locked
Cannot join computer to domain RRS feed

  • Question

  • I have a Windows Server 2012 R2 x64 domain controller at a primary location. It is doing DNS for multiple sites and is the only DC. I have a remote site that is connected through an ISP Point to Point connection back to my primary location, there are a few computers there. These computers use this DC for files and domain authentication.

    Recently 2 of the computers could not longer log on or access the DC. The ISP came out and rebuilt the tunnel between the two sites (they have Cisco routers on either end, and then we have SonicWalls in front of those). This helped a little. However one of the computers I reinstalled Windows 7 from scratch on and it cannot join the domain.

    The error is "The specified server cannot perform the requested action." This is happening on a few computers here. However some of them that are on the domain are able to access it fine and use the file shares.

    The only workaround I found is to physically move the computers to the primary location and join the domain there and then bring them back, but even after doing this they cannot see the files. This is happening on multiple computers that I reinstalled Windows 7 on.

    I did a Scavenge stale DNS records on the server. Made sure Network Location Awareness is running. Restarted server.

    Any ideas? I think maybe this is DNS related?

    Tuesday, August 18, 2015 8:29 PM

Answers

  • Hi mlmartinitt,

    According to your description, when you reinstalled win 7 on computer, it can’t join the domain and when you physically move it to primary location to add them to domain, it still can’t access shared files when you bring it back.

    First, as you have mentioned, it may be caused by DNS issue. We may use command “dcdiag\test:dns” on DC to test it. And use command “nslookup” on client to check the record.  Use command “ping” to test network connection to DC.

    Second, we may check if it is associated with firewall settings, we may close firewall and antivirus software temporarily, check if this works.

    Third, we may narrow down the problem by performing a network traffic capture with network monitor. We may compare the packets the DC received when the client join the domain on the remote site and when the client join the domain on the primary site.

    If you want to download network monitor, you may click the following link:

    http://www.microsoft.com/en-us/download/details.aspx?id=4865

    Best regards,

    Anne he


    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.

    Wednesday, August 19, 2015 3:15 AM

All replies

  • Seems like important ports are blocked. Use network monitor to analyze your problem.

    Regards

    Milos

    Tuesday, August 18, 2015 8:56 PM
  • Hi mlmartinitt,

    According to your description, when you reinstalled win 7 on computer, it can’t join the domain and when you physically move it to primary location to add them to domain, it still can’t access shared files when you bring it back.

    First, as you have mentioned, it may be caused by DNS issue. We may use command “dcdiag\test:dns” on DC to test it. And use command “nslookup” on client to check the record.  Use command “ping” to test network connection to DC.

    Second, we may check if it is associated with firewall settings, we may close firewall and antivirus software temporarily, check if this works.

    Third, we may narrow down the problem by performing a network traffic capture with network monitor. We may compare the packets the DC received when the client join the domain on the remote site and when the client join the domain on the primary site.

    If you want to download network monitor, you may click the following link:

    http://www.microsoft.com/en-us/download/details.aspx?id=4865

    Best regards,

    Anne he


    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.

    Wednesday, August 19, 2015 3:15 AM
  • Hey so I know this thread is old but did want to say what the actual fix was. This issue was caused on the ISP end, they're equipment (cable modem to be specific) at that specific site was basically not up to par and could not push packets through fast enough to function the way it should have. Therefor that's why we saw domain issues and just all kinds of issues at that specific site. The fix was the throttle back the packet flow on every single device at that site. The long term fix will be to replace the ISP's equipment.
    Tuesday, October 18, 2016 1:07 PM