Sign in with
Sign up | Sign in
Your question

Error while joining Windows XP client to windows 2000 domain

Last response: in Windows 2000/NT
Share
Anonymous
September 4, 2004 12:40:15 AM

Archived from groups: microsoft.public.win2000.dns (More info?)

Hello,

I have a Windows2000 Advance Server as a Domain Controller
with Active Directory & DNS.

When i try to join the WIN XP client to the domain i get
the following error. IP Address of the server is
148.172.135.11 & on the client side it is 10.128.184.146
onwards..

"A domain controller for the domain could not be contacted

The error was: "DNS name does not exist."
(error code 0x0000232B RCODE_NAME_ERROR)

The query was for the SRV record for
_ldap._tcp.dc._msdcs.DOMAIN NAME

Common causes of this error include the following:

- The DNS SRV record is not registered in DNS."

Can you pls. help us to resolve this problem.??
Anonymous
September 4, 2004 4:02:07 AM

Archived from groups: microsoft.public.win2000.dns (More info?)

In news:042501c49230$e40e1470$a401280a@phx.gbl,
Rajesh Shah <shah_rajesh1234@hotmail.com> made a post then I commented below
> Hello,
>
> I have a Windows2000 Advance Server as a Domain Controller
> with Active Directory & DNS.
>
> When i try to join the WIN XP client to the domain i get
> the following error. IP Address of the server is
> 148.172.135.11 & on the client side it is 10.128.184.146
> onwards..
>
> "A domain controller for the domain could not be contacted
>
> The error was: "DNS name does not exist."
> (error code 0x0000232B RCODE_NAME_ERROR)
>
> The query was for the SRV record for
> _ldap._tcp.dc._msdcs.DOMAIN NAME
>
> Common causes of this error include the following:
>
> - The DNS SRV record is not registered in DNS."
>
> Can you pls. help us to resolve this problem.??

Is 148.172.135.11 a public DNS server or the domain controller?

If 148.172.135.11 is the domain controller, and the client is behind a NAT,
it won't work. Kerberos, LDAP, and RPC cannot traverse a NAT.

If 148.172.135.11 is a public DNS server, then that will cause numerous
issues. For AD, all machines must ONLY use the internal DNS server that is
hosting the AD zone. It is looking for that record in your post:
_ldap._tcp.dc._msdcs.DOMAIN NAME
Which the ISP's DNS server will not have.

That _ldap record is an SRV record registered by your domain controller(s).
Do the SRV records under your zone name in DNS exist?

Also, I hope that "DOMAIN NAME" that you used is not a single label name
(should be domain.com, domain.local, etc) or that will cause numerous other
issues as well.

If you can, can you post an ipconfig /all from the client and from the DC to
better assist? That info will surely help us.

--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services

Security Is Like An Onion, It Has Layers
HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.
--
=================================
Anonymous
September 4, 2004 4:02:08 AM

Archived from groups: microsoft.public.win2000.dns (More info?)

>-----Original Message-----
>In news:042501c49230$e40e1470$a401280a@phx.gbl,
>Rajesh Shah <shah_rajesh1234@hotmail.com> made a post
then I commented below
>> Hello,
>>
>> I have a Windows2000 Advance Server as a Domain
Controller
>> with Active Directory & DNS.
>>
>> When i try to join the WIN XP client to the domain i
get
>> the following error. IP Address of the server is
>> 148.172.135.11 & on the client side it is 10.128.184.146
>> onwards..
>>
>> "A domain controller for the domain could not be
contacted
>>
>> The error was: "DNS name does not exist."
>> (error code 0x0000232B RCODE_NAME_ERROR)
>>
>> The query was for the SRV record for
>> _ldap._tcp.dc._msdcs.DOMAIN NAME
>>
>> Common causes of this error include the following:
>>
>> - The DNS SRV record is not registered in DNS."
>>
>> Can you pls. help us to resolve this problem.??
>
>Is 148.172.135.11 a public DNS server or the domain
controller?
>
>If 148.172.135.11 is the domain controller, and the
client is behind a NAT,
>it won't work. Kerberos, LDAP, and RPC cannot traverse a
NAT.
>
>If 148.172.135.11 is a public DNS server, then that will
cause numerous
>issues. For AD, all machines must ONLY use the internal
DNS server that is
>hosting the AD zone. It is looking for that record in
your post:
>_ldap._tcp.dc._msdcs.DOMAIN NAME
>Which the ISP's DNS server will not have.
>
>That _ldap record is an SRV record registered by your
domain controller(s).
>Do the SRV records under your zone name in DNS exist?
>
>Also, I hope that "DOMAIN NAME" that you used is not a
single label name
>(should be domain.com, domain.local, etc) or that will
cause numerous other
>issues as well.
>
>If you can, can you post an ipconfig /all from the client
and from the DC to
>better assist? That info will surely help us.
>
>--
>Regards,
>Ace
>
>Please direct all replies ONLY to the Microsoft public
newsgroups
>so all can benefit.
>
>This posting is provided "AS-IS" with no warranties or
guarantees
>and confers no rights.
>
>Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I,
MCT, MVP
>Microsoft Windows MVP - Windows Server - Directory
Services
>
>Security Is Like An Onion, It Has Layers
>HAM AND EGGS: A day's work for a chicken;
>A lifetime commitment for a pig.
>--
>=================================
>Hello Ace,

When i tried joining 1 win xp client this got joined &
when i tried joining 2nd winxp client it gave me the above
mentioned error.

I am using internal dns which is installed on the
148.172.135.11 domain controller & the domain name i am
using is "domainname.com"

I can see 4 types of srv records under ad zone. &
148.172.135.11 is not a public dns server.

I am surprised that my 2nd winxp client failed to join the
domain with above error. why.???

I am not at the site to provide you the ipconfig/all at
the moment because the site is 500 kms. away from where i
am ..

Hope the above information provides you to come to a
resolution.
Related resources
Anonymous
September 4, 2004 4:33:41 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

In news:5e1b01c49241$bb4187a0$a601280a@phx.gbl,
Rajesh Shah <shah_rajesh1234@hotmail.com> made a post then I commented below

> Hello Ace,
>
> When i tried joining 1 win xp client this got joined &
> when i tried joining 2nd winxp client it gave me the above
> mentioned error.
>
> I am using internal dns which is installed on the
> 148.172.135.11 domain controller & the domain name i am
> using is "domainname.com"
>
> I can see 4 types of srv records under ad zone. &
> 148.172.135.11 is not a public dns server.
>
> I am surprised that my 2nd winxp client failed to join the
> domain with above error. why.???
>
> I am not at the site to provide you the ipconfig/all at
> the moment because the site is 500 kms. away from where i
> am ..
>
> Hope the above information provides you to come to a
> resolution.

HI Rajesh,

Thanks for the additonal info. Good to hear the SRV records exist. I'm just
confused about the 10.128.184.146 IP address. That appears to be a NAT
private number and the 148.172.135.11 appears to be a public IP. Hence, why
I assumed there was a NAT device between them. Normally going thru a NAT
with AD communication doesn't work. But since you already got one joined,
its somewhat confusing, so I may not be seeing the whole picture here.

The error "DNS name does not exist" means it cannot find it in DNS. Look in
your SRV records for your _ldap.DCname..domain.com record to see if it's
there. Under _msdcs.gc, does a GC exist for your forest?

I'm going to assume this is not XP Home and it's Pro. (Home can't join).
Normally to join, as long as its using the DNS that AD is using, it will
normally join. How did you supply the domain name? Did you use the Netbios
name ('domain') or the domain FQDN ('domain.com')? Whichever way you did,
try it the other way.


--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services

Security Is Like An Onion, It Has Layers
HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.
--
=================================
Anonymous
September 5, 2004 7:43:15 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

MF> Kerberos, LDAP, and RPC cannot traverse a NAT.

LDAP has no problems traversing NAT. I've sat on a machine with a
non-public IP address and spoken LDAP to servers on Internet, via NAT,
with no problem whatever.

NAT implementations have problems with loopback. But those problems are
generally applicable to _all_ TCP services, not merely to LDAP.
Anonymous
September 7, 2004 5:30:01 AM

Archived from groups: microsoft.public.win2000.dns (More info?)

On the XP machine, look in TCP/IP properties, uncheck the "use lmhosts"
option. Reboot and retry.

HTH

--
Sincerely,

Dèjì Akómöláfé, MCSE MCSA MCP+I
Microsoft MVP - Directory Services
www.readymaids.com - COMPLETE SPAM Protection
www.akomolafe.com
Do you now realize that Today is the Tomorrow you were worried about
Yesterday? -anon


"Ace Fekay [MVP]"
<PleaseSubstituteMyActualFirstName&LastNameHere@hotmail.com> wrote in
message news:o jlIyzpkEHA.556@tk2msftngp13.phx.gbl...
> In news:5e1b01c49241$bb4187a0$a601280a@phx.gbl,
> Rajesh Shah <shah_rajesh1234@hotmail.com> made a post then I commented
below
>
> > Hello Ace,
> >
> > When i tried joining 1 win xp client this got joined &
> > when i tried joining 2nd winxp client it gave me the above
> > mentioned error.
> >
> > I am using internal dns which is installed on the
> > 148.172.135.11 domain controller & the domain name i am
> > using is "domainname.com"
> >
> > I can see 4 types of srv records under ad zone. &
> > 148.172.135.11 is not a public dns server.
> >
> > I am surprised that my 2nd winxp client failed to join the
> > domain with above error. why.???
> >
> > I am not at the site to provide you the ipconfig/all at
> > the moment because the site is 500 kms. away from where i
> > am ..
> >
> > Hope the above information provides you to come to a
> > resolution.
>
> HI Rajesh,
>
> Thanks for the additonal info. Good to hear the SRV records exist. I'm
just
> confused about the 10.128.184.146 IP address. That appears to be a NAT
> private number and the 148.172.135.11 appears to be a public IP. Hence,
why
> I assumed there was a NAT device between them. Normally going thru a NAT
> with AD communication doesn't work. But since you already got one joined,
> its somewhat confusing, so I may not be seeing the whole picture here.
>
> The error "DNS name does not exist" means it cannot find it in DNS. Look
in
> your SRV records for your _ldap.DCname..domain.com record to see if it's
> there. Under _msdcs.gc, does a GC exist for your forest?
>
> I'm going to assume this is not XP Home and it's Pro. (Home can't join).
> Normally to join, as long as its using the DNS that AD is using, it will
> normally join. How did you supply the domain name? Did you use the Netbios
> name ('domain') or the domain FQDN ('domain.com')? Whichever way you did,
> try it the other way.
>
>
> --
> Regards,
> Ace
>
> Please direct all replies ONLY to the Microsoft public newsgroups
> so all can benefit.
>
> This posting is provided "AS-IS" with no warranties or guarantees
> and confers no rights.
>
> Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
> Microsoft Windows MVP - Windows Server - Directory Services
>
> Security Is Like An Onion, It Has Layers
> HAM AND EGGS: A day's work for a chicken;
> A lifetime commitment for a pig.
> --
> =================================
>
>
!