Error while joining Windows XP client to windows 2000 domain

Archived from groups: microsoft.public.win2000.dns (More info?)

Hello,

I have a Windows2000 Advance Server as a Domain Controller
with Active Directory & DNS.

When i try to join the WIN XP client to the domain i get
the following error. IP Address of the server is
148.172.135.11 & on the client side it is 10.128.184.146
onwards..

"A domain controller for the domain could not be contacted

The error was: "DNS name does not exist."
(error code 0x0000232B RCODE_NAME_ERROR)

The query was for the SRV record for
_ldap._tcp.dc._msdcs.DOMAIN NAME

Common causes of this error include the following:

- The DNS SRV record is not registered in DNS."

Can you pls. help us to resolve this problem.??
5 answers Last reply
More about error joining windows client windows 2000 domain
  1. Archived from groups: microsoft.public.win2000.dns (More info?)

    In news:042501c49230$e40e1470$a401280a@phx.gbl,
    Rajesh Shah <shah_rajesh1234@hotmail.com> made a post then I commented below
    > Hello,
    >
    > I have a Windows2000 Advance Server as a Domain Controller
    > with Active Directory & DNS.
    >
    > When i try to join the WIN XP client to the domain i get
    > the following error. IP Address of the server is
    > 148.172.135.11 & on the client side it is 10.128.184.146
    > onwards..
    >
    > "A domain controller for the domain could not be contacted
    >
    > The error was: "DNS name does not exist."
    > (error code 0x0000232B RCODE_NAME_ERROR)
    >
    > The query was for the SRV record for
    > _ldap._tcp.dc._msdcs.DOMAIN NAME
    >
    > Common causes of this error include the following:
    >
    > - The DNS SRV record is not registered in DNS."
    >
    > Can you pls. help us to resolve this problem.??

    Is 148.172.135.11 a public DNS server or the domain controller?

    If 148.172.135.11 is the domain controller, and the client is behind a NAT,
    it won't work. Kerberos, LDAP, and RPC cannot traverse a NAT.

    If 148.172.135.11 is a public DNS server, then that will cause numerous
    issues. For AD, all machines must ONLY use the internal DNS server that is
    hosting the AD zone. It is looking for that record in your post:
    _ldap._tcp.dc._msdcs.DOMAIN NAME
    Which the ISP's DNS server will not have.

    That _ldap record is an SRV record registered by your domain controller(s).
    Do the SRV records under your zone name in DNS exist?

    Also, I hope that "DOMAIN NAME" that you used is not a single label name
    (should be domain.com, domain.local, etc) or that will cause numerous other
    issues as well.

    If you can, can you post an ipconfig /all from the client and from the DC to
    better assist? That info will surely help us.

    --
    Regards,
    Ace

    Please direct all replies ONLY to the Microsoft public newsgroups
    so all can benefit.

    This posting is provided "AS-IS" with no warranties or guarantees
    and confers no rights.

    Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
    Microsoft Windows MVP - Windows Server - Directory Services

    Security Is Like An Onion, It Has Layers
    HAM AND EGGS: A day's work for a chicken;
    A lifetime commitment for a pig.
    --
    =================================
  2. Archived from groups: microsoft.public.win2000.dns (More info?)

    >-----Original Message-----
    >In news:042501c49230$e40e1470$a401280a@phx.gbl,
    >Rajesh Shah <shah_rajesh1234@hotmail.com> made a post
    then I commented below
    >> Hello,
    >>
    >> I have a Windows2000 Advance Server as a Domain
    Controller
    >> with Active Directory & DNS.
    >>
    >> When i try to join the WIN XP client to the domain i
    get
    >> the following error. IP Address of the server is
    >> 148.172.135.11 & on the client side it is 10.128.184.146
    >> onwards..
    >>
    >> "A domain controller for the domain could not be
    contacted
    >>
    >> The error was: "DNS name does not exist."
    >> (error code 0x0000232B RCODE_NAME_ERROR)
    >>
    >> The query was for the SRV record for
    >> _ldap._tcp.dc._msdcs.DOMAIN NAME
    >>
    >> Common causes of this error include the following:
    >>
    >> - The DNS SRV record is not registered in DNS."
    >>
    >> Can you pls. help us to resolve this problem.??
    >
    >Is 148.172.135.11 a public DNS server or the domain
    controller?
    >
    >If 148.172.135.11 is the domain controller, and the
    client is behind a NAT,
    >it won't work. Kerberos, LDAP, and RPC cannot traverse a
    NAT.
    >
    >If 148.172.135.11 is a public DNS server, then that will
    cause numerous
    >issues. For AD, all machines must ONLY use the internal
    DNS server that is
    >hosting the AD zone. It is looking for that record in
    your post:
    >_ldap._tcp.dc._msdcs.DOMAIN NAME
    >Which the ISP's DNS server will not have.
    >
    >That _ldap record is an SRV record registered by your
    domain controller(s).
    >Do the SRV records under your zone name in DNS exist?
    >
    >Also, I hope that "DOMAIN NAME" that you used is not a
    single label name
    >(should be domain.com, domain.local, etc) or that will
    cause numerous other
    >issues as well.
    >
    >If you can, can you post an ipconfig /all from the client
    and from the DC to
    >better assist? That info will surely help us.
    >
    >--
    >Regards,
    >Ace
    >
    >Please direct all replies ONLY to the Microsoft public
    newsgroups
    >so all can benefit.
    >
    >This posting is provided "AS-IS" with no warranties or
    guarantees
    >and confers no rights.
    >
    >Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I,
    MCT, MVP
    >Microsoft Windows MVP - Windows Server - Directory
    Services
    >
    >Security Is Like An Onion, It Has Layers
    >HAM AND EGGS: A day's work for a chicken;
    >A lifetime commitment for a pig.
    >--
    >=================================
    >Hello Ace,

    When i tried joining 1 win xp client this got joined &
    when i tried joining 2nd winxp client it gave me the above
    mentioned error.

    I am using internal dns which is installed on the
    148.172.135.11 domain controller & the domain name i am
    using is "domainname.com"

    I can see 4 types of srv records under ad zone. &
    148.172.135.11 is not a public dns server.

    I am surprised that my 2nd winxp client failed to join the
    domain with above error. why.???

    I am not at the site to provide you the ipconfig/all at
    the moment because the site is 500 kms. away from where i
    am ..

    Hope the above information provides you to come to a
    resolution.
  3. Archived from groups: microsoft.public.win2000.dns (More info?)

    In news:5e1b01c49241$bb4187a0$a601280a@phx.gbl,
    Rajesh Shah <shah_rajesh1234@hotmail.com> made a post then I commented below

    > Hello Ace,
    >
    > When i tried joining 1 win xp client this got joined &
    > when i tried joining 2nd winxp client it gave me the above
    > mentioned error.
    >
    > I am using internal dns which is installed on the
    > 148.172.135.11 domain controller & the domain name i am
    > using is "domainname.com"
    >
    > I can see 4 types of srv records under ad zone. &
    > 148.172.135.11 is not a public dns server.
    >
    > I am surprised that my 2nd winxp client failed to join the
    > domain with above error. why.???
    >
    > I am not at the site to provide you the ipconfig/all at
    > the moment because the site is 500 kms. away from where i
    > am ..
    >
    > Hope the above information provides you to come to a
    > resolution.

    HI Rajesh,

    Thanks for the additonal info. Good to hear the SRV records exist. I'm just
    confused about the 10.128.184.146 IP address. That appears to be a NAT
    private number and the 148.172.135.11 appears to be a public IP. Hence, why
    I assumed there was a NAT device between them. Normally going thru a NAT
    with AD communication doesn't work. But since you already got one joined,
    its somewhat confusing, so I may not be seeing the whole picture here.

    The error "DNS name does not exist" means it cannot find it in DNS. Look in
    your SRV records for your _ldap.DCname..domain.com record to see if it's
    there. Under _msdcs.gc, does a GC exist for your forest?

    I'm going to assume this is not XP Home and it's Pro. (Home can't join).
    Normally to join, as long as its using the DNS that AD is using, it will
    normally join. How did you supply the domain name? Did you use the Netbios
    name ('domain') or the domain FQDN ('domain.com')? Whichever way you did,
    try it the other way.


    --
    Regards,
    Ace

    Please direct all replies ONLY to the Microsoft public newsgroups
    so all can benefit.

    This posting is provided "AS-IS" with no warranties or guarantees
    and confers no rights.

    Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
    Microsoft Windows MVP - Windows Server - Directory Services

    Security Is Like An Onion, It Has Layers
    HAM AND EGGS: A day's work for a chicken;
    A lifetime commitment for a pig.
    --
    =================================
  4. Archived from groups: microsoft.public.win2000.dns (More info?)

    MF> Kerberos, LDAP, and RPC cannot traverse a NAT.

    LDAP has no problems traversing NAT. I've sat on a machine with a
    non-public IP address and spoken LDAP to servers on Internet, via NAT,
    with no problem whatever.

    NAT implementations have problems with loopback. But those problems are
    generally applicable to _all_ TCP services, not merely to LDAP.
  5. Archived from groups: microsoft.public.win2000.dns (More info?)

    On the XP machine, look in TCP/IP properties, uncheck the "use lmhosts"
    option. Reboot and retry.

    HTH

    --
    Sincerely,

    Dèjì Akómöláfé, MCSE MCSA MCP+I
    Microsoft MVP - Directory Services
    www.readymaids.com - COMPLETE SPAM Protection
    www.akomolafe.com
    Do you now realize that Today is the Tomorrow you were worried about
    Yesterday? -anon


    "Ace Fekay [MVP]"
    <PleaseSubstituteMyActualFirstName&LastNameHere@hotmail.com> wrote in
    message news:OjlIyzpkEHA.556@tk2msftngp13.phx.gbl...
    > In news:5e1b01c49241$bb4187a0$a601280a@phx.gbl,
    > Rajesh Shah <shah_rajesh1234@hotmail.com> made a post then I commented
    below
    >
    > > Hello Ace,
    > >
    > > When i tried joining 1 win xp client this got joined &
    > > when i tried joining 2nd winxp client it gave me the above
    > > mentioned error.
    > >
    > > I am using internal dns which is installed on the
    > > 148.172.135.11 domain controller & the domain name i am
    > > using is "domainname.com"
    > >
    > > I can see 4 types of srv records under ad zone. &
    > > 148.172.135.11 is not a public dns server.
    > >
    > > I am surprised that my 2nd winxp client failed to join the
    > > domain with above error. why.???
    > >
    > > I am not at the site to provide you the ipconfig/all at
    > > the moment because the site is 500 kms. away from where i
    > > am ..
    > >
    > > Hope the above information provides you to come to a
    > > resolution.
    >
    > HI Rajesh,
    >
    > Thanks for the additonal info. Good to hear the SRV records exist. I'm
    just
    > confused about the 10.128.184.146 IP address. That appears to be a NAT
    > private number and the 148.172.135.11 appears to be a public IP. Hence,
    why
    > I assumed there was a NAT device between them. Normally going thru a NAT
    > with AD communication doesn't work. But since you already got one joined,
    > its somewhat confusing, so I may not be seeing the whole picture here.
    >
    > The error "DNS name does not exist" means it cannot find it in DNS. Look
    in
    > your SRV records for your _ldap.DCname..domain.com record to see if it's
    > there. Under _msdcs.gc, does a GC exist for your forest?
    >
    > I'm going to assume this is not XP Home and it's Pro. (Home can't join).
    > Normally to join, as long as its using the DNS that AD is using, it will
    > normally join. How did you supply the domain name? Did you use the Netbios
    > name ('domain') or the domain FQDN ('domain.com')? Whichever way you did,
    > try it the other way.
    >
    >
    > --
    > Regards,
    > Ace
    >
    > Please direct all replies ONLY to the Microsoft public newsgroups
    > so all can benefit.
    >
    > This posting is provided "AS-IS" with no warranties or guarantees
    > and confers no rights.
    >
    > Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
    > Microsoft Windows MVP - Windows Server - Directory Services
    >
    > Security Is Like An Onion, It Has Layers
    > HAM AND EGGS: A day's work for a chicken;
    > A lifetime commitment for a pig.
    > --
    > =================================
    >
    >
Ask a new question

Read More

Domain Windows 2000 Domain Controller DNS Windows XP Windows