Cannot join domain

[news.speedfactory.net]

After reading through every apparently relevant article since June, I am
still at a loss. Any help with the issue described below would be
appreciated:

I am attempting to join a Win 2K Pro machine to an AD domain. I receive the
error message:
------------------------
The following error occured validating the name "mydomain".
This condition may be caused by a DNS lookup problem. For information about
troubleshooting common DNS lookup problems, please see the following
Microsoft Web Site:
http://go.microsoft.com/fwlink/?LinkId=5171

The specified domain either does not exist or could not contacted.
------------------------

I have followed the instructions in this article (as well as various posts
in this newsgroup and KB articles), to no avail.

I have tried the following:
--Setup DNS Server on my DC. My DC and workstation both specify this DC as
their DNS server (only). The DNS Server on the DC has a forwarder to my
ISP's DNS servers.
--I can ping each machine from the other using the Netbios name (and the
FQDN is returned)
--I have tried setting up LMHOSTS file on the workstation to include a
"\0x1b" record and nbtstat -c shows the domain name.
--I have run netdiag and dcdiag and all tests pass
--Verified that the TCP/IP Netbios Helper Service, Workstation, Server
Services are all running
--Unsuccessfully tried using "netdom" to join via command line
--Verified existence of SYSVOL, NETLOGON on server, IPC$ on server and
client
--Have tried using the full domain name ("mydomain.us") as well as the
Pre-2000 name "mydomain" in each possible place to no avail
--I have looked in the netsetup.log file, and see the following:
---------------------------------------------
01/19 10:57:33 NetpDoDomainJoin
01/19 10:57:33 NetpMachineValidToJoin: 'MYWORKSTATION'
01/19 10:57:33 NetpGetLsaPrimaryDomain: status: 0x0
01/19 10:57:33 NetpMachineValidToJoin: status: 0x0
01/19 10:57:33 NetpJoinDomain
01/19 10:57:33 Machine: MYWORKSTATION
01/19 10:57:33 Domain: mydomain
01/19 10:57:33 MachineAccountOU: (NULL)
01/19 10:57:33 Account: (NULL)
01/19 10:57:33 Options: 0x3
01/19 10:57:33 OS Version: 5.0
01/19 10:57:33 Build number: 2195
01/19 10:57:33 ServicePack: Service Pack 4
01/19 10:57:33 NetpValidateName: checking to see if 'mydomain' is valid as
type 3 name
01/19 10:57:33 NetpCheckDomainNameIsValid for mydomain returned 0x54b
01/19 10:57:33 NetpCheckDomainNameIsValid [ Exists ] for 'mydomain' returned
0x54b
01/19 10:57:33 NetpDoDomainJoin: status: 0x54b

 

[Matjaz Ladava [MVP]]

instead of ping use nslookup to check that you can resolve your domain name.
Try to resolve srv records of your DC using nslookup. If you get errors,
that start digging into DNS issues. Run dcdiag (on your DC) and netdiag on
your workstation (from support tools on your server/workstation CD-ROM).

--
Regards

Matjaz Ladava, MCSE, MCSA, MCT, MVP
Microsoft MVP - Active Directory
(e-mail address removed), (e-mail address removed)
http://ladava.com

After reading through every apparently relevant article since June, I am
still at a loss. Any help with the issue described below would be
appreciated:

I am attempting to join a Win 2K Pro machine to an AD domain. I receive the
error message:
------------------------
The following error occured validating the name "mydomain".
This condition may be caused by a DNS lookup problem. For information about
troubleshooting common DNS lookup problems, please see the following
Microsoft Web Site:
http://go.microsoft.com/fwlink/?LinkId=5171

The specified domain either does not exist or could not contacted.
------------------------

I have followed the instructions in this article (as well as various posts
in this newsgroup and KB articles), to no avail.

I have tried the following:
--Setup DNS Server on my DC. My DC and workstation both specify this DC as
their DNS server (only). The DNS Server on the DC has a forwarder to my
ISP's DNS servers.
--I can ping each machine from the other using the Netbios name (and the
FQDN is returned)
--I have tried setting up LMHOSTS file on the workstation to include a
"\0x1b" record and nbtstat -c shows the domain name.
--I have run netdiag and dcdiag and all tests pass
--Verified that the TCP/IP Netbios Helper Service, Workstation, Server
Services are all running
--Unsuccessfully tried using "netdom" to join via command line
--Verified existence of SYSVOL, NETLOGON on server, IPC$ on server and
client
--Have tried using the full domain name ("mydomain.us") as well as the
Pre-2000 name "mydomain" in each possible place to no avail
--I have looked in the netsetup.log file, and see the following:
---------------------------------------------
01/19 10:57:33 NetpDoDomainJoin
01/19 10:57:33 NetpMachineValidToJoin: 'MYWORKSTATION'
01/19 10:57:33 NetpGetLsaPrimaryDomain: status: 0x0
01/19 10:57:33 NetpMachineValidToJoin: status: 0x0
01/19 10:57:33 NetpJoinDomain
01/19 10:57:33 Machine: MYWORKSTATION
01/19 10:57:33 Domain: mydomain
01/19 10:57:33 MachineAccountOU: (NULL)
01/19 10:57:33 Account: (NULL)
01/19 10:57:33 Options: 0x3
01/19 10:57:33 OS Version: 5.0
01/19 10:57:33 Build number: 2195
01/19 10:57:33 ServicePack: Service Pack 4
01/19 10:57:33 NetpValidateName: checking to see if 'mydomain' is valid as
type 3 name
01/19 10:57:33 NetpCheckDomainNameIsValid for mydomain returned 0x54b
01/19 10:57:33 NetpCheckDomainNameIsValid [ Exists ] for 'mydomain' returned
0x54b
01/19 10:57:33 NetpDoDomainJoin: status: 0x54b

 

[news.speedfactory.net]

Thanks for your response.

Could you please elaborate on the use of nslookup? I do not know what to
look for in the results.

I have tried the lookups below on the DC and workstation with the exact same
results.

-----------------------------------------------

nslookup mydc

Server: mydc.mydomain.us
Address: 192.168.2.2

Name: mydc.mydomain.us
Address: 192.168.2.2
-----------------------------------------------

nslookup mydomain

Server: mydc.mydomain.us
Address: 192.168.2.2

*** mydc.mydomain.us can't find mydomain: Non-existent domain
-----------------------------------------------

nslookup mydomain.us

Server: mydc.mydomain.us
Address: 192.168.2.2

Name: briankelly.us
Address: 192.168.2.2
-----------------------------------------------

nslookup myworkstation

Server: mydc.mydomain.us
Address: 192.168.2.2

Name: myworkstation.mydomain.us
Address: 192.168.2.99
-----------------------------------------------

instead of ping use nslookup to check that you can resolve your domain name.
Try to resolve srv records of your DC using nslookup. If you get errors,
that start digging into DNS issues. Run dcdiag (on your DC) and netdiag on
your workstation (from support tools on your server/workstation CD-ROM).

--
Regards

Matjaz Ladava, MCSE, MCSA, MCT, MVP
Microsoft MVP - Active Directory
(e-mail address removed), (e-mail address removed)
http://ladava.com

After reading through every apparently relevant article since June, I am
still at a loss. Any help with the issue described below would be
appreciated:

I am attempting to join a Win 2K Pro machine to an AD domain. I receive the
error message:
------------------------
The following error occured validating the name "mydomain".
This condition may be caused by a DNS lookup problem. For information about
troubleshooting common DNS lookup problems, please see the following
Microsoft Web Site:
http://go.microsoft.com/fwlink/?LinkId=5171

The specified domain either does not exist or could not contacted.
------------------------

I have followed the instructions in this article (as well as various posts
in this newsgroup and KB articles), to no avail.

I have tried the following:
--Setup DNS Server on my DC. My DC and workstation both specify this DC as
their DNS server (only). The DNS Server on the DC has a forwarder to my
ISP's DNS servers.
--I can ping each machine from the other using the Netbios name (and the
FQDN is returned)
--I have tried setting up LMHOSTS file on the workstation to include a
"\0x1b" record and nbtstat -c shows the domain name.
--I have run netdiag and dcdiag and all tests pass
--Verified that the TCP/IP Netbios Helper Service, Workstation, Server
Services are all running
--Unsuccessfully tried using "netdom" to join via command line
--Verified existence of SYSVOL, NETLOGON on server, IPC$ on server and
client
--Have tried using the full domain name ("mydomain.us") as well as the
Pre-2000 name "mydomain" in each possible place to no avail
--I have looked in the netsetup.log file, and see the following:
---------------------------------------------
01/19 10:57:33 NetpDoDomainJoin
01/19 10:57:33 NetpMachineValidToJoin: 'MYWORKSTATION'
01/19 10:57:33 NetpGetLsaPrimaryDomain: status: 0x0
01/19 10:57:33 NetpMachineValidToJoin: status: 0x0
01/19 10:57:33 NetpJoinDomain
01/19 10:57:33 Machine: MYWORKSTATION
01/19 10:57:33 Domain: mydomain
01/19 10:57:33 MachineAccountOU: (NULL)
01/19 10:57:33 Account: (NULL)
01/19 10:57:33 Options: 0x3
01/19 10:57:33 OS Version: 5.0
01/19 10:57:33 Build number: 2195
01/19 10:57:33 ServicePack: Service Pack 4
01/19 10:57:33 NetpValidateName: checking to see if 'mydomain' is valid as
type 3 name
01/19 10:57:33 NetpCheckDomainNameIsValid for mydomain returned 0x54b
01/19 10:57:33 NetpCheckDomainNameIsValid [ Exists ] for 'mydomain' returned
0x54b
01/19 10:57:33 NetpDoDomainJoin: status: 0x54b

 

[David Brandt [MSFT]]

Verify that there is no firewall stuff on that box like blackice etc as
well.

set q=srv then
_ldap._tcp.mydomainname.com

this should query the dns server it is pointed at and return ldap records
for all dc's in that domain.

--
David Brandt
Microsoft Corporation

This posting is provided "AS IS" with no warranties, and confers no rights.
Please do not send e-mail directly to this alias. This alias is for
newsgroup purposes only.

Thanks for your response.

Could you please elaborate on the use of nslookup? I do not know what to
look for in the results.

I have tried the lookups below on the DC and workstation with the exact same

results.

Server: mydc.mydomain.us
Address: 192.168.2.2

Name: mydc.mydomain.us
Address: 192.168.2.2
-----------------------------------------------

nslookup mydomain

Server: mydc.mydomain.us
Address: 192.168.2.2

*** mydc.mydomain.us can't find mydomain: Non-existent domain
-----------------------------------------------

nslookup mydomain.us

Server: mydc.mydomain.us
Address: 192.168.2.2

Name: briankelly.us
Address: 192.168.2.2
-----------------------------------------------

nslookup myworkstation

Server: mydc.mydomain.us
Address: 192.168.2.2

Name: myworkstation.mydomain.us
Address: 192.168.2.99
-----------------------------------------------

instead of ping use nslookup to check that you can resolve your domain name.
Try to resolve srv records of your DC using nslookup. If you get errors,
that start digging into DNS issues. Run dcdiag (on your DC) and netdiag on
your workstation (from support tools on your server/workstation CD-ROM).

--
Regards

Matjaz Ladava, MCSE, MCSA, MCT, MVP
Microsoft MVP - Active Directory
(e-mail address removed), (e-mail address removed)
http://ladava.com

receive
the DC
as

valid

as

type 3 name
01/19 10:57:33 NetpCheckDomainNameIsValid for mydomain returned 0x54b
01/19 10:57:33 NetpCheckDomainNameIsValid [ Exists ] for 'mydomain' returned
0x54b
01/19 10:57:33 NetpDoDomainJoin: status: 0x54b

 

[news.speedfactory.net]

Thanks for the continued help.

There is no firewall or similar software on the box.

The results of the nslookup are as follows (identical results on DC and
Workstation)
-------------------------------------------------
C:\ > nslookup
Default Server: mydc.mydomain.us
Address: 192.168.2.2

set q=srv
_ldap._tcp.mydomain.us

Server: mydc.mydomain.us
Address: 192.168.2.2

_ldap._tcp.mydomain.us SRV service location:
priority = 0
weight = 100
port = 389
svr hostname = mydc.mydomain.us
mydc.mydomain.us internet address = 192.168.2.2
----------------------------------------------------

Thanks,
Brian

Verify that there is no firewall stuff on that box like blackice etc as
well.

set q=srv then
_ldap._tcp.mydomainname.com

this should query the dns server it is pointed at and return ldap records
for all dc's in that domain.

--
David Brandt
Microsoft Corporation

This posting is provided "AS IS" with no warranties, and confers no rights.
Please do not send e-mail directly to this alias. This alias is for
newsgroup purposes only.

Thanks for your response.

Could you please elaborate on the use of nslookup? I do not know what to
look for in the results.

I have tried the lookups below on the DC and workstation with the exact same
Server: mydc.mydomain.us
Address: 192.168.2.2

Name: mydc.mydomain.us
Address: 192.168.2.2
-----------------------------------------------
Server: mydc.mydomain.us
Address: 192.168.2.2

*** mydc.mydomain.us can't find mydomain: Non-existent domain
-----------------------------------------------
Server: mydc.mydomain.us
Address: 192.168.2.2

Name: briankelly.us
Address: 192.168.2.2
-----------------------------------------------
Server: mydc.mydomain.us
Address: 192.168.2.2

Name: myworkstation.mydomain.us
Address: 192.168.2.99

netdiag

on

I

am

this

DC

to

my

ISP's DNS servers.
--I can ping each machine from the other using the Netbios name (and the
FQDN is returned)
--I have tried setting up LMHOSTS file on the workstation to include a
"\0x1b" record and nbtstat -c shows the domain name.
--I have run netdiag and dcdiag and all tests pass
--Verified that the TCP/IP Netbios Helper Service, Workstation, Server
Services are all running
--Unsuccessfully tried using "netdom" to join via command line
--Verified existence of SYSVOL, NETLOGON on server, IPC$ on server and
client
--Have tried using the full domain name ("mydomain.us") as well as the
Pre-2000 name "mydomain" in each possible place to no avail
--I have looked in the netsetup.log file, and see the following:
---------------------------------------------
01/19 10:57:33 NetpDoDomainJoin
01/19 10:57:33 NetpMachineValidToJoin: 'MYWORKSTATION'
01/19 10:57:33 NetpGetLsaPrimaryDomain: status: 0x0
01/19 10:57:33 NetpMachineValidToJoin: status: 0x0
01/19 10:57:33 NetpJoinDomain
01/19 10:57:33 Machine: MYWORKSTATION
01/19 10:57:33 Domain: mydomain
01/19 10:57:33 MachineAccountOU: (NULL)
01/19 10:57:33 Account: (NULL)
01/19 10:57:33 Options: 0x3
01/19 10:57:33 OS Version: 5.0
01/19 10:57:33 Build number: 2195
01/19 10:57:33 ServicePack: Service Pack 4
01/19 10:57:33 NetpValidateName: checking to see if 'mydomain' is

valid

as
type 3 name
01/19 10:57:33 NetpCheckDomainNameIsValid for mydomain returned 0x54b
01/19 10:57:33 NetpCheckDomainNameIsValid [ Exists ] for 'mydomain'
returned
0x54b
01/19 10:57:33 NetpDoDomainJoin: status: 0x54b

 

[news.speedfactory.net]

I have also tried using "nlstest". This returns different results between
the Workstation and Server...

-----------------------------------------------------------------
Server Results:
-----------------------------------------------------------------
C:\> nltest /dsgetdc:mydomain.us
DC: \\mydc.mydomain.us
Address: \\192.168.2.2
Dom Guid: b187fccc-a3e1-4f22-8b3f-8c6f3c4584df
Dom Name: mydomain.us
Forest Name: mydomain.us
Dc Site Name: Default-First-Site-Name
Our Site Name: Default-First-Site-Name
Flags: PDC GC DS LDAP KDC TIMESERV WRITABLE DNS_DC DNS_DOMAIN
DNS_FOREST
CLOSE_SITE
The command completed successfully
-----------------------------------------------------------------
Workstation Results:
-----------------------------------------------------------------
C:\> nltest /dsgetdc:mydomain.us
DsGetDcName failed: Status = 10022 0x2726 WSAEINVAL
-----------------------------------------------------------------

I have tried to do some research on WSAEINVAL, but it starts getting into
the WinSock layer and I get lost immediately.

Any suggestions?

Thanks,
Brian

Thanks for the continued help.

There is no firewall or similar software on the box.

The results of the nslookup are as follows (identical results on DC and
Workstation)
-------------------------------------------------
C:\ > nslookup
Default Server: mydc.mydomain.us
Address: 192.168.2.2

set q=srv
_ldap._tcp.mydomain.us

Server: mydc.mydomain.us
Address: 192.168.2.2

_ldap._tcp.mydomain.us SRV service location:
priority = 0
weight = 100
port = 389
svr hostname = mydc.mydomain.us
mydc.mydomain.us internet address = 192.168.2.2
----------------------------------------------------

Thanks,
Brian

Verify that there is no firewall stuff on that box like blackice etc as
well.


this should query the dns server it is pointed at and return ldap records
for all dc's in that domain.

--
David Brandt
Microsoft Corporation

This posting is provided "AS IS" with no warranties, and confers no rights.
Please do not send e-mail directly to this alias. This alias is for
newsgroup purposes only.
exact
same netdiag

June,

I this to (and
the

include

a

"\0x1b" record and nbtstat -c shows the domain name.
--I have run netdiag and dcdiag and all tests pass
--Verified that the TCP/IP Netbios Helper Service, Workstation, Server
Services are all running
--Unsuccessfully tried using "netdom" to join via command line
--Verified existence of SYSVOL, NETLOGON on server, IPC$ on server and
client
--Have tried using the full domain name ("mydomain.us") as well as the
Pre-2000 name "mydomain" in each possible place to no avail
--I have looked in the netsetup.log file, and see the following:
---------------------------------------------
01/19 10:57:33 NetpDoDomainJoin
01/19 10:57:33 NetpMachineValidToJoin: 'MYWORKSTATION'
01/19 10:57:33 NetpGetLsaPrimaryDomain: status: 0x0
01/19 10:57:33 NetpMachineValidToJoin: status: 0x0
01/19 10:57:33 NetpJoinDomain
01/19 10:57:33 Machine: MYWORKSTATION
01/19 10:57:33 Domain: mydomain
01/19 10:57:33 MachineAccountOU: (NULL)
01/19 10:57:33 Account: (NULL)
01/19 10:57:33 Options: 0x3
01/19 10:57:33 OS Version: 5.0
01/19 10:57:33 Build number: 2195
01/19 10:57:33 ServicePack: Service Pack 4
01/19 10:57:33 NetpValidateName: checking to see if 'mydomain' is valid
as
type 3 name
01/19 10:57:33 NetpCheckDomainNameIsValid for mydomain returned 0x54b
01/19 10:57:33 NetpCheckDomainNameIsValid [ Exists ] for 'mydomain'
returned
0x54b
01/19 10:57:33 NetpDoDomainJoin: status: 0x54b