way but I haven't tried it yet (logically, it should work).

    In your TCP/IP, use your DNS server local IP as Primary DNS of clients.  Create a bogus domain in your DNS server... do the same procedure I adviced (creating Host "A", sub domain, SRV records, etc)...  However, you might need to point SRV entry to a host with "public" address of your AD server (I tried using local IP but it didn't work). 

    If you have static, that won't be a prob.. 

    But, if you are using dynamic IP, try using a free domain name  and have a small program that would update your "free" domain IP record automatically.  Then use that "free domain" on "Host offering this service" in SRV record.  I don't see any reason, why this wont work.

    Friday, March 09, 2007 6:25 AM
  • For those of you out there who are having this issue trying to join vista to a 2000/2003 domain and are using a wireless router. I'm going to post instructions on how to get this to work. (I'm also assuming you have a DC)

    first off you need to goto the domain controller and pull the ip configuration. ipconfig /all. Look for the ip address assigned to it by the router and write it down.

    Next you will need to setup your server as a dns server. set the ip address from the server (assigned by router) as static on the server. dns setup will automatically prompt you to do so. You will then be asked to setup a forward lookup zone. You will want to set your isp's dns ip address in this zone. Most likely setup will say that it is already configured and will just bypass it. Once the dns is setup on the server goto the client Vista machine and set the local area connection (ip4) to use the primary dns entry as the dns servers ip address. You may need to disable the ipv6 entry so that windows does not have any conflicts. You may also want to set the default gateway ip address from your router in the ip4 settings as well. Once this is completed join the Vista client to your domain.

     

     

    Saturday, March 17, 2007 7:04 PM
  •  

    I have troble joining my computer running Vista business client  to a domain. The domain server is running Windows 2003 server.

    The error msg is:

    "An attempt to resolve the DNS name of a DC in the domain being joined has failed. Please verify this client is configured to reach a DNS server that can resolve DNS names in the target domain."

    I can browse the network and connect to any computer in the networ. The only thing missing is joining my domain.

    Can anyone help?

     

    Idrees

    Wednesday, March 28, 2007 10:29 AM
  •  

    Dear Sir,

    I have troble joining my computer running Vista RC1 to a domain. The domain server is running Windows 2003 server.

    The error msg is:

    "An attempt to resolve the DNS name of a DC in the domain being joined has failed. Please verify this client is configured to reach a DNS server that can resolve DNS names in the target domain."

    I can browse the network and connect to any computer in the network. The only thing missing is joining my domain.

    Can anyone help?

     

    Idrees

    Wednesday, March 28, 2007 11:30 AM
  • I had this problem too. I couldn't join my DC which is running in 2003 Server. Disabling IPV6 and setting WINS to Enable Netbios over TCP/IP in my computer wouldn't help at all.  However, the problem was solved when I installed IPV6 protocol in the 2003 Server. Funny thing but it worked for me. I guess Vista is bound to use IPV6 afterall.
    Tuesday, April 03, 2007 10:36 AM
  • Udrees

     

    Yes, we can help.., But first you need to read the thread.. This issue is no longer an issue as far as I know.

     

    I did what I know the right way to manage Active Directory this is the use of SRV records (see my post instructions and messages).  I have managed to upgrade my 4 networkings in different firms (Win2k3 with Vista and WinXP).  I no longer see that message because I know I did what is supposedly the way to set AD.  It's kinda cool because I could connect to my AD server in other country using my method (under vista platform).

     

    You could also try some of our member's tips and tricks.  Mine is a little bit complicated, but I would say compliance with vista's new way of connection.

     

    I've read within this thread that activating IPv6 in server side did the trick.. maybe you could try that too...

    Wednesday, April 04, 2007 4:57 AM
  •  Andyjb wrote:


    I don't have a FQDN.  Can you just make up your own domain in private LAN?

     

     

    You can just make up a domain name, but to be sure it won't clash with an Internet domain name you should end it with .local, e.g. mydomain.local

     

    You also need to make sure that all your LAN clients are using the Domain Controller as a DNS server, rather than your ISP's server.

    Wednesday, April 04, 2007 10:55 AM
  • this didn't seem to help me.  any other ideas on why this won't connect?  I'm getting the same error message as the original poster above and nothing seems to work.  All XP machines have connected perfectly to the domain without a hitch.

     

    Thursday, June 14, 2007 6:52 PM
  • this worked like a charm - thank you!!
    Wednesday, July 25, 2007 6:27 PM
  • I have a problem to the same you. I can't change from workgroup (my computer is used to Win Vista ultimate) to domain. When i connect to our LAN - it appears to error : "Your computer could not be joined to the domain because the following error has occurred. An attempt to resolve the DNS name of a DC in the domain being joined has failed please verify this client is configured to reach a DNS server that can resolve DNS name in the target domain". Althought, I have informed to our domain, TCP/IP v4ip for my computer. My computer is used to Win Vista ultimate and the server is used to Win Server 2003. Please help me! Thks!

    Monday, August 13, 2007 9:25 AM
  • I had the same problem. I just  added IP address of my Domain W2K3 Server to TCP/IP properties in Network Card as Preferred DNS Server, and I could switch from Workgroup to Domain.
    After logon 1st time, System will create new profile. Go back to TCP/IP Setting and switch DNS to-> Obtain DNS server address automatically.
    That's all.

    Alan
    Wednesday, September 05, 2007 4:18 PM
  • use server ip address as u r preffered dns and then it works

     

    Monday, December 24, 2007 12:26 PM
  • after i change preffered dns to server ip... it WORK... thanks M.Arun_kumar

     

    regards

    stephen

    Tuesday, March 18, 2008 1:05 AM
  • Lê,

    I don't speak english, but i'll try to explain what worked for me.
    Had the same problem, then I did this, went to the LAN properties then at TCP/IPv4 put my static IP and the DNS just like we used to do it in XP, and at the other protocol TCP/IPv6 went to advanced options and at the tab DNS added the server IP address, after that joined the domain just fine.

    Wednesday, March 26, 2008 6:23 PM
  •  Brian Kramer wrote:

    I searched the web and came across this:

    http://searchwincomputing.techtarget.com/tip/0,289483,sid68_gci1107664,00.html?topic=301201

    Of course, I cannot claim that your error is caused by the same problem referred to in that article, but it's worth a shot to look at.

    Brian

     

    This article fixed my issue with Vista not joining a windows server 2003 domain, although my windows 2003 settings were already correct - so the fix was either flush/register of the DNS (step 6) or "netdiag /fix" (step 10).

     

    Thanks Brian for your help,

     

    Mattcleeds

    Monday, June 16, 2008 2:08 PM
  • I am having the same problem. 

    This is a on a brand new install of WS2k3.  The DNS is properly configured, the srv records are all in correctly, firewall's are all off.  Wins is on, Netbios is setup on both server and client, can't ping to fqdn but can ping to netbios name (it takes it a minute but it does it eventually).  As far as I can tell, everything is setup correctly on this.  The dcpromo process took care of the  DNS and AD creation.  XP machines can connect with no problems.  I have looked through a ton of information on this and tried everything (including all that was mentioned above) even adding ipv6 on the server with no success. What is crazy is that I have another domain that the machine can connect to.  I have checked every setting I can think of and they are all identical (except obvious differences such as ip's and domain names).  Literally having the two screens side by side and comparing everything, running services, installed components, configured settings.  The other server is running SBS and this one is running Enterprise but it shouldn't make a difference.  All of the updates are installed.

    So!

    Any epiphanous ideas anyone would like to throw out there?  Because I'm seeming to hit dead ends everywhere I look.

    I felt I should also add that the event log is clean and netdiag and dcdiag come up clean with no problems.  DNS information is configured correctly in the servers IP settings and the clients.  DHCP was being used to push the settings but switched it over to Static for the client and still no change.

    Sunday, August 17, 2008 4:40 AM
  • I'm having the identical message on my new SBS R2 network with seven machines with Vista Business.  Did you get this resolved?  Any directions would be great, thank you, David

    Friday, August 29, 2008 11:17 AM
  • I did get it resolved!

    It ended up being bad firmware on one of the NIC's.  The crazy thing was that everything else seemed to work, internet, file transfer, etc.  It just would not allow anything with Vista to log onto the network (XP worked on some machines but not others).  Reflashed the NIC's and reset them and then everything took off.  I have a sneaking suspicion it might have to do with a bad teaming setup that was removed but I'm not sure.

    Prior to that however I did have a problem with the TCP/IP settings in windows on the server.  I ended up having to reinstall TCP/IP which opened up internet connectivity to the server from other PC's but it didn't fix the problem.  You might also want to try a different switch if they are all on the same one.

    I would recommend trying everything that people have already mentioned, ensuring DNS is working properly, checked your NETDIAG and DCDIAG for errors and correcting them and checking the event monitor for any errors.  There is also a really nice packet sniffer that MS has called Network Monitor V3.1 which can be downloaded here http://www.microsoft.com/downloads/details.aspx?familyid=18b1d59d-f4d8-4213-8d17-2f6dde7d7aac&displaylang=en it might be of value to you.  With mine it showed that the server was just not responding to queries that the clients were making.

    If you need any other help please post back here and I will do what I can to assist you!  Also post your solution when you get it working.

    Thanks!

    Ben.

    Friday, August 29, 2008 8:08 PM
  • Hi there,

     

    I had the same issue.

    Error message:

    An attempt to resolve the DNS name of a DC in the domain being joined has failed. Please verify this client is configured to reach a DNS server that can resolve DNS names in the target domain.

     

    I did follow Brian's recommendation by disabling firewall on both client and server, enabling WINS on client, setting up WINS server on the server, disabling IPV6 on both server and client NICs. I did reconfigure DNS server, stopping the net logon service with: net stop netlogon and then starting the service with net start netlogon, flushing DNS config with ipconfig /flushdns from the client machine and then ipconfig registerdns, guess what, still I had no success.

     

    To cut the story short, I did change the dynamically assigned client ip to static ip, then tried to join the DC and voila... Welcome to DC message

     

    PS. my Server is Win2k8 32bit version and I was trying to join Window vista ultimate to DC.

     

    Even though it makes no sense of why it did not work for me in the first place, I think you might want to try this maybe it will work for you too.

     

    Let me know if that helped

     

    cheers


    Vayanga Camara

    Sunday, September 14, 2008 2:42 PM
  • Hello,
    I had the same problem when trying joining Vista to a domain (Windows 2008 Server):

    "An attempt to resolve the DNS name of a DC in the domain being joined has failed. Please verify this client is configured to reach a DNS server that can resolve DNS names in the target domain."

    My solution was to assign static IP to both server and client, disable IPv6 (router isn't compatible anyway), also enable forwarding ports used by SRVs (found in DNS settings) in my router: _gc tcp 3268; _kerberos tcp & udp 88; _kpasswrd tcp & udp 464; _ldap tcp 389.

    Joined the domain in first try.

    Sorry for my english, isn't very good.

    Thursday, September 18, 2008 4:00 PM
  • 1. Disable all firewalls.

    2. Creat special built-in Administrators account on the 2003 Server to avoid using the Administrator account as non-extant pass through authentication in Vista SP1.

    3. Use static IP address on workstation--including ip, subnet, gateway, dns. (Note: Usually dns IP = gateway IP).

    4. Connect to domain from workstation using account login from step 2.

     

    I am running a Windows Server 2008 x64 Hyper-v private virtual network with VMs x86 Windows Vista SP1 and x86 Windows Server 2003 R2 SP2. Windows Server 2003 R2 SP2 is new with ADS DC, DHCP and DNS. No Security Configuration Wizard.

     

    No problem with Windows XP SP3.

     

    I did not:

    1. Disable IPV6 on Vista SP1.

    2. I did not use KB 239897.

    3. I did not modify WINS or go into the advanced properties of the TCP/IP V4 properties.

     

    Notes:

    * Problematic: Modifying static IP address of the Windows Server 2003 R2 SP2. Use Hyper-V snapshots to revert to an unmodified IP server.

    * Windows Vista does not have the Guest account enabled by default--linked to the Local Security Policy Network Access: Not Classic--linked to File Sharing--linked Workgroup Pass-through authentication.

     

     

     

     

     

     

    Monday, October 06, 2008 11:54 PM
  • i have a lot of trouble to settle this problem, finally i can solve this problem. if you go trought all the reply in this forum and follow all the setting, if you lucky u problem can settle.

    U dindn’t have to disabled IPv6 on the connection and Didn't have to use WINS or NetBIOS. What you must do is:-

     

    1-     You must active your administrator account and than logon as administrator.

    2-     In system properties, you must field the Primary DNS suffix on this computer: with your doman name. eg, microsoft.com and than tick the box Change primary DNS suffix when domain membership changes. Must restart after this setting.

    3-     You must edit file hosts. Default location is :

    MyComputer/Local C/Windows/System32/Drivers/etc/hosts(open with notepad)

    -       Remember if you logon as user/administrator you cannot edit this file.

    4-     End of line:-

    127.0.0.1           localhost

    ::1                    localhost

    192.168.1.1       server.microsoft.com

    Red - IP Server

    Green - Computer Server Name

    Blue - Domain Name

     

    That's all i have to do, and i finally can join all vista to my domain.

     

    Osman

     

     

    Sunday, October 19, 2008 2:24 PM
  • Great stuff Osman whent through your instructions and it all worked.

    Well just to make sure I reinstalled Vista and just did the    "you must field the Primary DNS suffix on this computer: with your doman name. eg, microsoft.com and than tick the box Change primary DNS suffix when domain membership changes. Must restart after this setting."

    And hey presto it all worked just by doing that and nothing else cheers M8.

    Mick Rice ICT Liverpool.

     

    Friday, November 21, 2008 1:28 PM
  • I was able to resolve this issue by insuring that my primary DC was the first in the DNS list (ad integrated).  I had this reveresed by mistake (note this is on my home test lab) - so my router to the internet was first, followed by test DC.  Reversed this and was able to join domain just fine.

     

    Sunday, December 07, 2008 3:39 PM
  • Hi ,

    Problem got solved after changes done in system propeties for primary DNS suffix of this computer

    Shrini
    Saturday, March 21, 2009 7:33 AM
  • i have a lot of trouble to settle this problem, finally i can solve this problem. if you go trought all the reply in this forum and follow all the setting, if you lucky u problem can settle.

    U dindn’t have to disabled IPv6 on the connection and Didn't have to use WINS or NetBIOS. What you must do is:-

     

    1-     You must active your administrator account and than logon as administrator.

    2-     In system properties, you must field the Primary DNS suffix on this computer: with your doman name. eg, microsoft.com and than tick the box Change primary DNS suffix when domain membership changes. Must restart after this setting.

    3-     You must edit file hosts. Default location is :

    MyComputer/Local C/Windows/System32/Drivers/etc/hosts(open with notepad)

    -       Remember if you logon as user/administrator you cannot edit this file.

    4-     End of line:-

    127.0.0.1           localhost

    ::1                    localhost

    192.168.1.1       server.microsoft.com

    Red - IP Server

    Green - Computer Server Name

    Blue - Domain Name

     

    That's all i have to do, and i finally can join all vista to my domain.

     

    Osman

    Thanks osman for your instruction it is work for me all fine.

    eRick

     

     


    • Proposed as answer by mufasazazu Thursday, January 07, 2010 9:22 AM
    Monday, May 18, 2009 8:41 AM
  • set the DNS server to have a static IP Address (Servers Address) on the client machine and you are good to go. Thnx
    Thursday, January 07, 2010 9:24 AM
  • Hi Guys,

    Had a similar problem with WIN2008 not getting added to domain and was getting the below error. Tried all the possiblities which has been gn above. However stil the issue was not resolved. Therefore one of ma team mate checked and resolved the issue.....

    Error : An attempt to resolve the DNS name of a DC in the domain being joined has failed. Please verify this client is configured to reach a DNS server that can resolve DNS names in the target domain."

    Resolution:   The Backup NIC was pointing to an incorrect Subnet Mask

    Not sure if this can help u guys....

     

    Thursday, June 03, 2010 11:09 AM
  • i found a solution

    just put the ip address of the DC machine in the DNS section of the network connection.

    it seems to be because the DC is not registered in the current DNS server's list.

    Tuesday, June 15, 2010 5:33 AM
  • i found a solution

    just put the ip address of the DC machine in the DNS section of the network connection.

    it seems to be because the DC is not registered in the current DNS server's list.


    Hi Jaackov,

    The settings you described are actually the proper way to have all internal AD machines (DCs, member servers and client machines) configured, that is to only use the internal DNS server that hosts the AD zone. Otherwise, if using a different server, such as an ISP's DNS server, or say the router's IP address as a DNS address, it will definitely cause numerous problems with Active Directory DC to DC and client to DC communications.

    I have a blog on AD's reliance on DNS, posted below. I hope you and others find it helpful.

    Active Directory and Its Reliance on DNS, and using a DNS address that doesn't host a copy of the AD zone, nor does it have a reference to the AD zone.
    http://msmvps.com/blogs/acefekay/archive/2009/08/17/ad-and-its-reliance-on-dns.aspx

    Ace

     


    Ace Fekay, MVP, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007, MCSE & MCSA 2003/2000, MCSA Messaging 2003, Microsoft Certified Trainer, Microsoft MVP - Directory Services. This posting is provided AS-IS with no warranties or guarantees and confers no rights.
    Wednesday, June 23, 2010 8:56 PM
  • this is an easy fix. make sure that the primary dns is pointing to the domain controllers IP address
    Thursday, January 06, 2011 10:19 AM
  • This is for Windows 7, but clearing the IPV6 option for the adapter fix my issue.

     

    Saturday, March 05, 2011 9:43 PM
  • I'm not sure what all the confusion is with joining a machine to a domain. Simply put, if you notice some of the ipconfigs that were posted, some of the DNS addresses show they are pointing to their gateway/router address. In some instances, some admins will configure their ISP's DNS servers in their machines (Comcast, Verizon, or whatebver you have).

    Simply put, you can't do that.

    To explain, AD relies on DNS. Period. So when you join a machine, it tries to "find" Active Directory resources by asking DNS, "where is my domain controller for the AD domain I want to join?" If you're asking your router this question, does it know the answer?

    Let's say when you went to bed, you know your refridgerator had a full case of beer in it chilling for tomorrow's party. No one else is in the house. You wake up come to find the beer is all gone. You walk out front and you ask the first person you see, a neighbor that you've never talked to before, and you yell out, "Hey, where is my beer?" Does he have the answer? I guess if you see the look on his face, you'll no he doesn't. Same with asking your router or your ISP about where your AD domain resources are.

    • And no, WINS is not the answer.
    • And no, disabling IPv6 is not the answer.

    To gain a better understanding of what's going on with AD and its DNS reliance, please read the following:

    Active Directory's Reliance on DNS, and why you should never use an ISP's DNS address or your router as a DNS address, or any other DNS server that does not host the AD zone name
    http://msmvps.com/blogs/acefekay/archive/2009/08/17/ad-and-its-reliance-on-dns.aspx

     

    I hope everyone finds this helpful.

    Ace


    Ace Fekay
    MVP, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007, MCSE & MCSA 2003/2000, MCSA Messaging 2003
    Microsoft Certified Trainer
    Microsoft MVP - Directory Services

    This posting is provided AS-IS with no warranties or guarantees and confers no rights.

    Sunday, March 06, 2011 12:07 AM
  • Hello Tommy ,

    1) Please give a static IP address in case if your vista machine is not getting a IP from the DHCP server.

    2) Please try pinging the DNS server by FQDN , by IP and by netbios name.

    3)Please try to access shares locates on a domain controller and the dns server by doing \\DC.

    4)Please do a NSLOOKUP on the client machine and try resolving the DNS and DC by putting in IP addresses.

    5)If the above 5 works fine all you need is the correct admin user id and password.

    6)If all abover are working fine and still you are unable to join vista machine to the domain then disable IPV6 - reboot the vista machine and try again - this should work!

    Thanks
    Rajesh

    Friday, June 10, 2011 11:54 AM