win 2000 pro can't join domain on win 2000 server

[divebumm1]

I just promoted a windows 2000 server to primary domain controller. When I tried to join a win 2000 pro workstation to the domain I got an error message stating that "The specified domain either does not exist or could not be contacted ". I looked up a tech article on the Microsoft web site and found a fix as below:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters
Change the SysvolReady value from "0" to "1", and then restart the computer.

I had to fix a NETLOGON registry setting that was not correctly updated during the promotion. That fixed one problem After that when I tried to join the domain I got the login prompt (progress!), but every time I try to join the domain using the domain admin account I get another error message - "The following error occured attempting to join the domain. The network path was not found".

Any help would be greatly appreciated. Thanks, Rich Bertram

 

[redwolf52]

Have u created computer and user accounts for the workstation on the DC before u try to join the workstation to the domain?

 

[divebumm1]

I added the computer account but I did not add a user account. I just tried to use the domain admin account.

 

[Tezdread]

Do you have to use the computer accounts? I had a few problems trying to joing the Domain and had user accounts and computers in AD.

Now I only have user accounts and everything works ok. What is the importance of computer accounts? And are there times when you shouldn't/wouldn't need to use them?

 

[GlenJohnson]

Here's some of the problems I dealt with when I tried joining w2k pro's to network. This is just a copy of what I've documented while setting up the domain.
.
4/8/2002 - One reason the W2K machines aren’t joining the domain, is because it thinks another pc is the master browser, and not the server. We shouldn’t even be using browsing on the local machines. To get the W2K machines to join the domain, first go into the registry and set these settings. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Browser\Pa
rameters]
"IsDomainMaster"="FALSE"
"MaintainServerList"="No"
Next, right click on my computer and browse to services and disable computer browsers.
Another problem joining the domain, is in some computers, when you select network identification, then select properties, then select the more button, you will find domainname.com in a box in there. If that has been manually added, this will give you the “Cannot add to the domain, because this exists with a conflicting set of credentials.” In order to solve this problem, you must first take the domainname.com out of the box. Then re-boot for the computer to get a new set of authentications from the servers. Then, go to the servers and on Active Directory, Sites and Services, click on the NTDS settings in the left column, adserver1 and in the right column, right click on the adserver2 line and select Replicate now. Do the same for adserver2. This will replicate the security settings that the user just received. The user can get there authentication from either server, and this makes sure that each has the same settings, so when you try and join the domain, neither will think the computername.rpcnt.com already exists. Go back to the original method of joining the domain to finish.
Two more things to look for when you can’t join the domain. Make sure only ADserver1 and adserver2 are the only dns servers listed. Not the external dns servers. This helps with name resolution when joining the domain. If it still gives you an error message about conflicting credentials, in the domain name, instead of domainname, type in domainname.com. When the logon and password prompt comes up, logon as a valid administrator account. Won’t work if you log on as user because they won’t have rights.



Glen A. Johnson
Microsoft Certified Professional
gjohn76351@msn.com
"A pleasant illusion is better than a harsh reality."
Christian Nevell Bovee 1820-1904, US author.

 

[treyormsbee]

I think the answer to this question is simpler than you all may think... Is your client computer useing the correct DNS Server (i.e. the DC running AD)??