none
Computer Can't Join Domain RRS feed

  • Question

  • Dears,

    I have 3 branches, one in Egypt (Site 1), Italy (Site 2), USA (Site 3), it is connected via VPN software. The Active directory master located in Egypt (Site 1), and 2 additional domains located in Italy (Site 2), USA (Site 3).

    If the VPN is working and all sites can connected to the master active directory the computer in other sites can join the domain without any problem.

    The problem is if we discounted the VPN from Egypt (site 1) the master, the computers in other sites can't join the domain.

    1. (1) Master in Egypt
    2. (2) Additional Domain
    3. All of these domains are Global Catalog
    4. DNS installed on each site
    5. Software that used to the VPN is (Softether)






    Saturday, December 7, 2019 1:29 PM

All replies

  • Might compare successful and failed \netsetup.log for differences. (please do not post logs in forums replies)

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.

    Sunday, December 8, 2019 12:12 AM
  • Hello,

    Thank you for posting in our TechNet forum.

    According to your description, if you disconnect the VPN from Active Directory Master, the computers in other sites can't join the domain.

    To better understand our question, please confirm the following information:

    1: Could you please provide the error information for further analyzing(please provide the screenshot if possible)?

    2. Base on “The Active directory master located in Egypt (Site 1)”, do we mean our DC with FSMO roles is in Egypt (Site1)?

    3. Base on “2 additional domains located in Italy (Site 2), USA (Site 3).”, do we mean we have three domains?

    4. Would you please tell us how many domains, how many sites in the forest and how many DCs in each sites?

    Thanks for your understanding.

    Jolin Lu




    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, December 9, 2019 10:10 AM
  • There could be many reasons for that. Examples include failures in DNS résolutions (So you need make sure that your PCs to join can properly make DNS resolutions locally when VPN connection is down), RID exhausted pools (So you need to make sure that you Don't have similar issues by using dcdiag on your DCs and checking if this is the case), improper VLAN setup (As it may be that the VLAN where the new PCs reside can communicate only with DCs reachable by VPN and, once joined, they can communicate to local DCs).

    To start investigations, I would advise starting checking the DNS resolution, the communication with the local DCs using PortQry and the health of your DCs using dcdiag and repadmin commands.


    This posting is provided AS IS with no warranties or guarantees , and confers no rights.

    Ahmed MALEK

    My Website Link

    My Linkedin Profile

    My MVP Profile

    Monday, December 9, 2019 10:46 AM
  • Hello,

    As we haven’t heard from you for several days, may I confirm with you on the latest status?
     
    Much appreciated for your response in advance.



    Best Regards,
    Daisy Zhou

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Thursday, December 12, 2019 4:22 AM
    Moderator
  • Hi,
    I am writing to see if the issue is resolved or not? If anything is unclear, please feel free to update here.

    Thank you for your time and support.


    Best Regards,
    Daisy Zhou

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, December 16, 2019 6:41 AM
    Moderator