Can't join Win2k Pro Client to Domain after SUS Update

[David Reed]

Hi Phillip,

Could you give me some guidance on how you did that?

I know the DNS settings are "right" on the local client, but it seems like
this update (which I think was the .NET Framework 1.1 update (though I know
other computers on the network have that installed) changed a security
setting or something. I've since uninstalled that update, but no change was
evident.

I'm truly confused, what might have happened to suddenly prevent the
computer from connecting to the domain, when it was working fine before the
SUS update was done.

David

That last time it happened to me it was just a simple DNS setting. I had to
run only one DNS setting on the client and it had to be the AD/DNS. Once
the machine is "joined" there is a little bit more flexability, but it is
really picky before you get it joined. I also used a WINS Server that the
DC/DNS and the client both pointed to.


--

Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com

Phillip,

Okay.

I'm still dead in the water here.

I don't understand it, because I've got complete network connectivity. I
could even NET SEND a message from another computer on the network, and it
worked fine. It just won't let me join the domain.

ARGH!

HELP!

David

 

[Phillip Windell]

Hi Phillip,

Could you give me some guidance on how you did that?

It is just the normal DNS setting in the normal network settings. Just give
it the one DNS,...your Active Directory DNS,...that is it,...no other DNS
Servers from anywhere else. WINS is the same way.

 

[Kevin D. Goodknecht Sr. [MVP]]

In

Hi Kevin,

I appreciate that, and the note that you would be out an
hour.

I'm sorry I didn't understand what you said, when you
asked me what is the DNS at that address. Do you mean
what is the DNS server on our network? If so, then
172.16.1.1 and 172.16.1.3 are the correct IPs for the
primary and backup DNS (in that order).

You said 172.16.1.3 is the backup DNS, where is this DNS server and does it
have the AD zone in it?

 

[Mark-Allen Perry]

Check: http://www.eventid.net/display.asp?eventid=5719&eventno=104&source=NETLOGON&phase=1

Maybe this will help, although it appears a lot to check.

--
And always try the MS KB first before posting.
The answer is probably already posted.
MS KB: http://support.microsoft.com/default.aspx?scid=fh;EN-US;KBHOWTO
----
Mark-Allen Perry
ALPHA Systems
Marly, Switzerland
mark-allen_AT_mvps_DOT_org

I also checked the Words, and it said the following:

0000: c000005e - Event ID 5719 Source: Net Logon (and)
0000: 000000ff - Event ID 6006

David

 

[Ace Fekay [MVP]]

In

Here is a copy of the System Log, from the time the problems started
until a few minutes ago. The problem started right after the
update at 2:58pm on 09/23/04. It rebooted, and from then on wouldn't
join the domain.

David
=====================

The one major one that stands out is 5719 (besides your 3034's).

Need to ask, what applications, devices, or anything else that you can think
of, other than the 'normal' MS office apps, etc, that maybe installed on
this machine? I'm looking more for what devices are on it, such as NIC type,
is there a PPTP adapter (such as for DSL), etc? This whole thing can also be
based on a NIC driver problem or a stack corruption. But we'll need to
determine that first...

Can you ping your DNS server name by using it's FQDN (ping
servername.domain.com)?
Can you ping your domain controller in that fashion as well?
Can you ping anything external such as, ping 4.2.2.2? Does that respond?
Can you ping www.yahoo.com?
If you can run nslookup on this machine, try these commands for us and paste
the response please:

nslookup

ls -t SRV srdcorp.com

Thanks!


--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services

Security Is Like An Onion, It Has Layers
HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.

 

[David Reed]

Well, I just know there's nothing wrong with our DNS servers or anything,
everything else is working fine, all our other systems are fine, which is
why I'm reluctant to do anything to/with the servers, you know?

 

[David Reed]

Hi Kevin,

Thanks for the response. Well, this DNS server is located in the same room
as the other DNS server (172.16.1.1). We are a small computer with only 50
or so employees, so we are all located geographically in the same building,
on the same domain.

The part that really bends my noodle is that it joined the domain just fine
before this update was done, then the update was done from the SUS server,
then rebooted, now it won't join the domain.

David

 

[David Reed]

I'll check these out.

I did check the MS KB first, but may not have found these specific items.

Thanks,

David
Check: http://www.eventid.net/display.asp?eventid=5719&eventno=104&source=NETLOGON&phase=1

Maybe this will help, although it appears a lot to check.

--
And always try the MS KB first before posting.
The answer is probably already posted.
MS KB: http://support.microsoft.com/default.aspx?scid=fh;EN-US;KBHOWTO
----
Mark-Allen Perry
ALPHA Systems
Marly, Switzerland
mark-allen_AT_mvps_DOT_org

I also checked the Words, and it said the following:

0000: c000005e - Event ID 5719 Source: Net Logon (and)
0000: 000000ff - Event ID 6006

David

 

[David Reed]

I think you may be thinking in the direction I was thinking as well. I am
going to check out your questions, and I"ll let you know what I find.

I know that there is some ODBC stuff installed on it, maybe some SQL. But
the NIC is the standard on-board NIC for the Dell Optiplex GX400, and it
(was) just joining our domain before.

Thanks, I'm going to print this and check it out!

I'll get back to you soon.

David

"Ace Fekay [MVP]"

 

[Kevin D. Goodknecht Sr. [MVP]]

In

Hi Kevin,

Thanks for the response. Well, this DNS server is
located in the same room as the other DNS server
(172.16.1.1). We are a small computer with only 50 or so
employees, so we are all located geographically in the
same building, on the same domain.

The part that really bends my noodle is that it joined
the domain just fine before this update was done, then
the update was done from the SUS server, then rebooted,
now it won't join the domain.

Does this DNS have a zone for the AD domain?

You might also try this, just in case the Winsock got corrupted.
811259 - How to determine and recover from Winsock2 corruption:
http://support.microsoft.com/default.aspx?scid=kb;en-us;811259

 

[David Reed]

Hi Ace,

Below are your questions, with the answers posted directly afterward:

Need to ask, what applications, devices, or anything else that you can think
of, other than the 'normal' MS office apps, etc, that maybe installed on
this machine?

A. I did a quick check, and found:
Cognos
Deltek GCS
ODBC
QuickBooks Pro
Rapid Payroll

All of these are 'standard' programs that our billing and payroll
girl (who's computer this is) uses.

I'm looking more for what devices are on it, such as NIC type,

A. 3Com 3C905C-TX compatable on-board NIC

is there a PPTP adapter (such as for DSL), etc?

A. I did find this listed as another protocol, and hav eno idea what it
is, or why it's there:

3Com BCAITDI DMI TDI

This whole thing can also be

based on a NIC driver problem or a stack corruption. But we'll need to
determine that first...

Can you ping your DNS server name by using it's FQDN (ping
servername.domain.com)?

A. Yes.

Can you ping your domain controller in that fashion as well?

A. Yes. In fact, the DNS server is also the domain controller, so yes to
both, because they are the same box.

Can you ping anything external such as, ping 4.2.2.2?

A. I could ping this (4.2.2.2) specifically, yes.

Does that respond?

A. Yes.

Can you ping www.yahoo.com?

A. Yes.

If you can run nslookup on this machine, try these commands for us and paste
the response please:

nslookup

I ran NSLOOKUP, and this is the result:

ls -t SRV srdcorp.com (I assume that is LS, not 1s or something)?
LS: Socket: NO Error
*** Can't list domain srdcorp.com: Unspecified Error.

Does this help?

David

 

[David Reed]

Hi Kevin,

I hate to say this, but I don't know how to check to see if this DNS has a
zone for this AD domain. But because "everything else" (all other computers
on the network, with the same configuration) work, I'd have to say probably.
Can you tell me how I would verify that?

And I will check out the link you just sent, and try that immediately!

Thanks!

David

 

[David Reed]

Hi Kevin,

This is for WinXP, and this computer is Win2k Pro SP4. But I did as it
suggested, and it seems that all the required registry keys are there and
working okay. I have no problem trying to remove the Winsock and
reinstalling it, if I can find Win2k instructions for that? Maybe that will
help. Hmmm...

David

 

[Kevin D. Goodknecht Sr. [MVP]]

In

Hi Kevin,

I hate to say this, but I don't know how to check to see
if this DNS has a zone for this AD domain. But because
"everything else" (all other computers on the network,
with the same configuration) work, I'd have to say
probably. Can you tell me how I would verify that?

If you use nslookup do this:
nslookup
server 172.16.1.3
set type=srv
_ldap._tcp.dc._msdcs.srdcorp.com.

 

[Kevin D. Goodknecht Sr. [MVP]]

In

Hi Kevin,

This is for WinXP, and this computer is Win2k Pro SP4.
But I did as it suggested, and it seems that all the
required registry keys are there and working okay. I
have no problem trying to remove the Winsock and
reinstalling it, if I can find Win2k instructions for
that? Maybe that will help. Hmmm...

These instructions work for Win2k, too.
There is an alternate way you can do this on Win2k, delete the keys, then
uninstall TCP/IP, restart your computer, reinstall TCP/IP and restart the
computer again.
817571 - Error message when you try to connect to network An operation was
attempted on something that is not a socket:
http://support.microsoft.com/default.aspx?scid=kb;en-us;817571

 

[David Reed]

Hi Kevin,

Okay, will-do.

One thing I noted a few minutes ago. I would -expect- it to resolve to
172.16.1.1 (not 172.16.1.3), which is our "primary" domain controller, not
172.16.1.3. And yet when I typed in NSLOOKUP, it told me, for sure, it was
using 172.16.1.3. I don't know why that is. I don't know that it matters
either, but I thought it was worth noting.

I am going to go check this right now.

Thanks,

David

 

[David Reed]

Okay, I'm going to go check your other NSLOOKUP suggestion, and then this
too.

Thanks,

David

 

[David Reed]

Hi Kevin,

I did as you suggested. The last command
("_ldap._tcp.dc._msdcs.srdcorp.com") returned the following result:

_ldap._tcp.dc._msdcs.srdcorp.com
SRV Service Location
Priority = 0
Weight = 100
Port = 389
SVR hostname = corp-file.srdcorp.com

_ldap._tcp.dc._msdcs.srdcorp.com
SRV Service Location
Priority = 0
Weight = 100
Port = 389
SVR hostname = testresults.srdcorp.com

_ldap._tcp.dc._msdcs.srdcorp.com
SRV Service Location
Priority = 0
Weight = 100
Port = 389
SVR hostname = corp-mail1.srdcorp.com

==
David

 

[Todd J Heron]

Have you done an adware/spyware scan?

--
Todd J Heron, MCSE
Windows 2003/2000/NT

Hi Ace,

Below are your questions, with the answers posted directly afterward:

Need to ask, what applications, devices, or anything else that you can think
of, other than the 'normal' MS office apps, etc, that maybe installed on
this machine?

A. I did a quick check, and found:
Cognos
Deltek GCS
ODBC
QuickBooks Pro
Rapid Payroll

All of these are 'standard' programs that our billing and payroll
girl (who's computer this is) uses.

I'm looking more for what devices are on it, such as NIC type,

A. 3Com 3C905C-TX compatable on-board NIC

is there a PPTP adapter (such as for DSL), etc?

A. I did find this listed as another protocol, and hav eno idea what it
is, or why it's there:

3Com BCAITDI DMI TDI

This whole thing can also be

based on a NIC driver problem or a stack corruption. But we'll need to
determine that first...

Can you ping your DNS server name by using it's FQDN (ping
servername.domain.com)?

A. Yes.

Can you ping your domain controller in that fashion as well?

A. Yes. In fact, the DNS server is also the domain controller, so yes to
both, because they are the same box.

Can you ping anything external such as, ping 4.2.2.2?

A. I could ping this (4.2.2.2) specifically, yes.

Does that respond?

A. Yes.

Can you ping www.yahoo.com?

A. Yes.

If you can run nslookup on this machine, try these commands for us and paste
the response please:

nslookup

I ran NSLOOKUP, and this is the result:

ls -t SRV srdcorp.com (I assume that is LS, not 1s or something)?
LS: Socket: NO Error
*** Can't list domain srdcorp.com: Unspecified Error.

Does this help?

David

 

[David Reed]

Well, you know, I have to confess that no, I haven't. But since I'm out of
ideas myself at this point, I've got nothing to lose by trying!

David

Have you done an adware/spyware scan?

--
Todd J Heron, MCSE
Windows 2003/2000/NT

Hi Ace,

Below are your questions, with the answers posted directly afterward:


A. I did a quick check, and found:
Cognos
Deltek GCS
ODBC
QuickBooks Pro
Rapid Payroll

All of these are 'standard' programs that our billing and payroll
girl (who's computer this is) uses.


A. 3Com 3C905C-TX compatable on-board NIC


A. I did find this listed as another protocol, and hav eno idea what it
is, or why it's there:

3Com BCAITDI DMI TDI

This whole thing can also be

A. Yes.


A. Yes. In fact, the DNS server is also the domain controller, so

yes