locked
2008 Server clients cant join domain - Network location can not be reached

    Question

  • After installing Win 2008 Server and creating a fresh tree in a new forest clients can not join domain.  Internet & exchange2007(on the dc) work fine.  The Error after entering a valid domain admin user and pass comes back: myhqdn.com: network path not found.  Can ping domain controller from client by fqdn adn IP. 
    Both machines are Compaq Proliant ML350G3's Nics are Broadcom7760's
    Clearly the client can see the domain controller.AD seems fine as does DNS.  Have tried reinstalling more than one and changed the box the DC is on.
    Diag output is below
    DCdiag on the domaincontroler is clean no errors.
    DCdiag from the client produces:
    Ive tried several client pc's and reinstalling the OS etc....
    The NIC driver has been reinstalled and is the suggsted one for 2008 from HP
    Both WinFirewalls are off.
    Both can reach the internet.
    Client is setup with the DNS IP of the DC in question.
    DHCP is on in the DC.
    Can remote desktop (mstsc) to the DC from the Client.


    C:\Users\Administrator.NICE.000>dcdiag

    Directory Server Diagnosis

    Performing initial setup:


    C:\Users\Administrator.NICE.000>dcdiag /s:sete.myfqdn.com

    Directory Server Diagnosis

    Performing initial setup:
       * Identified AD Forest.
       Done gathering initial info.

    Doing initial required tests

       Testing server: Default-First-Site-Name\SETE
          Starting test: Connectivity
             ......................... SETE passed test Connectivity

    Doing primary tests

       Testing server: Default-First-Site-Name\SETE
          Starting test: Advertising
             Fatal Error:DsGetDcName (SETE) call failed, error 1722
             The Locator could not find the server.
             ......................... SETE failed test Advertising
          Starting test: FrsEvent
             ......................... SETE passed test FrsEvent
          Starting test: DFSREvent
             There are warning or error events within the last 24 hours after the
             SYSVOL has been shared.  Failing SYSVOL replication problems may caus
             Group Policy problems.
             ......................... SETE passed test DFSREvent
          Starting test: SysVolCheck
             [SETE] An net use or LsaPolicy operation failed with error 53,
             The network path was not found..
             ......................... SETE failed test SysVolCheck
          Starting test: KccEvent
             ......................... SETE passed test KccEvent
          Starting test: KnowsOfRoleHolders
             ......................... SETE passed test KnowsOfRoleHolders
          Starting test: MachineAccount
             Could not open pipe with [SETE]:failed with 53:
             The network path was not found.
             Could not get NetBIOSDomainName
             Failed can not test for HOST SPN
             Failed can not test for HOST SPN
             ......................... SETE passed test MachineAccount
          Starting test: NCSecDesc
             ......................... SETE passed test NCSecDesc
          Starting test: NetLogons
             [SETE] An net use or LsaPolicy operation failed with error 53,
             The network path was not found..
             ......................... SETE failed test NetLogons
          Starting test: ObjectsReplicated
             ......................... SETE passed test ObjectsReplicated
          Starting test: Replications
             ......................... SETE passed test Replications
          Starting test: RidManager
             ......................... SETE passed test RidManager
          Starting test: Services
             Could not open Remote ipc to [SETE.myfqdn.COM]: error 0x35
             "The network path was not found."
             ......................... SETE failed test Services
          Starting test: SystemLog
             An Warning Event occurred.  EventID: 0x8000001D
                Time Generated: 06/05/2009   23:00:46
                Event String:
                The Key Distribution Center (KDC) cannot find a suitable certifica
     to use for smart card logons, or the KDC certificate could not be verified. S
    rt card logon may not function correctly if this problem is not resolved. To c
    rect this problem, either verify the existing KDC certificate using certutil.e
     or enroll for a new KDC certificate.
             ......................... SETE passed test SystemLog
          Starting test: VerifyReferences
             ......................... SETE passed test VerifyReferences


       Running partition tests on : ForestDnsZones
          Starting test: CheckSDRefDom
             ......................... ForestDnsZones passed test CheckSDRefDom
          Starting test: CrossRefValidation
             ......................... ForestDnsZones passed test
             CrossRefValidation

       Running partition tests on : DomainDnsZones
          Starting test: CheckSDRefDom
             ......................... DomainDnsZones passed test CheckSDRefDom
          Starting test: CrossRefValidation
             ......................... DomainDnsZones passed test
             CrossRefValidation

       Running partition tests on : Schema
          Starting test: CheckSDRefDom
             ......................... Schema passed test CheckSDRefDom
          Starting test: CrossRefValidation
             ......................... Schema passed test CrossRefValidation

       Running partition tests on : Configuration
          Starting test: CheckSDRefDom
             ......................... Configuration passed test CheckSDRefDom
          Starting test: CrossRefValidation
             ......................... Configuration passed test CrossRefValidatio

       Running partition tests on : myfqdn
          Starting test: CheckSDRefDom
             ......................... myfqdn passed test CheckSDRefDom
          Starting test: CrossRefValidation
             ......................... myfqdn passed test
             CrossRefValidation

       Running enterprise tests on : myfqdn.COM
          Starting test: LocatorCheck
             Warning: DcGetDcName(GC_SERVER_REQUIRED) call failed, error 1722
             A Global Catalog Server could not be located - All GC's are down.
             Warning: DcGetDcName(PDC_REQUIRED) call failed, error 1722
             A Primary Domain Controller could not be located.
             The server holding the PDC role is down.
             Warning: DcGetDcName(TIME_SERVER) call failed, error 1722
             A Time Server could not be located.
             The server holding the PDC role is down.
             Warning: DcGetDcName(GOOD_TIME_SERVER_PREFERRED) call failed, error
             1722
             A Good Time Server could not be located.
             Warning: DcGetDcName(KDC_REQUIRED) call failed, error 1722
             A KDC could not be located - All the KDCs are down.
             ......................... myfqdn.COM failed test
             LocatorCheck
          Starting test: Intersite
             ......................... myfqdn.COM passed test Intersite

     

    ____________________________________________________________________


    cdiag run on the DC it self:
    Directory Server Diagnosis

    Performing initial setup:
       * Identified AD Forest.
       Done gathering initial info.

    Doing initial required tests

       Testing server: Default-First-Site-Name\SETE
          Starting test: Connectivity
             ......................... SETE passed test Connectivity

    Doing primary tests

       Testing server: Default-First-Site-Name\SETE
          Starting test: Advertising
             ......................... SETE passed test Advertising
          Starting test: FrsEvent
             ......................... SETE passed test FrsEvent
          Starting test: DFSREvent
             ......................... SETE passed test DFSREvent
          Starting test: SysVolCheck
             ......................... SETE passed test SysVolCheck
          Starting test: KccEvent
             ......................... SETE passed test KccEvent
          Starting test: KnowsOfRoleHolders
             ......................... SETE passed test KnowsOfRoleHolders
          Starting test: MachineAccount
             ......................... SETE passed test MachineAccount
          Starting test: NCSecDesc
             ......................... SETE passed test NCSecDesc
          Starting test: NetLogons
             ......................... SETE passed test NetLogons
          Starting test: ObjectsReplicated
             ......................... SETE passed test ObjectsReplicated
          Starting test: Replications
             ......................... SETE passed test Replications
          Starting test: RidManager
             ......................... SETE passed test RidManager
          Starting test: Services
             ......................... SETE passed test Services
          Starting test: SystemLog
             ......................... SETE passed test SystemLog
          Starting test: VerifyReferences
             ......................... SETE passed test VerifyReferences


       Running partition tests on : ForestDnsZones
          Starting test: CheckSDRefDom
             ......................... ForestDnsZones passed test CheckSDRefDom
          Starting test: CrossRefValidation
             ......................... ForestDnsZones passed test
             CrossRefValidation

       Running partition tests on : DomainDnsZones
          Starting test: CheckSDRefDom
             ......................... DomainDnsZones passed test CheckSDRefDom
          Starting test: CrossRefValidation
             ......................... DomainDnsZones passed test
             CrossRefValidation

       Running partition tests on : Schema
          Starting test: CheckSDRefDom
             ......................... Schema passed test CheckSDRefDom
          Starting test: CrossRefValidation
             ......................... Schema passed test CrossRefValidation

       Running partition tests on : Configuration
          Starting test: CheckSDRefDom
             ......................... Configuration passed test CheckSDRefDom
          Starting test: CrossRefValidation
             ......................... Configuration passed test CrossRefValidation

       Running partition tests on : myfqdn
          Starting test: CheckSDRefDom
             ......................... myfqdn passed test CheckSDRefDom
          Starting test: CrossRefValidation
             ......................... myfqdn passed test
             CrossRefValidation

       Running enterprise tests on : myfqdn.COM
          Starting test: LocatorCheck
             ......................... myfqdn.COM passed test
             LocatorCheck
          Starting test: Intersite
             ......................... myfqdn.COM passed test Intersite

    C:\Users\Administrator>

     

    Your help is appreiated as my hair is almost gone and I havent slept in days! :0)

    • Edited by bigJDog Saturday, June 06, 2009 4:11 PM added more info
    Saturday, June 06, 2009 4:07 PM

All replies

  • The most probable reason is Your Dns server. check if it healthy and sencond please point your clients to the Dns server.Also see the article below might help you. Also see if the clients and the servers are on the same subnet and can reach each other http://support.microsoft.com/kb/839499
    http://technetfaqs.wordpress.com
    Monday, June 08, 2009 6:51 AM