Jump to content
Compatible Support Forums
Sign in to follow this  
shassouneh

Problems logging on a Windows 2000 server domain from a Wind

Recommended Posts

Ok, here is a tough one. I have a Windows 2000 Server machine, and a Windows 2000 Professional machine and I have full administrative rights to both of them. The problem is the following, both machines are connected to a LAN through a 10BT hub. Normal networking through Workgroups seems to be working great, so I know that there is no physical communication problem between the two.

As for IPs, both machines are set up to use dynamically allocated IP address, and i CANNOT change that (very long story).

Here is the problem: I have set up an Active Directory with a Domain COntroller on the servver macine. Furthermore, I have added a computer account and a username / password so that the workstation (win2k pro) may be able to connect to the server. Whenever i try to change the NetID to connect to a Domain instead of a workgroup, I get a prompt for a computer name / domain / user name / password. When i fill those in, I get another prompt AGAIN for the user name, password, and domain, and i fill those in again, but then I get an error message that says "The following error occured while attempting to join the domain 'domainname': The network path was not found!"

and that's all i ever get.

Again, there seems to be NO PHYSICAL COMMUNICATION problem as sharing files/folders/printers works just fine, but logging on to the domain does not!

Someone please help. Any (in fact, ALL) feedback will be greatly appreciated. Thanx!

Share this post


Link to post

90% of Active Directoy based problems are related to DNS.

The fact you're getting a 'Network path not found' error really confirms this.

I'm going to assume that the domain controller is also running a DNS server.

Check the 'Event Log' to make sure that the DNS server on the domain controller isn't giving you any errors.

Set the workstation's prefered DNS server entry under TCP/IP to that of your domain controller.

Next delete the computer account you have created for the workstation, when you 'join a domain' one is automatically created.

Now run the 'joining a domain' wizard again from the workstation.

The first time it asks you for a username/password the domain wont recognise that account as having permission to join a machine to the domain.

It then asks you again for a username/password with permission to join this PC to the domain.

Best bet would be to use:

 

Administrator

Password

Domain name set on the domain controller

 

After this it will ask you if you want to add any users from the workstation.

Say yes and add the username you will use from the Win2k pro machine and give them 'domain admin' rights.

I'm pretty sure all your problems will come down to a DNS issue of some kind, remember AD requires DNS to function.

Share this post


Link to post

Thank you for your reply. However, I am quite uncertain that I am running a DNS server alongside Active Directory. I;m new in this feild, and I did not want to mess with creating a DNS server as I am bound to using dynamic IPs, NOT static ones. The bottom line is that i do not know how to set up a DNS server to begin with.

Also, assuming that I DID set up a DNS server, if I set my workstation to it, then I'll lose my internet connection, since the DNS server is set to an IP address in order for the machine to connect. The reaosn for this is that I am running a cable modem connection to the internet, and it only allows two simultaneous MAC addresses (internet connections). my brother is running one of them, so I am stuck with one and only one MAC address. which means that if i change my TCP/IP settings to point to a server DNS, I may lose my internet connection.

If you know how I can set up a DNS server, please let me know how. Like I said, I am a beginner, but I think i have what it takes to be able to set this up. Thank you for your feedback, and please let me know if you can help me with the DNS server thingy. (Assume that i am NOT running a DNS server)

 

thanx again! :-)

Share this post


Link to post

I'm not going to be much help here, but I will try. I have noticed that on another computer just typing in the location of the server and a profile it is very picky. I had to actually go into network neighborhood, find the exact folder I needed, and then had show full path in address bar turned on, and copy and paste the address. I know it was EXACTLY the same thing I typed, but it did not work. I had to copy and paste it. I don't know why. But if I understand your problem. Try copy and pasting in the link that you know works into where you are tring to tell the client machine where the server profile is.

 

Hope this helps. I am learning all this stuff my self.

Share this post


Link to post

Thanx, but the problem does not seem to be accessing a network resource throuh a workgroup, so copying and pasting a working link should have no effect! The problem lies in the cat that a client (workstation) machine is unable to recognize and communicate succefully with another machine on the network AS A DOMAIN server. The workstation DOES in fact establish a connection with the other machine and can access shared resources, BUT it does not recognize it as a SERVER, but merely as another workstation on the network! Please review my first post (the one that started the thread), and it explains what i mean. Thanx for tyring anyways. I appreciate it! :-)

 

The call is still out to anyone who may know how to work around this problem. Again, please read the first post of this thread as it contains a detailed desciption of the problem!

Share this post


Link to post

Came a bit late to the conversation, but let's see if we can clear this up. First, AD requires DNS, period. Now, since your ISP has no idea whatsoever what your AD info is, then AD resources will not work. The reason that you can browse each machine at all is that you are probably using NetBIOS over TCP/IP, and both machines have valid IPs from your cable modem. In order to install AD, you *can* do it without setting up a DNS server at that moment, but the installation program would be under the assumption that you already have DNS boxes on the network. Since you have DNS IPs for the NICs, your AD system is trying to get resource info from that server, which is more than likely giving it very, VERY simple information in response. AD isn't something that you can jump into very easily at all. I went through 4 server installs before I got AD to do what I wanted, and I had been working with manuals at the same time. I use AD at home, and I have a cable modem as well. What I do is use a Linksys router and I have both AD controllers and both workstations connected to it. Therefore, they can all get online and share resources as well. In addition, both servers are also my DNS servers, and I have them configured to pass requests to my ISP DNS servers when the get requests that they don't have info (as in web addresses). Do yourself a favor, and pick up a book (or two) on AD before you really try getting much further in it. I have 2 of them from Sybex, plus my MCP handbook for "Up[censored] Support Skills from NT 4.0 to Windows 2000". All three of these books cover DNS quite well as it's a requirement of AD.

Share this post


Link to post

Hmm, pardon my ignorance, but I'm still new to all this server bsuiness! I am not even quite sure what Active Directory is, let alone what a "domain" is supposed to be. Anyways, I have messed with ActiveDirectory a little, and I beleive its set up properly. However, how the *&$^#*@ do you set up a DNS server in a simple way? Bear in mind the following:

-All machines are bound to DYNAMIC IPs, NOT static ones. Therer is no way to force static IPs on them (succesfuly) [read below].

-Only two simultaneous MAC addresses allowed by the cable modem / ISP, therefore due to the fact that one MAC address is already taken, and my workstation took the other, the server CANNOT be assigned a MAC address of its own, so for the sake of internet connection, it should be offline.

 

So how exactly do i set up a DNS server. All i want the domain to do is simply control file shares / printer / folder / file sharing, and so forth, and nothing really fancy, so this should be a peice of cake for you guys.

Someone pleeease help. I'm lost here!

Share this post


Link to post

OK, the MAC address "issue" is a simple one. The DNS "server" is just going to be another service that you will install onto your existing server. Since it's on the same box, and you have one NIC in it, you would not be adding anymore MAC addresses to your network. However, does the IP of the server ever change (is it using DHCP)? If so, it wont let you install the DNS service anyway.

 

Now, as far as a "simple" way to describe the setup of DNS, well there isn't one. Sorry, but you will have to read a bit on this topic. There is a ton of useful information on Technet, so is the URL with the search string that I used:

 

http://search.microsoft.com/us/itresourc...;p=1&nq=NEW

 

Good Luck.

Share this post


Link to post

I feel the exact same way you do shassouneh. I am still learning it and don't quite understand it. But have messed with it some. If I had more time I could make this my day job. Which might be a good idea LOL.

Share this post


Link to post

This was really a difficult thread to post into - I wasn't sure how up on Active Directory & DNS you were.

AD, as Cluth has said, isn't really something you can stumble into.

About 8 months ago I rolled out an AD Win2k Domain at work to replace the NT4 domain that was currently in place.

Thankfully I was able to run the two networks side-by-side for about a month.

The Dell servers came with Win2k Server already installed, but within a day I was blowing that installation away and starting again due to me messing things up.

I'm pleased to say I now have a fully functional AD domain, when AD is set-up correctly it works very, very well.

If you're not to sure on AD you can install a Win2k server in 'NT4 Compatible' mode, IE it will run a standard Domain rather than an AD enabled one.

With AD you need to know how DNS works, AD can't function without DNS.

Pick up a couple of good books, I picked two up by Sybex and one MS Press one.

Worked through them, as you work through them fully expect to have to wipe the machine at least once!

Share this post


Link to post

Man after reading some stuff. I still have little idea of what the hell AD is and what it does.

 

Can anyone explain it in easy to understand terms? I mean... I am very computer literate and all, but this is some heavy **** for someone just getting into the server world.

Share this post


Link to post

Well that's just it - Active Directory really isn't designed for somebody new to the server world - it's more complex than that.

What is it in simple terms?

That's quite difficult to describe actually.

 

Active Directory is just that, a directory of objects that is replicated across every domain controller in your Windows 2000 domain.

A database if you will containing many hundreds or thousands or even hundreds of thousands of unique objects.

These objects might be users, printers, contacts, computers, whatever they are they are stored in a massive Active Directory database.

What also needs to be noted about a Win2k domain as opposed to an NT4 one is the lack of real PDC (Primary Domain Controller) & BDC's (Backup Domain COntrollers).

All servers in a Win2k domain take an equal role in logging people in, providing varification, maintaining browse lists - all the servers are simply known as 'Domain Controllers'.

The Active Directory is radically different from how winNT 4 domains kept track of objects and is closer in design to Novell's NDS (Novell Directory System).

In fact AD doesn't yet quite offer the functionality or features that NDS does - but as Novell is a dying system, AD is a logical step.

Active Directory relies on TCP/IP to communicate with all the objects it knows about and to do that it needs access to a DNS (Domain Name system).

The DNS in it's simplest form is just a list, telling what IP address each computer is using.

Remember PC's using TCP/IP don't care what the real name is, they have to go and translate that into something they understand - the IP address.

SO if I query the DNS and say 'Who is Dave?' it will reply '192.0.0.1'

Of course if I query 'Who is 192.0.0.1?' it will reply '192.0.0.1' stupid!

So then you need to add reverse DNS lookup's - 'Who is 192.0.0.1?' 'Dave'.

 

Ya really going to need to pick some books up on this my friend.

It isn't easy to get into and thats why us Systems Administrators get a fair old wage for looking after usch systems!

Share this post


Link to post

I think one of the biggest problems people are having with AD is the lack of understanding what name resolution is. People easily acquire Windows 2000 server, and automatically want to see what Active Directory is all about. When I say "easily acquire", I am not just talking about pirating software, I am talking about small companies that pick Win2K server for about $800 US for the full version and just slap it on a box. The average NT admin that I have worked with (and a great deal of consultants for that matter) have no idea of what AD is or what it can do. I was learning it myself, and the best thing that I could do with it was search the tree for "color printer" so I could map it. The first time I got a real idea of what it could do was when I setup Exchage Server 2000 on my test network. Then, you can easily see the relationship between user objects and all the metadata attached to those objects (like titles, departments, phone numbers, etc).

 

If you are somebody that stuck with NetBIOS broadcasting over IP (or didn't even know what WINS was) and static IPs for your NT domain, then you better start reading a bit first as AD will be a bumpy ride for you otherwise. If you understand DNS, DHCP, WINS (you prolly wont use it, but it gives you a good idea of what DDNS is), and directory services like Exchange 5.5 then you will have a good shot at getting AD off the ground with some whitepapers on the subject.

Share this post


Link to post

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
Sign in to follow this  

×