Still can't join SBS2003 domain from XPpro client

Discussion in 'Windows Small Business Server' started by vze78se7, Apr 21, 2005.

  1. vze78se7

    vze78se7 Guest

    Hi All:

    I am still unable to get one computer to join a new SBS2003 domain.
    All the other computers on the LAN have been able to join. All are
    various Dell PCs with XPpro running on them.

    I have tried renaming the computer, rebooting, and then trying to join
    the domain, but I still get "Access is denied".

    I have followed all M$oft suggestions for joining the domain. The
    local user account I'm logged in as on the client has administrator
    privileges.

    When trying to join, I've used both the domain Administrator account
    as well as the user's domain account (the domain user is also an
    admin). I've tried deleting the computer from the domain. I've tried
    creating the computer and then joining. Nothing works.

    I am able to walk through all the steps of Network ID Wizard from the
    client, as well as the SBS "join domain" wizard on the default
    website, but it always fails at the last step.

    It "feels" like the last step is to update the registry on the local
    computer with the new login/domain user info, and it is this step that
    is failing. Is it possible that the registry is locked in some way
    preventing the update?

    This is the only computer I've experienced the problem on. I've turned
    off every network share, and stopped the WWW Publishing Service. I
    even tried rebooting in safe mode with networking and joining the
    domain directly, and through the Network ID wizard, still failed.

    I'm out of ideas...if anyone can shed some light I'd be forever
    grateful!
     
    vze78se7, Apr 21, 2005
    #1
    1. Advertisements

  2. give us the output of 'ipconfig /all > c:\ipconfig.txt' from the server and
    the problematic machine.

    Problems with the 'connectcomputer' process are almost always network
    related.
     
    SuperGumby [SBS MVP], Apr 21, 2005
    #2
    1. Advertisements

  3. vze78se7

    pdjamez Guest

    I have seen this behaviour from an xp client which had a messed up local
    security policy. It may be worth checking that the Domain Member
    settings make sense.
     
    pdjamez, Apr 21, 2005
    #3
  4. vze78se7

    vze78se7 Guest

    Server:

    Windows IP Configuration
    Host Name . . . . . . . . . . . . : SERVER
    Primary Dns Suffix . . . . . . . : chanteclairtravelagency.local
    Node Type . . . . . . . . . . . . : Unknown
    IP Routing Enabled. . . . . . . . : Yes
    WINS Proxy Enabled. . . . . . . . : Yes
    DNS Suffix Search List. . . . . . : chanteclairtravelagency.local

    Ethernet adapter Server Local Area Connection:
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network
    Connection
    Physical Address. . . . . . . . . : 00-11-43-ED-CB-FB
    DHCP Enabled. . . . . . . . . . . : No
    IP Address. . . . . . . . . . . . : 192.168.1.45
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Default Gateway . . . . . . . . . : 192.168.1.1
    DNS Servers . . . . . . . . . . . : 216.139.141.17
    216.139.147.15



    Problem Machine:

    Windows IP Configuration
    Host Name . . . . . . . . . . . . : ronaldo3
    Primary Dns Suffix . . . . . . . :
    Node Type . . . . . . . . . . . . : Hybrid
    IP Routing Enabled. . . . . . . . : No
    WINS Proxy Enabled. . . . . . . . : No

    Ethernet adapter Local Area Connection:
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Intel(R) PRO/1000 MT
    Network Connection
    Physical Address. . . . . . . . . : 00-0B-DB-45-30-10
    Dhcp Enabled. . . . . . . . . . . : No
    IP Address. . . . . . . . . . . . : 192.168.1.47
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    IP Address. . . . . . . . . . . . : fe80::20b:dbff:fe45:3010%6
    Default Gateway . . . . . . . . . : 192.168.1.1
    DNS Servers . . . . . . . . . . . : 192.168.1.45
    216.139.147.15
    fec0:0:0:ffff::1%1
    fec0:0:0:ffff::2%1
    fec0:0:0:ffff::3%1

    Tunnel adapter Teredo Tunneling Pseudo-Interface:
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Teredo Tunneling
    Pseudo-Interface
    Physical Address. . . . . . . . . : FF-FF-FF-FF-FF-FF-FF-FF
    Dhcp Enabled. . . . . . . . . . . : No
    IP Address. . . . . . . . . . . . : fe80::5445:5245:444f%5
    Default Gateway . . . . . . . . . :
    NetBIOS over Tcpip. . . . . . . . : Disabled

    Tunnel adapter Automatic Tunneling Pseudo-Interface:
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Automatic Tunneling
    Pseudo-Interface
    Physical Address. . . . . . . . . : C0-A8-01-2F
    Dhcp Enabled. . . . . . . . . . . : No
    IP Address. . . . . . . . . . . . : fe80::5efe:192.168.1.47%2
    Default Gateway . . . . . . . . . :
    DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
    fec0:0:0:ffff::2%1
    fec0:0:0:ffff::3%1
    NetBIOS over Tcpip. . . . . . . . : Disabled


    That's all...still get access is denied when trying to join...
     
    vze78se7, Apr 21, 2005
    #4
  5. vze78se7

    TBarrack Guest

    Honestly, with the hours you have spent on this machine you are better off
    reinstalling it and joining it clean. Sounds like it has issues anyhow. You
    could try restoring the local security policies and using ADSIEdit to make
    sure thier is no account still existing in AD that is preventing you form
    joining but seems more cost effective to just wipe it to me.
     
    TBarrack, Apr 21, 2005
    #5
  6. see, that's all that's needed.

    First, the server is looking to foreign DNS, it should look only to itself.
    The foreign DNS servers should be implemented as forwarders during the
    CEICW.

    The client PC has IPv6 extensions installed, remove them, join the domain,
    and if by some wierd stretch of the imagination you believe you require them
    you can put them back.

    Also, the client is a) not a DHCP client of SBS and b) also using a foreign
    DNS server. ALL members of an Active Directory should look _ONLY_ to an AD
    Integrated DNS server for name resolution, the AD integrated DNS server can
    then either use root hints or forwarders to resolve queries outside the AD.
     
    SuperGumby [SBS MVP], Apr 21, 2005
    #6
  7. vze78se7

    la02 Guest

    Did you try to apply a new SID? There is a free utility at sysinternals.com
     
    la02, Apr 22, 2005
    #7
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.