Microsoft
Software
Hardware
Network
Question : Cannot make computer member of new Win 2003 domain in 2 computer set up
My goal is to establish communication between two computers so I can share files. The server (1.2.3.4) will handle communication services (web, email, dns, db, etc). The client (6.7.8.9) is a computing workhorse for the server. Each machine will need to access some files on the other. I believe my only option is to place the two machines in the same domain. The server was promoted to a DC and I am trying to add the client to the new domain. Details below. (I changed the names & IP addresses very carefully)
When adding the client computer to the new domain I receive the following error:
DNS was successfully queried for the service location (SRV) resource record used to locate a domain controller for domain f.c.com:
The query was for the SRV record for _ldap._tcp.dc._msdcs.f.c.c
om
The following domain controllers were identified by the query:
myserver.f.c.com
Common causes of this error include:
- Host (A) records that map the name of the domain controller to its IP addresses are missing or contain incorrect addresses.
- Domain controllers registered in DNS are not connected to the network or are not running.
-----
I've seen many posts about related problems. I'll try to include all the answers to the typical questions to begin with.
The server is Win 2003 Standard, SP1. It was promoted to a DC and DNS. I used the integrated AD option when promoting and allowed it to create the DNS, rather than installing separately. Originally I had some missing DNS records but netdiag /fix created them. Dynamic updates are enabled for secure only. It passes all tests for dcdiag /c only complaining about root hints, but I understand that is okay). It passes all tests for netdiag /d:f.c.com. I can see the netlogon folder in \\myserver. No DHCP, DNS is itself. Not using single label domain name. The time on the two machines is less than 30 sec apart.
ADU&C shows the domain name is: f.c.com and myserver is in the Domain Controllers folder
dnslint /ad /s 1.2.3.4 only shows one error:
DNS server: myserver
IP Address: 1.2.3.4
UDP port 53 responding to queries: YES
TCP port 53 responding to queries: Not tested
Answering authoritatively for domain: NO
[snip]
One or more DNS servers is not authoritative for the domain
Here is the ipconfig /all for the server:
Windows IP Configuration
Host Name . . . . . . . . . . . . : myserver
Primary Dns Suffix . . . . . . . : f.c.com
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : f.c.com
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8139 Family PCI Fast Ethernet
NIC
Physical Address. . . . . . . . . : 00-13-D3-15-C8-7F
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 1.2.3.4
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 1.2.3.1
DNS Servers . . . . . . . . . . . : 1.2.3.4
NetBIOS over Tcpip. . . . . . . . : Disabled
-----
The client I'm adding to the domain is Win 2003 R2 SP2. DNS is set to my DC/DNS IP only, not ISP's. I can ping 1.2.3.4. nslookup shows my DC/DNS as the default server with the correct IP address. nslookup works for FQDN (myserver.f.c.com) but NOT host name alone (myserver).
dnslint /ad 1.2.3.4 /s 1.2.3.4 (run on client) fails with this error:
LDAP query to speficied LDAP server on TCP port 389 failed
Server Down
The client had DNS preinstalled, but I stopped the dnsserver service.
Here is the ipconfig /all for the client:
Windows IP Configuration
Host Name . . . . . . . . . . . . : myclient
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) 82566DC Gigabit Network Connection
Physical Address. . . . . . . . . : 00-16-76-C9-F2-AD
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 6.7.8.9
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 6.7.8.1
DNS Servers . . . . . . . . . . . : 1.2.3.4
thanks for the help!
Answer : Cannot make computer member of new Win 2003 domain in 2 computer set up
Umm, never tried using 1.2.3.4 and then 5.6.7.8
Did you try using reserved IP's which are designed to be used on private networks?
Here's a quote from another source:
Because of the growing shortage of IP addresses, there is a special set of IP addresses that have been set aside by the Internet Assigned Numbers Authority (IANA) for private networks. These addresses should not be assigned to any system connected to the Internet.
There are three blocks of private IP addresses:
10.0.0.0 through 10.255.255.255
172.16.0.0 through 172.31.255.255
192.168.0.0 through 192.168.255.255
The first block is a single Class A network number, the second block is a set of 16 contiguous Class B network numbers, and the third block is a set of 255 contiguous Class C network numbers.
I'd use the 192.168.x.x range if it's a small network.
Not sure that this even has anything to do with solving the problem, but there might be something built into the Windows OS that tells it to expect a range of IP's from within a specific range.
Random Solutions
Recommended tools to diagnose a network ?
Cisco PIX addition for extranet connection causes network outage
Removing an Active Directory replication Partner
Root Hints in DNS config
Cisco Antenna - Troubleshooting
SMTP CPJNSMTPConnection embed image in email MFC Visual C++ 6.0
Custom Context not working, How to setup
LINUX/UNIX %CPU and Memory via SNMP
Sender ID pra not permitted, only fails from Lotus Domino server
Worldclient configuration issue