Please help - Can't join PC to new domain
Samir
I installed a DC (Windows Server 2003 R2) and set up Active Directory and
DNS - no issues there.
Then I tried to join a Windows XP computer to the newly created domain.
Eight frustrating hours of the same error message:
"The server cannot perform the requested operation." (or something really
close to that).
Looked around in newsgroups and found that there's a log file (see below) -
it says "ldap_bind failed".
Tried creating the computer account first and then adding it to the domain -
no luck :-(
Disabled firewall - no luck :-(
'nslookup' says everything's ok. What gives?
And yes, I did point the IP/DNS setting on the client to the
server/DC/DNS/AD machine.
Please help!
----------------------------
05/29 17:28:48 NetpDoDomainJoin
05/29 17:28:48 NetpMachineValidToJoin: 'CLIENT'
05/29 17:28:48 NetpGetLsaPrimaryDomain: status: 0x0
05/29 17:28:48 NetpMachineValidToJoin: status: 0x0
05/29 17:28:48 NetpJoinDomain
05/29 17:28:48 Machine: CLIENT
05/29 17:28:48 Domain: MyDomain
05/29 17:28:48 MachineAccountOU: (NULL)
05/29 17:28:48 Account: MyDomain\Administrator
05/29 17:28:48 Options: 0x27
05/29 17:28:48 OS Version: 5.2
05/29 17:28:48 Build number: 3790
05/29 17:28:48 ServicePack: Service Pack 1
05/29 17:28:48 NetpValidateName: checking to see if 'MyDomain' is valid as
type 3 name
05/29 17:28:48 NetpCheckDomainNameIsValid [ Exists ] for 'MyDomain' returned
0x0
05/29 17:28:48 NetpValidateName: name 'MyDomain' is valid for type 3
05/29 17:28:48 NetpDsGetDcName: trying to find DC in domain 'MyDomain',
flags: 0x1020
05/29 17:28:48 NetpDsGetDcName: found DC '\\SERVER' in the specified domain
05/29 17:29:48 NetpJoinDomain: status of connecting to dc '\\SERVER': 0x0
05/29 17:29:48 NetpGetLsaPrimaryDomain: status: 0x0
05/29 17:29:48 NetpGetDnsHostName: Read NV Hostname: client
05/29 17:29:48 NetpGetDnsHostName: PrimaryDnsSuffix defaulted to DNS domain
name: MyDomain
05/29 17:29:48 NetpLsaOpenSecret: status: 0xc0000034
05/29 17:29:48 NetpGetLsaPrimaryDomain: status: 0x0
05/29 17:29:48 NetpLsaOpenSecret: status: 0xc0000034
05/29 17:29:48 NetpManageMachineAccountWithSid: NetUserAdd on '\\SERVER' for
'CLIENT$' failed: 0x8b0
05/29 17:29:49 NetpManageMachineAccountWithSid: status of attempting to set
password on '\\SERVER' for 'CLIENT$': 0x0
05/29 17:29:49 NetpJoinDomain: status of creating account: 0x0
05/29 17:30:15 NetpLdapBind: ldap_bind failed on \\SERVER: 81: Server Down
05/29 17:30:15 ldap_unbind status: 0x0
05/29 17:30:15 NetpSetDnsHostNameAndSpn: NetpLdapBind failed: 0x3a
05/29 17:30:15 NetpJoinDomain: status of setting DnsHostName and SPN: 0x3a
05/29 17:30:15 NetpJoinDomain: initiaing a rollback due to earlier errors
05/29 17:30:15 NetpGetLsaPrimaryDomain: status: 0x0
05/29 17:30:15 NetpManageMachineAccountWithSid: status of disabling account
'CLIENT$' on '\\SERVER': 0x0
05/29 17:30:15 NetpJoinDomain: rollback: status of deleting computer
account: 0x0
05/29 17:30:15 NetpLsaOpenSecret: status: 0x0
05/29 17:30:15 NetpJoinDomain: rollback: status of deleting secret: 0x0
05/29 17:30:15 NetpJoinDomain: status of disconnecting from '\\SERVER': 0x0
05/29 17:30:15 NetpDoDomainJoin: status: 0x3a
Ace Fekay [MVP]
Samir <Sa...@discussions.microsoft.com> stated, which I commented on below:
Your DNS domain name, "MYDOMAIN" is a single label name. If this is not a
production machine or is a fresh installation, demote it, and re-promote it
with a proper AD DNS Domain name or "mydomain.com", "mydomain.local", or
"mydomain.samir".
Single label domain names are not proper DNS names and XP and 2003 have
numerous problems associated with it. It's your best interest to demote it
and promote it properly.
--
Ace
This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.
Having difficulty reading or finding responses to your post?
Instead of the website you're using, I suggest to use OEx (Outlook Express
or any other newsreader), and configure a news account, pointing to
news.microsoft.com. This is a direct link to the Microsoft Public
Newsgroups. It is FREE and requires NO ISP's Usenet account. OEx allows you
to easily find, track threads, cross-post, sort by date, poster's name,
watched threads or subject.
It's easy:
How to Configure OEx for Internet News
http://support.microsoft.com/?id=171164
Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft MVP - Directory Services
Microsoft Certified Trainer
Infinite Diversities in Infinite Combinations
Assimilation Imminent. Resistance is Futile
"Very funny Scotty. Now, beam down my clothes."
The only thing in life is change. Anything more is a blackhole consuming
unnecessary energy. - [Me]
Samir
OK - I will try that and report back later today. Thanks for responding.
(I wish I didn't have to do this, but at this stage I'll try anything - I'm
basically blocked.)
Ace Fekay [MVP]
> responding.
>
> (I wish I didn't have to do this, but at this stage I'll try anything
> - I'm basically blocked.)
Well the single lable name is causing the issue. Since you are in the
beginning of setting this up it is best to straighten it out now.
Ace
Samir
Thank you for your help.
--Samir