Still can't join SBS2003 domain from XPpro client

Hi All:

I am still unable to get one computer to join a new SBS2003 domain.
All the other computers on the LAN have been able to join. All are
various Dell PCs with XPpro running on them.

I have tried renaming the computer, rebooting, and then trying to join
the domain, but I still get "Access is denied".

I have followed all M$oft suggestions for joining the domain. The
local user account I'm logged in as on the client has administrator
privileges.

When trying to join, I've used both the domain Administrator account
as well as the user's domain account (the domain user is also an
admin). I've tried deleting the computer from the domain. I've tried
creating the computer and then joining. Nothing works.

I am able to walk through all the steps of Network ID Wizard from the
client, as well as the SBS "join domain" wizard on the default
website, but it always fails at the last step.

It "feels" like the last step is to update the registry on the local
computer with the new login/domain user info, and it is this step that
is failing. Is it possible that the registry is locked in some way
preventing the update?

This is the only computer I've experienced the problem on. I've turned
off every network share, and stopped the WWW Publishing Service. I
even tried rebooting in safe mode with networking and joining the
domain directly, and through the Network ID wizard, still failed.

I'm out of ideas...if anyone can shed some light I'd be forever
grateful!

 

give us the output of 'ipconfig /all > c:\ipconfig.txt' from the server and
the problematic machine.

Problems with the 'connectcomputer' process are almost always network
related.

 

I have seen this behaviour from an xp client which had a messed up local
security policy. It may be worth checking that the Domain Member
settings make sense.

 

Server:

Windows IP Configuration
Host Name . . . . . . . . . . . . : SERVER
Primary Dns Suffix . . . . . . . : chanteclairtravelagency.local
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : Yes
DNS Suffix Search List. . . . . . : chanteclairtravelagency.local

Ethernet adapter Server Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network
Connection
Physical Address. . . . . . . . . : 00-11-43-ED-CB-FB
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.45
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 216.139.141.17
216.139.147.15



Problem Machine:

Windows IP Configuration
Host Name . . . . . . . . . . . . : ronaldo3
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT
Network Connection
Physical Address. . . . . . . . . : 00-0B-DB-45-30-10
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.47
Subnet Mask . . . . . . . . . . . : 255.255.255.0
IP Address. . . . . . . . . . . . : fe80::20b:dbff:fe45:3010%6
Default Gateway . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 192.168.1.45
216.139.147.15
fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1

Tunnel adapter Teredo Tunneling Pseudo-Interface:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling
Pseudo-Interface
Physical Address. . . . . . . . . : FF-FF-FF-FF-FF-FF-FF-FF
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : fe80::5445:5245:444f%5
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Automatic Tunneling Pseudo-Interface:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Automatic Tunneling
Pseudo-Interface
Physical Address. . . . . . . . . : C0-A8-01-2F
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : fe80::5efe:192.168.1.47%2
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Disabled


That's all...still get access is denied when trying to join...

 

Honestly, with the hours you have spent on this machine you are better off
reinstalling it and joining it clean. Sounds like it has issues anyhow. You
could try restoring the local security policies and using ADSIEdit to make
sure thier is no account still existing in AD that is preventing you form
joining but seems more cost effective to just wipe it to me.

 

see, that's all that's needed.

First, the server is looking to foreign DNS, it should look only to itself.
The foreign DNS servers should be implemented as forwarders during the
CEICW.

The client PC has IPv6 extensions installed, remove them, join the domain,
and if by some wierd stretch of the imagination you believe you require them
you can put them back.

Also, the client is a) not a DHCP client of SBS and b) also using a foreign
DNS server. ALL members of an Active Directory should look _ONLY_ to an AD
Integrated DNS server for name resolution, the AD integrated DNS server can
then either use root hints or forwarders to resolve queries outside the AD.

 

Did you try to apply a new SID? There is a free utility at sysinternals.com