| Author |
Message |
John [MSFT]
Guest
|
 Posted:
Thu Nov 10, 2005 1:51 am Post subject:
oining a domain |
|
|
Hi all:
I am trying to join a computer to my test domain, but for some reason I
cannot do so. The server info is:
crmserver1.smallbusiness.local
192.168.1.91
So when I try to add the client I use "smallbusiness" as the domain, but it
fails. I can ping the server from the client both via the server IP and the
server name, and the client TCPIP is set up thus:
IP: 192.168.1.55
Sub: 255.255.255.0
gateway: 192.168.1.1
Primary dns: 192.168.1.91
Secondary DNS: 24.226.10.193
Can anyone offer a suggestion how I can fix this?
Thanks.
John.
--
John [MSFT]
This posting is provided "AS IS" with no warranties, and confers no rights.
Use of any included script or code samples are subject to the terms
specified at
http://www.microsoft.com/info/cpyright.htm. |
|
| Back to top |
|
 |
Ace Fekay [MVP]
Guest
|
| Posted:
Thu Nov 10, 2005 1:51 am Post subject:
Re: oining a domain |
|
|
In news:%23AoVM1X5FHA.1420@TK2MSFTNGP09.phx.gbl,
John [MSFT] <jstraumann@cogeco.ca> made this post, which I then commented
about below:
| Quote: | Hi all:
I am trying to join a computer to my test domain, but for some reason
I cannot do so. The server info is:
crmserver1.smallbusiness.local
192.168.1.91
So when I try to add the client I use "smallbusiness" as the domain,
but it fails. I can ping the server from the client both via the
server IP and the server name, and the client TCPIP is set up thus:
IP: 192.168.1.55
Sub: 255.255.255.0
gateway: 192.168.1.1
Primary dns: 192.168.1.91
Secondary DNS: 24.226.10.193
Can anyone offer a suggestion how I can fix this?
Thanks.
John.
|
One thing, remove the DNS address 24.266.10.193. Only use the internal DNS
for that is the guy that stores the domain's service location records. The
24. address, assuming your cable company's DNS, has NO idea where your
domain controllers are. Keep in mind, AD relies on DNS for locating specific
domain services and what DCs hold those services.
The test computer (well ALL your machines for that matter), must ONLY use
192.168.1.55, or it may be asking your cable company, "Where is the domain
controller for my domain so I can authenticate this transaction?" Configure
a forwarder for efficient internet access to the 24.266.10.193 DNS. Use this
link to show you how (pick your OS: Win2000 or Win2003):
323380 - HOW TO Configure DNS for Internet Access in Windows Server 2003 :
http://support.microsoft.com/?id=323380
300202 - HOW TO Configure DNS for Internet Access in Windows Server 2000 :
http://support.microsoft.com/?id=300202
Once you've taken care of that, attempt to use smallbusiness.local as the
domain name when attempting to join. Provide the credentials as
smallbusiness\administrator, then the password.
Here's some additional reading to understand AD and it's DNS requirements:
291382 - Frequently asked questions about Windows 2000 DNS and Windows
Server 2003 DNS
http://support.microsoft.com/default.aspx?scid=kb;en-us;291382
825036 - Best practices for DNS client settings in Windows 2000 Server and
in Windows Server 2003
http://support.microsoft.com/?id=825036
Common Mistakes When Upgrading a Windows 2000 Domain To a Windows 2003
Domain (whether it was upgraded or not, this is full of useful information
relating to AD and DNS, among other info):
http://support.microsoft.com/default.aspx?scid=kb;en-us;555040
--
Ace
This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.
If this post is viewed at a non-Microsoft community website, and you were to
respond to it through that community's website, I may not see your reply
unless that website posts replies back to the original Microsoft forum.
Therefore, please direct all replies ONLY to the Microsoft public newsgroup
this thread originated in so all can benefit or ensure the web community
posts it back to the original forum.
Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft MVP - Windows Server Directory Services
Microsoft Certified Trainer
Infinite Diversities in Infinite Combinations.
================================= |
|
| Back to top |
|
|
John [MSFT]
Guest
|
| Posted:
Thu Nov 10, 2005 1:51 am Post subject:
Re: Joining a domain |
|
|
Hi Ace and all:
Thanks for the info. I am pretty sure the server is being found, and now the
error is
"The following error occurred attempting to join the domain "smallbusiness"
Multiple connections to a server or shared resource, using more than one
user name, are not allowed. Disconnect all previous connections to the
server or shared resource and try again"
Not really sure what all that means, there are no other connections to this
server at all..
John.
--
John [MSFT]
This posting is provided "AS IS" with no warranties, and confers no rights.
Use of any included script or code samples are subject to the terms
specified at
http://www.microsoft.com/info/cpyright.htm.
"Ace Fekay [MVP]"
<PleaseSubstituteMyActualFirstName&LastNameHere@hotmail.com> wrote in
message news:OYTHt%23X5FHA.1184@TK2MSFTNGP12.phx.gbl...
| Quote: | In news:%23AoVM1X5FHA.1420@TK2MSFTNGP09.phx.gbl,
John [MSFT] <jstraumann@cogeco.ca> made this post, which I then commented
about below:
Hi all:
I am trying to join a computer to my test domain, but for some reason
I cannot do so. The server info is:
crmserver1.smallbusiness.local
192.168.1.91
So when I try to add the client I use "smallbusiness" as the domain,
but it fails. I can ping the server from the client both via the
server IP and the server name, and the client TCPIP is set up thus:
IP: 192.168.1.55
Sub: 255.255.255.0
gateway: 192.168.1.1
Primary dns: 192.168.1.91
Secondary DNS: 24.226.10.193
Can anyone offer a suggestion how I can fix this?
Thanks.
John.
One thing, remove the DNS address 24.266.10.193. Only use the internal DNS
for that is the guy that stores the domain's service location records. The
24. address, assuming your cable company's DNS, has NO idea where your
domain controllers are. Keep in mind, AD relies on DNS for locating
specific domain services and what DCs hold those services.
The test computer (well ALL your machines for that matter), must ONLY use
192.168.1.55, or it may be asking your cable company, "Where is the domain
controller for my domain so I can authenticate this transaction?"
Configure a forwarder for efficient internet access to the 24.266.10.193
DNS. Use this link to show you how (pick your OS: Win2000 or Win2003):
323380 - HOW TO Configure DNS for Internet Access in Windows Server 2003 :
http://support.microsoft.com/?id=323380
300202 - HOW TO Configure DNS for Internet Access in Windows Server 2000 :
http://support.microsoft.com/?id=300202
Once you've taken care of that, attempt to use smallbusiness.local as the
domain name when attempting to join. Provide the credentials as
smallbusiness\administrator, then the password.
Here's some additional reading to understand AD and it's DNS requirements:
291382 - Frequently asked questions about Windows 2000 DNS and Windows
Server 2003 DNS
http://support.microsoft.com/default.aspx?scid=kb;en-us;291382
825036 - Best practices for DNS client settings in Windows 2000 Server and
in Windows Server 2003
http://support.microsoft.com/?id=825036
Common Mistakes When Upgrading a Windows 2000 Domain To a Windows 2003
Domain (whether it was upgraded or not, this is full of useful information
relating to AD and DNS, among other info):
http://support.microsoft.com/default.aspx?scid=kb;en-us;555040
--
Ace
This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.
If this post is viewed at a non-Microsoft community website, and you were
to respond to it through that community's website, I may not see your
reply unless that website posts replies back to the original Microsoft
forum. Therefore, please direct all replies ONLY to the Microsoft public
newsgroup this thread originated in so all can benefit or ensure the web
community posts it back to the original forum.
Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft MVP - Windows Server Directory Services
Microsoft Certified Trainer
Infinite Diversities in Infinite Combinations.
=================================
|
|
|
| Back to top |
|
|
John [MSFT]
Guest
|
| Posted:
Thu Nov 10, 2005 7:57 am Post subject:
Re: Joining a domain |
|
|
Hi all:
Just an FYI that I found the solution to this in turning off the firewall on
teh DC. I then found this article on the topic:
http://www.howtonetworking.com/casestudy/dcfirewallissue.htm
John [MSFT]
This posting is provided "AS IS" with no warranties, and confers no rights.
Use of any included script or code samples are subject to the terms
specified at
http://www.microsoft.com/info/cpyright.htm.
"John [MSFT]" <jstraumann@cogeco.ca> wrote in message
news:ubkErPY5FHA.2916@TK2MSFTNGP11.phx.gbl...
| Quote: | Hi Ace and all:
Thanks for the info. I am pretty sure the server is being found, and now
the error is
"The following error occurred attempting to join the domain
"smallbusiness"
Multiple connections to a server or shared resource, using more than one
user name, are not allowed. Disconnect all previous connections to the
server or shared resource and try again"
Not really sure what all that means, there are no other connections to
this server at all..
John.
--
John [MSFT]
This posting is provided "AS IS" with no warranties, and confers no
rights.
Use of any included script or code samples are subject to the terms
specified at
http://www.microsoft.com/info/cpyright.htm.
"Ace Fekay [MVP]"
PleaseSubstituteMyActualFirstName&LastNameHere@hotmail.com> wrote in
message news:OYTHt%23X5FHA.1184@TK2MSFTNGP12.phx.gbl...
In news:%23AoVM1X5FHA.1420@TK2MSFTNGP09.phx.gbl,
John [MSFT] <jstraumann@cogeco.ca> made this post, which I then commented
about below:
Hi all:
I am trying to join a computer to my test domain, but for some reason
I cannot do so. The server info is:
crmserver1.smallbusiness.local
192.168.1.91
So when I try to add the client I use "smallbusiness" as the domain,
but it fails. I can ping the server from the client both via the
server IP and the server name, and the client TCPIP is set up thus:
IP: 192.168.1.55
Sub: 255.255.255.0
gateway: 192.168.1.1
Primary dns: 192.168.1.91
Secondary DNS: 24.226.10.193
Can anyone offer a suggestion how I can fix this?
Thanks.
John.
One thing, remove the DNS address 24.266.10.193. Only use the internal
DNS for that is the guy that stores the domain's service location
records. The 24. address, assuming your cable company's DNS, has NO idea
where your domain controllers are. Keep in mind, AD relies on DNS for
locating specific domain services and what DCs hold those services.
The test computer (well ALL your machines for that matter), must ONLY use
192.168.1.55, or it may be asking your cable company, "Where is the
domain controller for my domain so I can authenticate this transaction?"
Configure a forwarder for efficient internet access to the 24.266.10.193
DNS. Use this link to show you how (pick your OS: Win2000 or Win2003):
323380 - HOW TO Configure DNS for Internet Access in Windows Server 2003
:
http://support.microsoft.com/?id=323380
300202 - HOW TO Configure DNS for Internet Access in Windows Server 2000
:
http://support.microsoft.com/?id=300202
Once you've taken care of that, attempt to use smallbusiness.local as the
domain name when attempting to join. Provide the credentials as
smallbusiness\administrator, then the password.
Here's some additional reading to understand AD and it's DNS
requirements:
291382 - Frequently asked questions about Windows 2000 DNS and Windows
Server 2003 DNS
http://support.microsoft.com/default.aspx?scid=kb;en-us;291382
825036 - Best practices for DNS client settings in Windows 2000 Server
and
in Windows Server 2003
http://support.microsoft.com/?id=825036
Common Mistakes When Upgrading a Windows 2000 Domain To a Windows 2003
Domain (whether it was upgraded or not, this is full of useful
information relating to AD and DNS, among other info):
http://support.microsoft.com/default.aspx?scid=kb;en-us;555040
--
Ace
This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.
If this post is viewed at a non-Microsoft community website, and you were
to respond to it through that community's website, I may not see your
reply unless that website posts replies back to the original Microsoft
forum. Therefore, please direct all replies ONLY to the Microsoft public
newsgroup this thread originated in so all can benefit or ensure the web
community posts it back to the original forum.
Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft MVP - Windows Server Directory Services
Microsoft Certified Trainer
Infinite Diversities in Infinite Combinations.
=================================
|
|
|
| Back to top |
|
|
Ace Fekay [MVP]
Guest
|
| Posted:
Thu Nov 10, 2005 9:50 am Post subject:
Re: Joining a domain |
|
|
In news:ugkDkoZ5FHA.1000@tk2msftngp13.phx.gbl,
John [MSFT] <jstraumann@cogeco.ca> made this post, which I then commented
about below:
That's good to hear, John. That's a good link explaining ports required for
DC communications. If it were enabled, I would actually even add UDP >1023
as well, for the empherical response ports that Windows machines use
communicating between other Window machines.
I'll tell you, the firewall is a nice feature, but it sure can hinder
communications on a DC. I've found as a basic rule to keep the firewall
disabled on DCs and on internal machines to eliminate any possibiity that it
may cause communication issues, and normally rely on an entry point firewall
or ISA.
Take care, John!
:-)
Ace |
|
| Back to top |
|
|
|
|
|
|
FAQ
Memberlist
Register
Profile
Log in to check your private messages
Log in