Can't join Win2k Pro Client to Domain after SUS Update

Discussion in 'DNS Server' started by David Reed, Sep 23, 2004.

  1. In
    You said 172.16.1.3 is the backup DNS, where is this DNS server and does it
    have the AD zone in it?



    --
    Best regards,
    Kevin D4 Dad Goodknecht Sr. [MVP]
    Hope This Helps
    ===================================
    When responding to posts, please "Reply to Group"
    via your newsreader so that others may learn and
    benefit from your issue, to respond directly to
    me remove the nospam. from my email address.
    ===================================
    http://www.lonestaramerica.com/
    ===================================
    Use Outlook Express?... Get OE_Quotefix:
    It will strip signature out and more
    http://home.in.tum.de/~jain/software/oe-quotefix/
    ===================================
    Keep a back up of your OE settings and folders
    with OEBackup:
    http://www.oehelp.com/OEBackup/Default.aspx
    ===================================
     
    Kevin D. Goodknecht Sr. [MVP], Sep 24, 2004
    #21
    1. Advertisements

  2. In
    The one major one that stands out is 5719 (besides your 3034's).

    Need to ask, what applications, devices, or anything else that you can think
    of, other than the 'normal' MS office apps, etc, that maybe installed on
    this machine? I'm looking more for what devices are on it, such as NIC type,
    is there a PPTP adapter (such as for DSL), etc? This whole thing can also be
    based on a NIC driver problem or a stack corruption. But we'll need to
    determine that first...

    Can you ping your DNS server name by using it's FQDN (ping
    servername.domain.com)?
    Can you ping your domain controller in that fashion as well?
    Can you ping anything external such as, ping 4.2.2.2? Does that respond?
    Can you ping www.yahoo.com?
    If you can run nslookup on this machine, try these commands for us and paste
    the response please:

    nslookup
    Thanks!


    --
    Regards,
    Ace

    Please direct all replies ONLY to the Microsoft public newsgroups
    so all can benefit.

    This posting is provided "AS-IS" with no warranties or guarantees
    and confers no rights.

    Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
    Microsoft Windows MVP - Windows Server - Directory Services

    Security Is Like An Onion, It Has Layers
    HAM AND EGGS: A day's work for a chicken;
    A lifetime commitment for a pig.
     
    Ace Fekay [MVP], Sep 26, 2004
    #22
    1. Advertisements

  3. David Reed

    David Reed Guest

    Well, I just know there's nothing wrong with our DNS servers or anything,
    everything else is working fine, all our other systems are fine, which is
    why I'm reluctant to do anything to/with the servers, you know?
     
    David Reed, Sep 27, 2004
    #23
  4. David Reed

    David Reed Guest

    Hi Kevin,

    Thanks for the response. Well, this DNS server is located in the same room
    as the other DNS server (172.16.1.1). We are a small computer with only 50
    or so employees, so we are all located geographically in the same building,
    on the same domain. :)

    The part that really bends my noodle is that it joined the domain just fine
    before this update was done, then the update was done from the SUS server,
    then rebooted, now it won't join the domain.

    David
     
    David Reed, Sep 27, 2004
    #24
  5. David Reed

    David Reed Guest

    I think you may be thinking in the direction I was thinking as well. I am
    going to check out your questions, and I"ll let you know what I find.

    I know that there is some ODBC stuff installed on it, maybe some SQL. But
    the NIC is the standard on-board NIC for the Dell Optiplex GX400, and it
    (was) just joining our domain before.

    Thanks, I'm going to print this and check it out!

    I'll get back to you soon.

    David

    "Ace Fekay [MVP]"
     
    David Reed, Sep 27, 2004
    #25
  6. In
    Does this DNS have a zone for the AD domain?

    You might also try this, just in case the Winsock got corrupted.
    811259 - How to determine and recover from Winsock2 corruption:
    http://support.microsoft.com/default.aspx?scid=kb;en-us;811259


    --
    Best regards,
    Kevin D4 Dad Goodknecht Sr. [MVP]
    Hope This Helps
    ===================================
    When responding to posts, please "Reply to Group"
    via your newsreader so that others may learn and
    benefit from your issue, to respond directly to
    me remove the nospam. from my email address.
    ===================================
    http://www.lonestaramerica.com/
    ===================================
    Use Outlook Express?... Get OE_Quotefix:
    It will strip signature out and more
    http://home.in.tum.de/~jain/software/oe-quotefix/
    ===================================
    Keep a back up of your OE settings and folders
    with OEBackup:
    http://www.oehelp.com/OEBackup/Default.aspx
    ===================================
     
    Kevin D. Goodknecht Sr. [MVP], Sep 27, 2004
    #26
  7. David Reed

    David Reed Guest

    Hi Ace,

    Below are your questions, with the answers posted directly afterward:
    A. I did a quick check, and found:
    Cognos
    Deltek GCS
    ODBC
    QuickBooks Pro
    Rapid Payroll

    All of these are 'standard' programs that our billing and payroll
    girl (who's computer this is) uses.
    A. 3Com 3C905C-TX compatable on-board NIC
    A. I did find this listed as another protocol, and hav eno idea what it
    is, or why it's there:

    3Com BCAITDI DMI TDI

    This whole thing can also be
    A. Yes.
    A. Yes. In fact, the DNS server is also the domain controller, so yes to
    both, because they are the same box.
    A. I could ping this (4.2.2.2) specifically, yes.
    A. Yes.
    A. Yes.
    I ran NSLOOKUP, and this is the result:

    ls -t SRV srdcorp.com (I assume that is LS, not 1s or something)?
    LS: Socket: NO Error
    *** Can't list domain srdcorp.com: Unspecified Error.

    Does this help?

    David
     
    David Reed, Sep 27, 2004
    #27
  8. David Reed

    David Reed Guest

    Hi Kevin,

    I hate to say this, but I don't know how to check to see if this DNS has a
    zone for this AD domain. But because "everything else" (all other computers
    on the network, with the same configuration) work, I'd have to say probably.
    Can you tell me how I would verify that?

    And I will check out the link you just sent, and try that immediately!

    Thanks!

    David
     
    David Reed, Sep 27, 2004
    #28
  9. David Reed

    David Reed Guest

    Hi Kevin,

    This is for WinXP, and this computer is Win2k Pro SP4. But I did as it
    suggested, and it seems that all the required registry keys are there and
    working okay. I have no problem trying to remove the Winsock and
    reinstalling it, if I can find Win2k instructions for that? Maybe that will
    help. Hmmm...

    David
     
    David Reed, Sep 27, 2004
    #29
  10. In
    If you use nslookup do this:
    nslookup
    server 172.16.1.3
    set type=srv
    _ldap._tcp.dc._msdcs.srdcorp.com.



    --
    Best regards,
    Kevin D4 Dad Goodknecht Sr. [MVP]
    Hope This Helps
    ===================================
    When responding to posts, please "Reply to Group"
    via your newsreader so that others may learn and
    benefit from your issue, to respond directly to
    me remove the nospam. from my email address.
    ===================================
    http://www.lonestaramerica.com/
    ===================================
    Use Outlook Express?... Get OE_Quotefix:
    It will strip signature out and more
    http://home.in.tum.de/~jain/software/oe-quotefix/
    ===================================
    Keep a back up of your OE settings and folders
    with OEBackup:
    http://www.oehelp.com/OEBackup/Default.aspx
    ===================================
     
    Kevin D. Goodknecht Sr. [MVP], Sep 27, 2004
    #30
  11. In
    These instructions work for Win2k, too.
    There is an alternate way you can do this on Win2k, delete the keys, then
    uninstall TCP/IP, restart your computer, reinstall TCP/IP and restart the
    computer again.
    817571 - Error message when you try to connect to network An operation was
    attempted on something that is not a socket:
    http://support.microsoft.com/default.aspx?scid=kb;en-us;817571


    --
    Best regards,
    Kevin D4 Dad Goodknecht Sr. [MVP]
    Hope This Helps
    ===================================
    When responding to posts, please "Reply to Group"
    via your newsreader so that others may learn and
    benefit from your issue, to respond directly to
    me remove the nospam. from my email address.
    ===================================
    http://www.lonestaramerica.com/
    ===================================
    Use Outlook Express?... Get OE_Quotefix:
    It will strip signature out and more
    http://home.in.tum.de/~jain/software/oe-quotefix/
    ===================================
    Keep a back up of your OE settings and folders
    with OEBackup:
    http://www.oehelp.com/OEBackup/Default.aspx
    ===================================
     
    Kevin D. Goodknecht Sr. [MVP], Sep 27, 2004
    #31
  12. David Reed

    David Reed Guest

    Hi Kevin,

    Okay, will-do.

    One thing I noted a few minutes ago. I would -expect- it to resolve to
    172.16.1.1 (not 172.16.1.3), which is our "primary" domain controller, not
    172.16.1.3. And yet when I typed in NSLOOKUP, it told me, for sure, it was
    using 172.16.1.3. I don't know why that is. I don't know that it matters
    either, but I thought it was worth noting.

    I am going to go check this right now.

    Thanks,

    David
     
    David Reed, Sep 27, 2004
    #32
  13. David Reed

    David Reed Guest

    Okay, I'm going to go check your other NSLOOKUP suggestion, and then this
    too.

    Thanks,

    David
     
    David Reed, Sep 27, 2004
    #33
  14. David Reed

    David Reed Guest

    Hi Kevin,

    I did as you suggested. The last command
    ("_ldap._tcp.dc._msdcs.srdcorp.com") returned the following result:

    _ldap._tcp.dc._msdcs.srdcorp.com
    SRV Service Location
    Priority = 0
    Weight = 100
    Port = 389
    SVR hostname = corp-file.srdcorp.com

    _ldap._tcp.dc._msdcs.srdcorp.com
    SRV Service Location
    Priority = 0
    Weight = 100
    Port = 389
    SVR hostname = testresults.srdcorp.com

    _ldap._tcp.dc._msdcs.srdcorp.com
    SRV Service Location
    Priority = 0
    Weight = 100
    Port = 389
    SVR hostname = corp-mail1.srdcorp.com

    ==
    David
     
    David Reed, Sep 27, 2004
    #34
  15. David Reed

    Todd J Heron Guest

    Have you done an adware/spyware scan? :)

    --
    Todd J Heron, MCSE
    Windows 2003/2000/NT

     
    Todd J Heron, Sep 27, 2004
    #35
  16. David Reed

    David Reed Guest

    Well, you know, I have to confess that no, I haven't. But since I'm out of
    ideas myself at this point, I've got nothing to lose by trying!

    David

     
    David Reed, Sep 27, 2004
    #36
  17. In
    You have three DCs?
    Do all three have DNS running on them?
    Do you get the same results from both DNS servers you are using?



    --
    Best regards,
    Kevin D4 Dad Goodknecht Sr. [MVP]
    Hope This Helps
    ===================================
    When responding to posts, please "Reply to Group"
    via your newsreader so that others may learn and
    benefit from your issue, to respond directly to
    me remove the nospam. from my email address.
    ===================================
    http://www.lonestaramerica.com/
    ===================================
    Use Outlook Express?... Get OE_Quotefix:
    It will strip signature out and more
    http://home.in.tum.de/~jain/software/oe-quotefix/
    ===================================
    Keep a back up of your OE settings and folders
    with OEBackup:
    http://www.oehelp.com/OEBackup/Default.aspx
    ===================================
     
    Kevin D. Goodknecht Sr. [MVP], Sep 27, 2004
    #37
  18. David Reed

    David Reed Guest

    Hi Kevin,

    Well, I know corp-mail1.srdcorp.com and testresults.srdcorp.com are both
    running DNS (Win2k AD), so that one can provide the services if/when I need
    to shut down the other.

    I'm not sure what you mean did I get the results from both DNS servers...I
    ran the command as you requested, on the client workstation (that won't join
    the domain name). Was I supposed to be running it somewhere else?

    *somewhat confused*
    David
     
    David Reed, Sep 27, 2004
    #38
  19. In
    So the two DNS servers you are using in TCP/IP properties are these two DCs?
    Use the change server command in nslookup for the records you already
    checked on the one. Both servers should return the same records. If one DNS
    fails to return these SRV records it could cause your behavior.

    In addition, you still have not posted the results from the net start
    command. Open a command prompt and type
    net start and hit enter, this will give you a list of the running services.
    Also are there any errors or warnings in the event log?


    --
    Best regards,
    Kevin D4 Dad Goodknecht Sr. [MVP]
    Hope This Helps
    ===================================
    When responding to posts, please "Reply to Group"
    via your newsreader so that others may learn and
    benefit from your issue, to respond directly to
    me remove the nospam. from my email address.
    ===================================
    http://www.lonestaramerica.com/
    ===================================
    Use Outlook Express?... Get OE_Quotefix:
    It will strip signature out and more
    http://home.in.tum.de/~jain/software/oe-quotefix/
    ===================================
    Keep a back up of your OE settings and folders
    with OEBackup:
    http://www.oehelp.com/OEBackup/Default.aspx
    ===================================
     
    Kevin D. Goodknecht Sr. [MVP], Sep 27, 2004
    #39
  20. David Reed

    David Reed Guest

    Hi Kevin,

    OMG, man, it's fixed!!!

    You're never going to guess what I did? I ran Ad-Aware (someone else
    suggested it might be spyware or something)...I ran that, removed all
    entries it found, rebooted, and tried to join the domain. Sure 'nuff, it
    worked!

    Sun-of-a-beech!!!

    I owe you so much for your assistance, thank-you! I know you spent a lot of
    time helping me work this problem. I truly, TRULY appreciate it...

    David
     
    David Reed, Sep 27, 2004
    #40
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.