Thank you for posting to SBS Newsgroup.
To resolve your issue, I need to gather more information from you for
research.
1.Does the issue only occur on this workstation or many workstations with
multiple domain users? Does this issue occur especially for one user?
2.What is the error message at the end of SetUp Wizard? Can you please
write them down or create a screen capture and paste it here.
3.Log on as the local administrator in the problematic workstation, and go
to
C:\Program Files\Microsoft Small Business Server\Clients
Folder and then paste the content of SBSNetSetup.log file to the thread so
that we can do the analysis.
Thank you for your time. I am looking forward to hearing from you.
Best regards,
Brandy Nee
Microsoft CSS Online Newsgroup Support
Get Secure! - www.microsoft.com/security
=====================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
There is no screen capture, since all the IE windows says is "An error
occured when configuring networking settings. See your network
administrator." So that's not much help.
The log is more revealing though;
3/8/2005 10:00 AM
-- Starting SBS Net Setup --
found [44] keys
CProfileList::CProfileList() - added [1008, C:\Documents and Settings\yoosh]
to the profile dir map
CProfileList::CProfileList() - added [1009, C:\Documents and Settings\RRH]
to the profile dir map
CProfileList::CProfileList() - added [1011, C:\Documents and Settings\Gus]
to the profile dir map
CProfileList::CProfileList() - added [500, C:\Documents and
Settings\Administrator] to the profile dir map
CProfileList::CProfileList() - added [501, C:\Documents and Settings\Guest]
to the profile dir map
CProfileList::CProfileList() - added [Administrator, C:\Documents and
Settings\Administrator] to the profile dir map
CProfileList::CProfileList() - added [Gus, C:\Documents and Settings\Gus] to
the profile dir map
CProfileList::CProfileList() - added [RRH, C:\Documents and Settings\RRH] to
the profile dir map
CProfileList::CProfileList() - added [yoosh, C:\Documents and
Settings\yoosh] to the profile dir map
CAuthPage::OnNotify() - PSN_WIZNEXT - User Name: YKao
CAuthPage::GetUsersAndComputers() - ADsOpenObject(
LDAP://cqsbserver.chiralquestinc.local/DC=chiralquestinc,DC=local, YKao, [PW]
)
CAuthPage::GetUsersAndComputers() - ADsOpenObject(
LDAP://cqsbserver.chiralquestinc.local/DC=chiralquestinc,DC=local, YKao, [PW]
)
CAuthPage::OnNotify() - PSN_SETACTIVE - our computer name IS in the AD
GetXMLNode() - DOMDocument::selectSingleNode( root/mapping[@user='ykao'] )
failed [1]
LoadMappingInfo() - find [root/mapping[@user='ykao']] failed, user not mapped
CProfileList::IsPrivateProfile( RRH )
CProfileList::IsPrivateProfile() - starting the search [C:\Documents and
Settings\RRH]
CProfileList::IsPrivateProfile( yoosh )
CProfileList::IsPrivateProfile() - starting the search [C:\Documents and
Settings\yoosh]
CWizard::PrepAutoLogon()
CWizard::PrepAutoLogon() - runonce key set
CWizard::PrepAutoLogon() - account existed, deleting
CWizard::PrepAutoLogon() - setting DefaultDomainName_PostMigrate to
[chiralquestinc], [0]
FinishNetworkingSetup()
CWizard::FinishNetworkingSetup() - outputting XML file
FinishNetworkingSetup() -- calling NetJoinDomain( NULL,
chiralquestinc.local,
ou=sbscomputers,ou=computers,ou=mybusiness,dc=chiralquestinc,dc=local,
chiralquestinc.local\YKao, [pw], 359 )
FinishNetworkingSetup() -- NetJoinDomain() failed [53], returning
FinishNetworkingSetup() failed -- hr == [-2147467259]
Deleted sbsmig out of runonce key.
I'm going to guess that this has something to do with creating user
accounts, but not immediately assigning computers to them. Maybe i need to
point the user accounts to the computers before connecting?
3/9/2005 10:13 AM
-- Starting SBS Net Setup --
found [44] keys
CProfileList::CProfileList() - added [1008, C:\Documents and Settings\yoosh]
to the profile dir map
CProfileList::CProfileList() - added [1009, C:\Documents and Settings\RRH]
to the profile dir map
CProfileList::CProfileList() - added [1011, C:\Documents and Settings\Gus]
to the profile dir map
CProfileList::CProfileList() - added [500, C:\Documents and
Settings\Administrator] to the profile dir map
CProfileList::CProfileList() - added [501, C:\Documents and Settings\Guest]
to the profile dir map
CProfileList::CProfileList() - added [Administrator, C:\Documents and
Settings\Administrator] to the profile dir map
CProfileList::CProfileList() - added [Gus, C:\Documents and Settings\Gus] to
the profile dir map
CProfileList::CProfileList() - added [RRH, C:\Documents and Settings\RRH] to
the profile dir map
CProfileList::CProfileList() - added [yoosh, C:\Documents and
Settings\yoosh] to the profile dir map
CAuthPage::OnNotify() - PSN_WIZNEXT - User Name: RHansen
CAuthPage::GetUsersAndComputers() - ADsOpenObject(
LDAP://cqsbserver.chiralquestinc.local/DC=chiralquestinc,DC=local, RHansen,
[PW] )
CAuthPage::GetUsersAndComputers() - ADsOpenObject(
LDAP://cqsbserver.chiralquestinc.local/DC=chiralquestinc,DC=local, RHansen,
[PW] )
CAuthPage::OnNotify() - PSN_SETACTIVE - our computer name IS in the AD
GetXMLNode() - DOMDocument::selectSingleNode( root/mapping[@user='rhansen']
) failed [1]
LoadMappingInfo() - find [root/mapping[@user='rhansen']] failed, user not
mapped
CProfileList::IsPrivateProfile( RRH )
CProfileList::IsPrivateProfile() - starting the search [C:\Documents and
Settings\RRH]
CProfileList::IsPrivateProfile( yoosh )
CProfileList::IsPrivateProfile() - starting the search [C:\Documents and
Settings\yoosh]
CWizard::PrepAutoLogon()
CWizard::PrepAutoLogon() - runonce key set
CWizard::PrepAutoLogon() - setting DefaultDomainName_PostMigrate to
[chiralquestinc], [0]
FinishNetworkingSetup()
CWizard::FinishNetworkingSetup() - outputting XML file
FinishNetworkingSetup() -- calling NetJoinDomain( NULL,
chiralquestinc.local,
ou=sbscomputers,ou=computers,ou=mybusiness,dc=chiralquestinc,dc=local,
chiralquestinc.local\RHansen, [pw], 359 )
Thank you for your reply and information.
To my understanding, when you use ConnecComputer website to join a W2k or
XP workstation to the SBS2003 domain, after you click Finish, you receive
error: <"An error occurred when configuring networking settings">
Based on my experience, this issue can occur if the DNS forward lookup zone
is missing _msdcs.domain.local.
By default, SBS DNS Forward Lookup zone contains _msdcs.domain.local and
domain.local. Recreate the _msdcs.domain.local zone if it is missing:
1. Go to Start ' All Programs ' Administrative Tools ' DNS
2. Double Click SBS2003PREWFP, Right-click Forward Lookup Zones in DNS and
select New Zone.
3. Specify Primary Zone, and use _msdcs.domain.local as the Zone name.
4. Go to Start ' Service, Stop Netlogon and DNS service (DHCP Server).
5. Run %windir%\system32\config\, rename netlogon.dns and netlogon.dnb
extension
6. Start Netlogon and DNS service
7. Run ipconfig/flushdns and ipconfig/registerdns see their status.
8. Close and reopen the DNS snapin.
9. Verify _msdcs.domain.local contains dc, domains, gc, and pdc these files.
This issue can also occur if the user account is restricted to logon to
only selected workstations. To resolve this issue remove the logon
restriction while joining the domain, please follow the steps:
1. Start Active Directory Users and Computers.
2. Expland the "My Business" OU, expand the "Users" OU, then expand the
"SBSUsers" OU
3. Display the properties of the user account you're using to join the
domain.
4. Click on the "Account" tab
5. Click the "log on to..." button and select the radio button "All
computers", Click OK twice to exit the dialog box.
6. From the client machine, open Internet Explorer and browse to the
followoing url: http://<your server name>/connectcomputer
7. Click the "Connect tot he network now" link to start the Network setup
wizard.
If the issue still occurs, perform the following steps:
1. In the Domain Controller Security policy on the server, expand Local
Policies.
2. Click on Security Options and set Network Security: LAN Manager
Authentication to "Send LM and NTLM - use NTLMv2 session security if
negotiated." Click OK to make the change.
3. Run gpudate /force at a command prompt.
4. In Start -> Run, type "regedt32". Go to the following key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters
Make sure the following values are set :
Enablesecuritysignature = 1
requiresecuritysignature = 0
5. Still in Regedt go to the following key:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa. Set the following
value:
Incompatibility level = 2
6. On the client machines go to the following keys and make sure the
following values are set correctly:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsarestrictanonymoussam
[REG_DWORD] = 0x1
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanworkstation\param
eters
enablesecuritysignature [REG_DWORD] = 0x1
requiresecuritysignature [REG_DWORD] = 0x0
7. On the client go to Start | Programs | Administrative Tools | Local
Security Policy.
8. Expand Local Policies and click on Security Options. Check the setting
for the following three options:
Domain member: Digitally encrypt or sign secure channel data (always) set
to enabled
Domain member: Digitally encrypt secure channel data (when possible set to
enabled
Domain member: Digitally sign secure channel data (when possible set to
enabled
9. Reboot the workstation.
10. Join the domain.
If anything is unclear, please let me know. I appreciate your time!
however, none of them seemed to work...
I first checked the DNS forward look up, which was there. Checked active
directory users but the user accounts were not restricted to any machine in
particular. Updated the registry keys for the clients and security policies,
but still the same error prevailed. I did check the logs for the client
migration, and the 'moveuser.log' has this error in it:
MigrateProfiles() - ran ["C:\Program Files\Microsoft Windows Small Business
Server\Clients\moveuser.exe" "yoosh" "chiralquestinc.local\YKao" /y /k >
C:\PROGRA~1\MI6234~1\Clients\mutemp.log]. output:
Moving profile from AVSERVER\yoosh to chiralquestinc.local\YKao...
Move failed.
Error 1317
The specified user does not exist.
and the sbsmig.log has this in it:
-- Starting sbsmig.exe --
AddUsersToLocalAdmin() -- calling NetLocalGroupAddMembers( Administrators,
chiralquestinc.local\YKao )
AddUsersToLocalAdmin() - NetLocalGroupAddMembers() failed -- nas == [1387]
AddUsersToLocalAdmin() - NetLocalGroupAddMembers() failed -- nas == [1387]
AddUsersToLocalAdmin() - NetLocalGroupAddMembers() failed -- nas == [1387]
AddUsersToLocalAdmin() - NetLocalGroupAddMembers() failed -- nas == [1387]
AddUsersToLocalAdmin() - NetLocalGroupAddMembers() failed -- nas == [1387]
AddUsersToLocalAdmin() - NetLocalGroupAddMembers() failed -- nas == [1387]
AddUsersToLocalAdmin() - NetLocalGroupAddMembers() failed -- nas == [1387]
AddUsersToLocalAdmin() - NetLocalGroupAddMembers() failed -- nas == [1387]
AddUsersToLocalAdmin() - NetLocalGroupAddMembers() failed -- nas == [1387]
AddUsersToLocalAdmin() - NetLocalGroupAddMembers() failed -- nas == [1387]
AddUsersToLocalAdmin() - NetLocalGroupAddMembers() failed -- nas == [1387]
AddDomainUserToRemoteDesktopGroup() -- we're not a server, not adding domain
users group to remote desktop group
ChangeComputerName() -- no need to change
ChangeIPAddress() -- we're not a server, not changing the IP config
FAILED to generate the Security Descriptor [1337]
Migrate() -- command - ["C:\Program Files\Microsoft Windows Small Business
Server\Clients\moveuser.exe" "yoosh" "chiralquestinc.local\YKao" /y /k >
C:\PROGRA~1\MI6234~1\Clients\mutemp.log]
Migrate() -- strBat - [C:\Program Files\Microsoft Windows Small Business
Server\Clients\run.bat]
Migrate() -- calling BCreateProcess(), strCommand - [cmd.exe /c "C:\Program
Files\Microsoft Windows Small Business Server\Clients\run.bat"]
DeleteSBSFile() -- DeleteFile( C:\Program Files\Microsoft Windows Small
Business Server\Clients\sbsmig.exe ) failed -- GLE = [5]
running logoff command [C:\Program Files\Microsoft Windows Small Business
Server\Clients\sbsmig.exe] [C:\Program Files\Microsoft Windows Small Business
Server\Clients\sbsmig.exe /l]
-- Exiting sbsmig.exe --
it looks like something is wrong with the user object, but i cannot tell
what it is (i created most of the user accounts of the same way, same
template). I suppose i could try to recreate the user accounts, but i'm not
too big on that.
also, i have tried to join the users manually without the connect computer
wizard, and it did work but it was not as 'neat'; the my documents
redirection would not work...
Thanks for any further input into this matter,
Ryan
Thank you for posting back.
First of all, I need to confirm with you some information to narrow down
the issue. :
1.How did you add users? Did you use "Add User & Computer Wizard" in SBS or
add it in Active Directory Users and Computers?
2.What GPO that the Folder Redirection policy under did you creat?
3.Which object, like OU, Computer or User Groups does GPO link with? And
check whether the user you have created is in this user group.
4.Please give me detailed error message or capture the window and post it
here if possibly.
Also, you can have a look at the following article,
310746 Configuration of the My Documents folder
http://support.microsoft.com/?id=310746
Thank you for your time. I am looking forward to hearing from you soon.