Cannot join Vista RC1 to domain.
I have troble joining my computer running Vista RC1 to a domain. The domain server is running Windows 2000 server. The error msg is: "An attempt to resolve the DNS name of a DC in the domain being joined has failed. Please verify this client is configured to reach a DNS server that can resolve DNS names in the target domain." I can browse the network and connect to any computer in the network. The only thing missing is joining my domain. Can anyone help? Tommy
September 11th, 2006 2:50pm

Stabs in the dark based on my past experiences. (Better than nothing, especially since they haven't answered MY question about joining a domain in this forum).These attempts assume that you have access to the DC box. On the server, enable WINS service.On the client, enable WINS and NetBios name lookup (under TCP/IP properties dialog for your LAN connection). Bring down the firewall temporarily on both client/server. (If this works, it's due to a specific port, probably LDAP related, but I haven't figured out which one.) If anyone can explain to me *why* WINS is needed for domain joining, I'd love to learn about it. Brian
Free Windows Admin Tool Kit Click here and download it now
September 13th, 2006 12:48am

I had this same problem. I disabled IPv6 on the connection and I was finally able to connect after restarting the connection. Didn't have to use WINS or NetBIOS. Good luck. -Mike
September 19th, 2006 7:26pm

Interesting. I'll have to try that. I think Vista networking disappoints in some respects: if one of the dominos isn't lined up right, it gives you some error that doesn't lead to a resolution. Home networking has improved, but diagnostics on networking againstdomain controllersstill confuses.Displaying to the user the results of GetLastError() is bad.
Free Windows Admin Tool Kit Click here and download it now
September 19th, 2006 7:29pm

Brian, are you saying that with DNS properly configured you are still needing WINS and NetBios to join a domain? I am not currently near a Vista machine to test this. On thing I have seen in W2K and XP and W2K3 is that computers are set up with external DNS which can not resolve DCs or they use and external DNS as a secondary DNS server. If it can not connect to the primary DNS it makes the secondary the primary for a period of time and can not find the domain. Accessing DCs is a matter of finding SRV records. The DC itselfcan not find the domain without DNS and SRV records even if WINS is setup and working. Try and give the DC an external DNS server and internal WINS and open Active Directory Users and Computers, you will get an error message that a domain controller can not be found. I would be shocked if the behavior had changed in Vista. (I have been shocked before)
September 19th, 2006 9:38pm

I heard this (needing WINS/NetBIOS) second hand on a newsgroup forum that I had meant to verify but forgot. I know it was the case under XP. I had another problem in joining a domain (in this forum) that I resolved by physically bringing the machine to the same subnet--this was an issue also with XP, but with different error results. Because it "finally worked" I didn't go back to verify whether the join could have occured w/o NetBios and WINS. Question: why do NT domains require a DNS with SRV records? Where does the traditional IP address/port method of getting a service fail to meet the needs of an NT domain? I spent days trying to set up my own DC in Windows Server 2003 to discover that 1. I need WINS and NetBios running, 2. I need to run a DNS with the SRV records (I use the same machine as the DNS server and dcdiag.exe was happy), and 3. I needed to bring down my firewall (the LDAP ones I knew about were not enough). These points of failure are woefully underdocurmented (perhaps undocumented) in Windows Server 2003. Experimenting for this long to get something to work is usually a sign of bad design. Hopefully Longhorn Server, DCs "just work" and when there is a real configuration issue (i.e. beyond the capabilities of the OS to resolve), the error is more informative and the workaround readily available, both from from the admin's perspective as well as the client's persepective. "It just works" is more than just a selling point, it is the recognition that users don't know or shouldn't know all the operational parameters, and the designer of the software should know more than the user does in terms of diagnostics and self-repair. I seriously didn't mean to rant. I'm starving for knowledgeable people in this area in the forums (Microsoft managers need to take note and get their engineers here from time to time). I really want to understand this stuff under the hood, and have the right perspective about the actual quality of Active Directory software and its approach to networking. While I am at it, I have another question: once you take yourself off a Workgroup (e.g. a home network) and onto a domain (e.g. a coroprate network), how can you continue to see all the Workgroup computers and printers from the Vista client? I know I can use the dynamic IP addresses that were DHCP-assigned in the subnet, but I'd prefer to see the Workgroup as I did before. Can I be a member of both the domain and a Workgroup, perhaps just a one way membership (I see other Workgroup computers, but they don't see me.)? If not, why is this the case in Windows? Brian
Free Windows Admin Tool Kit Click here and download it now
September 19th, 2006 10:18pm

I had the same problem and my DNS server did not have an SRV Resource record. Checked out KBartice 239897 to resolve my DNS issue and all was happy.
September 27th, 2006 7:52pm

Jrod is on the money here. I followed the instruction here .. http://support.microsoft.com/kb/239897 not quite to the tee as 2003 datacenter is a little different. I just followed down to 2g and all was good. I guess its our DNS forward lookups weren't quite confiqured right.
Free Windows Admin Tool Kit Click here and download it now
October 8th, 2006 11:25am

I've an identical problem. Before the RC1 update, my Vista desktop was connected to my 2003 Server (DC/DNS/DHCP) fine. On installing the upgrade (to build 5600), my LAN died. I went back to the default WORKGROUP and LAN worked. But now I can't re-join the domain - I get the same error message: "An attempt to resolve the DNS name of a DC in the domain being joined has failed. Please verify this client is configured to reach a DNS server that can resolve DNS names in the target domain." I've disabled IPv6 (un-ticking the box in Network Properties) but still no luck. As far as I can tell, the DC has a SRV Resource record. Any help greatfully received!
November 3rd, 2006 4:30pm

Do you have WINS enabled on the client?
Free Windows Admin Tool Kit Click here and download it now
November 3rd, 2006 4:56pm

Thanks for the prompt reply Brian. I think not (can you advise how?) ... "ipconfig /all" tells me: Windows IP Configuration Host Name . . . . . . . . . . . . : Egg Primary Dns Suffix . . . . . . . : mydomain.local Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : mydomain.local Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : mydomain.local Description . . . . . . . . . . . : ULi M526X Ethernet Controller Physical Address. . . . . . . . . : 00-13-8F-C5-29-41 DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes Link-local IPv6 Address . . . . . : fe80::fc77:1d2f:9ca1:5a62%7(Preferred) IPv4 Address. . . . . . . . . . . : 192.168.1.7 Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 Lease Obtained. . . . . . . . . . : 03 November 2006 11:59:48 Lease Expires . . . . . . . . . . : 10 December 2142 21:29:15 Default Gateway . . . . . . . . . : 192.168.1.1 DHCP Server . . . . . . . . . . . : 192.168.1.1 DHCPv6 IAID . . . . . . . . . . . : 184554383 DNS Servers . . . . . . . . . . . : 192.168.1.2 192.168.1.1 NetBIOS over Tcpip. . . . . . . . : Enabled Tunnel adapter Local Area Connection* 9: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface Physical Address. . . . . . . . . : 02-00-54-55-4E-01 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes IPv6 Address. . . . . . . . . . . : 2001:0:4136:e378:180c:22ce:3f57:fef8(Preferred) Link-local IPv6 Address . . . . . : fe80::180c:22ce:3f57:fef8%10(Preferred) Default Gateway . . . . . . . . . : :: NetBIOS over Tcpip. . . . . . . . : Disabled Tunnel adapter Local Area Connection*: Connection-specific DNS Suffix . : mydomain.local Description . . . . . . . . . . . : Microsoft ISATAP Adapter Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Link-local IPv6 Address . . . . . : fe80::5efe:192.168.1.7%11(Preferred) Default Gateway . . . . . . . . . : DNS Servers . . . . . . . . . . . : 192.168.1.2 192.168.1.1 NetBIOS over Tcpip. . . . . . . . : Disabled 192.168.1.1 being the router192.168.1.2 being the DC/DHCP/DNS 2003 server
November 3rd, 2006 5:46pm

Is the DC running an WINS server? I don't know if WINS is the real cause of this error, however. After this I would be out of ideas.
Free Windows Admin Tool Kit Click here and download it now
November 3rd, 2006 6:09pm

Yes, the DC is running as a WINS server. Is that a good/bad sign?
November 3rd, 2006 6:19pm

Good in the sense WINS should be on. Bad in the sense that this finding isn't helping you on your problem. I noticed that your DNS server is behind a subnet. I am uncertain if this should work--I don't see why it shouldn't, but its a scenario I've never run across. You can also run dcdiag.exe on the server to see if it tells you of any problems. This is something you download separately. Brian
Free Windows Admin Tool Kit Click here and download it now
November 5th, 2006 3:11am

SOLUTION: I had this problem connecting to Server 2003. In Vista (client machine), i unchecked the IPv6 box in LAN Status box and set WINS to Enable Netbios over TCP/IP. Tried to connect to domain again, and voila, it worked... Hope this helps...
November 17th, 2006 12:05am

Hi, To me, joining vista to a domain is no different than joining an XP SP2 machine to the domain. WINS is not necessary in this situation. You have to make sure that the DC and DNS are up and running and the SRV records are properly created. You can ping and see if you have IPv4 connectivity. Removing IPv6 is not necessary according to my knowledge. When you type the domain name make sure you type the "DNS Domain Name" rather than the NetBIOS domain name. If theDNS name of the domain is "mydomain.local" make sure you type it instead of just "mydomain". NetBIOS name resolution will take different methods defending your network infrastructure (availability of WINS, NBT Node type, multiple subnets ...etc) and it will be slower than DNS if you dont have the correct infrastructure settings. For example, if you have configured your clients to use a WINS server and if the server is not available, the clients will fall back to broadcasts. This might take some time. If your DC and DNS are on another subnet separated by a router, NetBIOS broadcasts might fail and you will not be able to contact the DNS and DC. Check your infrastructure settings and see you can connect to the domain again This is the output of ipconfig /all which I got by running it on my Vista RC1 (build 5600) running on Virtual PC 2007 beta and is joined to my active directory domain on Windows Server 2003 R2. As you can see, IPv6 is also there. C:\Users\Lakmal>ipconfig /all Windows IP Configuration Host Name . . . . . . . . . . . . : Lakmal-Vista-VPC Primary Dns Suffix . . . . . . . : sa.local Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : sa.local Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : sa.local Description . . . . . . . . . . . : Intel 21140-Based PCI Fast Ethernet Adapter (Emulated) Physical Address. . . . . . . . . : 00-03-FF-0F-44-7C DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes Link-local IPv6 Address . . . . . : fe80::74fe:77fe:7c33:d1e5%10(Preferred) IPv4 Address. . . . . . . . . . . : 192.168.169.65(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 Lease Obtained. . . . . . . . . . : 2006 ????????? ?? 20 ?????? ????? 11:53:08 ??.?. Lease Expires . . . . . . . . . . : 2006 ????????? ?? 22 ?????? ????? 11:53:00 ??.?. Default Gateway . . . . . . . . . : 192.168.169.1 DHCP Server . . . . . . . . . . . : 192.168.169.7 DHCPv6 IAID . . . . . . . . . . . : 234882047 DNS Servers . . . . . . . . . . . : 192.168.169.7 192.168.168.4 Primary WINS Server . . . . . . . : 192.168.169.7 NetBIOS over Tcpip. . . . . . . . : Enabled Tunnel adapter Local Area Connection*: Connection-specific DNS Suffix . : sa.local Description . . . . . . . . . . . : isatap.sa.local Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Link-local IPv6 Address . . . . . : fe80::5efe:192.168.169.65%11(Preferred) Default Gateway . . . . . . . . . : DNS Servers . . . . . . . . . . . : 192.168.169.7 192.168.168.4 NetBIOS over Tcpip. . . . . . . . : Disabled Tunnel adapter Local Area Connection* 2: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface Physical Address. . . . . . . . . : 02-00-54-55-4E-01 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes IPv6 Address. . . . . . . . . . . : 2001:0:4136:e37a:141f:f4bd:2308:14fb(Preferred) Link-local IPv6 Address . . . . . : fe80::141f:f4bd:2308:14fb%12(Preferred) Default Gateway . . . . . . . . . : :: NetBIOS over Tcpip. . . . . . . . : Disabled C:\Users\Lakmal> Regards, Lakmal
Free Windows Admin Tool Kit Click here and download it now
November 20th, 2006 9:56am

Im also getting this error :"An attempt to resolve the DNS name of a DC in the domain being joined has failed. Please verify this client is configured to reach a DNS server that can resolve DNS names in the target domain."Tried everything to solve it, enabled/disable IPv6, enabled/disable Netbios, enabled/disabled Client for MS Networks.Nothing solved it.I tried everything said in this thread.As the first poster, I can see the other computers of the domain I want to join, I can access internet, but I cannot at all add the computer to my office domain.Im using Vista Ultimate Final release.I can add any XP or 2000 machine to that domain, but Vista refuses to.Any help will be greatly appreciated.My ipconfig /all shows the following on the client machine :Windows IP Configuration Host Name . . . . . . . . . . . . : DESKTOP Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : DOMAINNAME Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : DOMAINNAME Description . . . . . . . . . . . : VIA Rhine II Compatible Fast Ethernet Adapter Physical Address. . . . . . . . . : 00-17-31-76-84-DF DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes Link-local IPv6 Address . . . . . : fe80::3cd7:bf25:e097:a721%8(Preferred) IPv4 Address. . . . . . . . . . . : 192.168.0.126(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 Lease Obtained. . . . . . . . . . : Wednesday, January 24, 2007 6:31:35 PM Lease Expires . . . . . . . . . . : Thursday, January 25, 2007 7:25:30 PM Default Gateway . . . . . . . . . : 192.168.0.1 DHCP Server . . . . . . . . . . . : 192.168.0.1 DHCPv6 IAID . . . . . . . . . . . : 201332529 DNS Servers . . . . . . . . . . . : 192.168.0.1 NetBIOS over Tcpip. . . . . . . . : Enabled Tunnel adapter Local Area Connection* 6: Connection-specific DNS Suffix . : DOMAINNAME Description . . . . . . . . . . . : isatap.DOMAINNAME Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Link-local IPv6 Address . . . . . : fe80::5efe:192.168.0.126%10(Preferred) Default Gateway . . . . . . . . . : DNS Servers . . . . . . . . . . . : 192.168.0.1 NetBIOS over Tcpip. . . . . . . . : Disabled Tunnel adapter Local Area Connection* 7: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface Physical Address. . . . . . . . . : 02-00-54-55-4E-01 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes
January 25th, 2007 12:56am

In my case, I found that if I bring my computer to the same subnet, I can connect. This involves a very inconvenientactivity ofputting my computer in the car, and walkingit to a building, etc.The problem somehow happens because I'm doing it remotely, and there's a non-Windows network in between. Oh well. Just wished the windows client gave a more informative error.
Free Windows Admin Tool Kit Click here and download it now
January 25th, 2007 1:11am

That wouldnt be my problem as I am the same subnet (Its a small network, a machine running server 2003, and some other windows XP's on the network.Thanks for answering tho...
January 25th, 2007 2:36pm

Just got the final release (business edition) DVD through and I'm still having the same problems. Unchecking IPv6 doesn't help. It says it has connected to the domain. But when I restart and tyr to log in, it says there's no DC to authenticate the logon process (or words to that effect). (pre-rc2 this never occured)
Free Windows Admin Tool Kit Click here and download it now
January 25th, 2007 3:12pm

Have you set the NetBios setting under the WINS tab of TCP/IP Settings to "Enable NetBios over TCP/IP? I know these different switches shouldn't work, but sometimes i find fiddling with them will eventually get it sorted.
January 25th, 2007 3:21pm

I have and still no luck. I can join the domain but on reboot I get the message "There are currently no logon servers available to service the logon request." when trying to login. The only way back online is to leave the domain. I've noticed that I can't ping the DNS suffix "mydomain.local". When I add this to the host file with its IP address I can then ping it but I still can't join the domain.
Free Windows Admin Tool Kit Click here and download it now
January 25th, 2007 3:50pm

Have you run dcdiag.exe on the Server 2003 box? Is the Windows Server 2003 box acting as the DC also a DNS? If not, try making it a DNS also, and set the IP address of the server as the primary DNS in your client network setting. BTW, I'm really a rookie at this sort of thing. But since is there is no real expert presence on this forum, half a loaf is better than none. :) Brian
January 25th, 2007 6:24pm

I'm thankful and greatful for any help Brian. I ran dcdiag which returnd the following errors: Starting test: NetLogons Unable to connect to the NETLOGON share! (\\SERVER\netlogon) [SERVER] An net use or LsaPolicy operation failed with error 1203, No network provider accepted the given network path.. ......................... SERVER failed test NetLogons Starting test: systemlog An Error Event occured. EventID: 0x00000457 Time Generated: 01/25/2007 15:26:37 (Event String could not be retrieved) ......................... SERVER failed test systemlog Obviously it's the first error thats interesting but I can't ifnd much support for this report to correct the issue. Any ideas?
Free Windows Admin Tool Kit Click here and download it now
January 25th, 2007 6:58pm

Egg wrote: I have and still no luck. I can join the domain but on reboot I get the message "There are currently no logon servers available to service the logon request." when trying to login. The only way back online is to leave the domain. I've noticed that I can't ping the DNS suffix "mydomain.local". When I add this to the host file with its IP address I can then ping it but I still can't join the domain. Are you trying to join Vista RTM to an AD domain when Vista is on the same physical network, or is this done remotely outside of the corporate LAN?
January 25th, 2007 11:47pm

Thanks for your reply. Yes, I'm attempting to join a Vista box to anADdomain (2003 box) on a LAN.
Free Windows Admin Tool Kit Click here and download it now
January 26th, 2007 12:39pm

A DCDIAG on my 2003 server returned the following :Domain Controller Diagnosis Performing initial setup: Done gathering initial info. Doing initial required tests Testing server: Default-First-Site-Name\COMP0 Starting test: Connectivity COMP0's server GUID DNS name could not be resolved to an IP address. Check the DNS server, DHCP, server name, etc Although the Guid DNS name (863e47e7-5478-41bf-72d8-e2428d2e2aa4._msdcs.COMP.COM) couldn't be resolved, the server name (COMP0.COMP.COM) resolved to the IP address (192.168.0.100) and was pingable. Check that the IP address is registered correctly with the DNS server. ......................... COMP0 failed test Connectivity Doing primary tests Testing server: Default-First-Site-Name\COMP0 Skipping all tests, because server COMP0 is not responding to directory service requests Running enterprise tests on : COMP.COM Starting test: Intersite ......................... COMP.COM passed test Intersite Starting test: FsmoCheck ......................... COMP.COM passed test FsmoCheckObviously the problem seems to be with my 2003 and not with Vista after looking at the above error. (Weird that XP and win2000 can be added to the domain without problems).However if anyone can help me fixing it (or can point me to a solution) Id be very grateful.Thanks a lot in advance for any help.
January 26th, 2007 2:39pm

I searched the web and came across this: http://searchwincomputing.techtarget.com/tip/0,289483,sid68_gci1107664,00.html?topic=301201 Of course, I cannot claim that your error is caused by the same problem referred to in that article, but it's worth a shot to look at. Brian
Free Windows Admin Tool Kit Click here and download it now
January 26th, 2007 6:07pm

Brian, Is is possible to have expert opinion's on this type of thing?! You know what Windows is like... sometimes the same machine built the same way can act totally differently!! Still, we can but try! :) Stim.
January 26th, 2007 6:40pm

I feel your pain, Stim. :) Hopefully, someone with the right contacts can increase expert presence in this forum.
Free Windows Admin Tool Kit Click here and download it now
January 26th, 2007 6:43pm

All that this link mentioned was already set ... this is turning into a right little party!
January 26th, 2007 6:49pm

As a reasonable next step, I would aggressively search the web using keywords from the error message. After that... hopefully someone with insight can help. But you might have to start from the ground up: disable all services, and reenable them. But I can't say how "clean" this would be (i.e. it may still retain old and invalid settings).
Free Windows Admin Tool Kit Click here and download it now
January 26th, 2007 6:53pm

Brian, thanks a lot, the link you provided fixed my 2003 server problem, then I managed to add Vista to the Domain perfectly.BTW, I had to use the Wizard to join a Domain, trying to change it directly with the "to rename or change" option was still failing.Thanks a lot for your help man, now I can use Vista more comfortably.
January 26th, 2007 7:20pm

Pleased to hear that!
Free Windows Admin Tool Kit Click here and download it now
January 26th, 2007 7:29pm

I had the same problem, here is what helped me out, I hope it works for you as well On the server and Vista clientmake sure that you enable NetBIOS and WINS over tcp/ip, and make sureto type the address of the server on DNS and WINS. On the server create a primary forward lookup zone that has the same name as your domain (ex. mydomail.local) Inthe command prompt in yourserver type "net stop netlogon" and then "net start netlogon" Also turn off the firewall settings in both the server and the client. If you need clarification on this or step by step instructions just mention it in the forum. Be glad to help out
February 21st, 2007 5:45am

I am also having the same problems. Has anyone tried anything different or additional to fix the problem? The computer is brand new and the OS is brand new. I would think Microsoft would give you a break on support but they are charging $245.00. Anyone?
Free Windows Admin Tool Kit Click here and download it now
February 23rd, 2007 9:15pm

FYI, un-ticking the IPv6 box in Network Properties worked for me.
February 24th, 2007 1:41am

For almost3 days of frustration going in and out of this forum.. I finally found a logical / proper way in fixing this thing. Vista has no bug or what so ever, it's just the way we set our server and DNS... It's allabout FQDN implementation instead of being contented in an old fashionway of AD querying. I noticed that Vista is also querying AD using FQDN even if you used NetBIOS nameunlike previous version of Windows (which I realized after being frustrated, so why use NetBIOS nameif I could comply with FQDN?). Unchecking IPv6 / using local DNS or even Enabling NetBIOS over TCP/IPare notrelevant at all.. Well, it could be, if youuse the old, conventional way of AD querying... OMHO, even if you use old method, you don't need to tweakthose. Ok, here's the trick: Vista is querying LDAP entryin your domain's SRV record, so you need to add this record properly in your DNS server tomake it work. Youalso need to open upport 389 / LDAP service (TCP/UDP)in your firewall for incoming queries. In fact, whenyouinitially setup AD, it automatically add SRV record in your domain(provided that you enable dynamicupdate) but, you need to verify and make surethat the entry should be in following format: _ldap._tcp.dc._mscds.<AD domain name> Finally, use <FQDN> instead of <NetBIOS name> when joining a domain. Just want to ask younot to get frustrated if it still didn't work after you created an entry... Probable cause could be: 1) if you're using external DNS, it would take time to propagate your records in the internet. 2) Your SRV record isn't properly configured... (if you want to know how, just ask and I'll be glad to assist you) Well, I think FQDN is an innovation in AD querying. Probably, Microsoft utilizes internet era which I think is logical and beneficial... In this case, you could join the domain where ever you are as long as you have internet connection (which Im doing right now) Regards, Anthony
Free Windows Admin Tool Kit Click here and download it now
February 24th, 2007 5:49pm

That is what I found to be the trick. I used KB239897 for details. Anothony, I have been watching this thread since my first reply back in Oct. and you are right on to what may just be the root cause. Many workarounds have gotten machines attached to the domain but the problem may just be DNS from the beginning.
February 25th, 2007 1:43am

Well, for those who doesn't use DNS service in Win2K or 2K3, you need to set it up now to comply with FQDN and use Vista without problem. Even if you don't have registered domain, you only need to put your DNS server address as your primary DNS (TCP/IP) and everything will be translated and forwarded. Make sure you set up your DNS properly and everything will go smooth.
Free Windows Admin Tool Kit Click here and download it now
February 27th, 2007 6:50am

I am having the same problem trying to join Vista to my domain. I have tried several things that have been suggested here, enabling netbios and disabling IPv6 ect. but I still can't get it to join. I am new to working in a server 2003 and I don't understand how to implement your solution Anthony. I would appreciate it if you could explain a little how to do what you said. Thanks!
March 6th, 2007 10:20pm

I assume: - You host your own DNS Server - You own a Fully Qualified Domain Name (ex: myCompany.com) - You have static, public IP address. - Your Active Directory server / host name is myCompany.com (your FQDN) In your myCompany.com's DNS record, add host "A" record and name it after your AD server's NetBIOS name (ex: myServer). Then, point it to your AD's public Static IP so, it will be reacheable if someone ping myServer.myCompany.com (I didn't say you need to activate PING service as it's not necessary here) from net. Open LDAP Service or Port 389 (UPD/TCP) in your firewall for incoming query and port forward to Active Directory server. Make sure that you also open an access for DNS query (where ever that server may be). Next, add new domain (within the root domain, myCompany.com), and named it _msdcs (that's it, that new sub domain will read as: _msdcs.myCompany.com). Go inside that newly created sub domain and create another sub and name it dc. Again, go inside that new sub domain (dc._msdcs.myCompany.com) and there, you create SRV record (Service Locator). SVR record info: domain: dc._msdcs.myCompany.com Service: _ldap Protocol: _tcp Priority: 0 Weight: 0 Port Number: 389 Host Offering this Service: myServer.myCompany.com Allow records to propagate in the web.. if you couldn't wait.. you could set client's primary DNS (TCP/IP setup) to your DNS server's IP. When joining domain, use FQDN (myCompany.com) not NetBIOS name (which is myServer). I hope above instructions are comprehensive enough...
Free Windows Admin Tool Kit Click here and download it now
March 7th, 2007 9:23am

Yes I have a server running windows server 2003 R2 with SP on a 5 computer home LAN. I am an IT college student and I am trying to learn server 2003. I set up AD in the server manager and selected the option to install DNS server. So both Domain controller and DNS server are installed.I don't have a FQDN. Can you just make up your own domain in private LAN?I have a verizon DSL connection and I am not sure if it is a static IP address address or not. Being that I only want my domain in my local LAN, how does this matter?With my setup please let me know if your further instructions are applicable. I was able to add my computer to my domain before I installed Vista (with XP pro) thats why I thought Vista was the problem. However I did reinstall server 2003 at about the same time I installed vista, so I guess there is a chance I set up AD differently, but I am pretty sure I set it up the same. I need to try and see if I can get another XP pro computer to join...
March 8th, 2007 5:35pm

Yes I have a server running windows server 2003 R2 with SP on a 5 computer home LAN. I am an IT college student and I am trying to learn server 2003. I set up AD in the server manager and selected the option to install DNS server. So both Domain controller and DNS server are installed. I don't have a FQDN. Can you just make up your own domain in private LAN? I have a verizon DSL connection and I am not sure if it is a static IP address address or not. Being that I only want my domain in my local LAN, how does this matter? With my setup please let me know if your further instructions are applicable. I was able to add my computer to my domain before I installed Vista (with XP pro) thats why I thought Vista was the problem. However I did reinstall server 2003 at about the same time I installed vista, so I guess there is a chance I set up AD differently, but I am pretty sure I set it up the same. I need to try and see if I can get another XP pro computer to join...I don't know why it duplicated my post! When I tried deleting this post it deleted my other post as well.
Free Windows Admin Tool Kit Click here and download it now
March 8th, 2007 6:34pm

The problem with Vista is.. it searches SRV records. WinXP has no problem even if you use NetBIOS name and it doesn't require to check or retrieve SRV records. Well there's a way but I haven't tried it yet (logically, it should work). In your TCP/IP, use your DNS server local IP as Primary DNS of clients. Create a bogus domain in your DNS server... do the same procedure I adviced (creating Host "A", sub domain, SRV records, etc)... However, you might need to point SRV entry to a host with "public" address of your AD server (I tried using local IP but it didn't work). If you have static, that won't be a prob.. But, if you are using dynamic IP, try using a freedomain nameand have a small program that would update your "free" domainIP record automatically. Then use that "free domain"on "Host offering this service" in SRV record. I don't see any reason, why this wont work.
March 9th, 2007 9:25am

For those of you out there who are having this issue trying to join vista to a 2000/2003 domain and are using a wireless router. I'm going to post instructions on how to get this to work. (I'm also assuming you have a DC) first off you need to goto the domain controller and pull the ip configuration. ipconfig /all. Look for the ip address assigned to it by the router and write it down. Next you will need to setup your server as a dns server. set the ip address from the server (assigned by router) as static on the server. dns setup will automatically prompt you to do so. You will then be asked to setup a forward lookup zone. You will want to set your isp's dns ip address in this zone. Most likely setup will say that it is already configured and will just bypass it. Once the dns is setup on the server goto the client Vista machine and set the local area connection (ip4) to use the primary dns entry as the dns servers ip address. You may need to disable the ipv6 entry so that windows does not have any conflicts. You may also want to set the default gateway ip address from your router in the ip4 settings as well. Once this is completed join the Vista client to your domain.
Free Windows Admin Tool Kit Click here and download it now
March 17th, 2007 10:04pm

I have troble joining my computer running Vistabusiness client to a domain. The domain server is running Windows 2003 server. The error msg is: "An attempt to resolve the DNS name of a DC in the domain being joined has failed. Please verify this client is configured to reach a DNS server that can resolve DNS names in the target domain." I can browse the network and connect to any computer in the networ. The only thing missing is joining my domain. Can anyone help? Idrees
March 28th, 2007 1:29pm

Dear Sir, I have troble joining my computer running Vista RC1 to a domain. The domain server is running Windows 2003 server. The error msg is: "An attempt to resolve the DNS name of a DC in the domain being joined has failed. Please verify this client is configured to reach a DNS server that can resolve DNS names in the target domain." I can browse the network and connect to any computer in the network. The only thing missing is joining my domain. Can anyone help? Idrees
Free Windows Admin Tool Kit Click here and download it now
March 28th, 2007 2:30pm

I had this problem too. I couldn't join my DC which is running in 2003 Server. Disabling IPV6 and setting WINS to Enable Netbios over TCP/IP inmy computer wouldn't help at all. However, the problem was solved when I installed IPV6 protocol in the 2003 Server. Funny thing but it worked for me. I guess Vista is bound to use IPV6 afterall.
April 3rd, 2007 1:36pm

Udrees Yes, we can help.., But first you need to read the thread.. This issue is no longer an issue as far as I know. I did what I know the right way to manage Active Directory this is the use of SRV records (see my post instructions and messages). I have managed to upgrade my 4 networkings in different firms (Win2k3 with Vista and WinXP). I no longer see that message because I know I did what is supposedly the way to set AD. It's kinda cool because I could connect to my AD serverin other country using my method (under vista platform). You could also try some of our member's tips and tricks. Mine is a little bit complicated, but I would say compliance with vista's new way of connection. I've read within this thread that activating IPv6 in server side did the trick.. maybe you could try that too...
Free Windows Admin Tool Kit Click here and download it now
April 4th, 2007 7:57am

Andyjb wrote: I don't have a FQDN. Can you just make up your own domain in private LAN? You can just make up a domain name, but to be sure it won't clash with an Internet domain name you should end it with .local, e.g. mydomain.local You also need to make sure that all your LAN clients are using the Domain Controller as a DNS server, rather than your ISP's server.
April 4th, 2007 1:55pm

this didn't seem to help me. any other ideas on why this won't connect? I'm getting the same error message as the original poster above and nothing seems to work. All XP machines have connected perfectly to the domain without a hitch.
Free Windows Admin Tool Kit Click here and download it now
June 14th, 2007 9:52pm

this worked like a charm - thank you!!
July 25th, 2007 9:27pm

I have a problemto the same you. I can't change from workgroup (my computer is used to Win Vista ultimate)to domain. When i connect to our LAN - it appears to error : "Your computer could not be joined to the domain because the following error has occurred. An attempt to resolve the DNS name of a DC in the domain being joined has failed please verify this client is configured to reach a DNS server that can resolve DNS name in the target domain". Althought, I have informed to our domain, TCP/IP v4ip for my computer.My computer isusedtoWinVista ultimate and the server is used to Win Server 2003. Please help me! Thks!
Free Windows Admin Tool Kit Click here and download it now
August 13th, 2007 12:25pm

I had the same problem. I just added IP address of my Domain W2K3 Server to TCP/IP properties in Network Card as Preferred DNS Server, and I could switch from Workgroup to Domain.After logon 1st time, System will create new profile. Go back to TCP/IP Setting and switch DNS to-> Obtain DNS server address automatically.That's all.Alan
September 5th, 2007 7:18pm

use server ip address as u r preffered dns and then it works
Free Windows Admin Tool Kit Click here and download it now
December 24th, 2007 3:26pm

after i change preffered dns to server ip... it WORK... thanks M.Arun_kumar regards stephen
March 18th, 2008 4:05am

L,I don't speak english, but i'll try to explain what worked for me.Had the same problem, then I did this, went to the LAN properties then at TCP/IPv4 put my static IP and the DNS just like we used to do it in XP, and at the other protocol TCP/IPv6 went to advanced options and at the tab DNS added the server IP address, after that joined the domain just fine.
Free Windows Admin Tool Kit Click here and download it now
March 26th, 2008 9:23pm

Brian Kramer wrote: I searched the web and came across this: http://searchwincomputing.techtarget.com/tip/0,289483,sid68_gci1107664,00.html?topic=301201 Of course, I cannot claim that your error is caused by the same problem referred to in that article, but it's worth a shot to look at. Brian This article fixed my issue with Vista not joining a windows server 2003 domain, although my windows 2003settings were already correct - so the fix was either flush/register of the DNS (step 6) or "netdiag /fix" (step 10). Thanks Brian for your help, Mattcleeds
June 16th, 2008 5:08pm

I am having the same problem. This is a on a brand new install of WS2k3. The DNS is properly configured, the srv records are all in correctly, firewall's are all off. Wins is on, Netbios is setup on both server and client, can't ping to fqdn but can ping to netbios name (it takes it a minute but it does it eventually). As far as I can tell, everything is setup correctly on this. The dcpromo process took care of the DNS and AD creation. XP machines can connect with no problems. I have looked through a ton of information on this and tried everything (including all that was mentioned above) even adding ipv6 on the server with no success. What is crazy is that I have another domain that the machine can connect to. I have checked every setting I can think of and they are all identical (except obvious differences such as ip's and domain names). Literally having the two screens side by side and comparing everything, running services, installed components, configured settings. The other server is running SBS and this one is running Enterprise but it shouldn't make a difference. All of the updates are installed.So!Any epiphanous ideas anyone would like to throw out there? Because I'm seeming to hit dead ends everywhere I look.I felt I should also add that the event log is clean and netdiag and dcdiag come up clean with no problems. DNS information is configured correctly in the servers IP settings and the clients. DHCP was being used to push the settings but switched it over to Static for the client and still no change.
Free Windows Admin Tool Kit Click here and download it now
August 17th, 2008 7:40am

I'm having the identical message on my new SBS R2 network with seven machines with Vista Business. Did you get this resolved? Any directions would be great, thank you, David
August 29th, 2008 2:17pm

I did get it resolved!It ended up being bad firmware on one of the NIC's. The crazy thing was that everything else seemed to work, internet, file transfer, etc. It just would not allow anything with Vista to log onto the network (XP worked on some machines but not others). Reflashed the NIC's and reset them and then everything took off. I have a sneaking suspicion it might have to do with a bad teaming setup that was removed but I'm not sure.Prior to that however I did have a problem with the TCP/IP settings in windows on the server. I ended up having to reinstall TCP/IP which opened up internet connectivity to the server from other PC's but it didn't fix the problem. You might also want to try a different switch if they are all on the same one.I would recommend trying everything that people have already mentioned, ensuring DNS is working properly, checked your NETDIAG and DCDIAG for errors and correcting them and checking the event monitor for any errors. There is also a really nice packet sniffer that MS has called Network Monitor V3.1 which can be downloaded here http://www.microsoft.com/downloads/details.aspx?familyid=18b1d59d-f4d8-4213-8d17-2f6dde7d7aac&displaylang=en it might be of value to you. With mine it showed that the server was just not responding to queries that the clients were making.If you need any other help please post back here and I will do what I can to assist you! Also post your solution when you get it working.Thanks!Ben.
Free Windows Admin Tool Kit Click here and download it now
August 29th, 2008 11:08pm

Hi there, I had the same issue. Error message: An attempt to resolve the DNS name of a DC in the domain being joined has failed. Please verify this client is configured to reach a DNS server that can resolve DNS names in the target domain. I did follow Brian's recommendation by disabling firewall on both client and server, enabling WINS on client, setting up WINS server on the server, disabling IPV6 on both server and client NICs. I did reconfigure DNS server, stopping the net logon service with:net stop netlogonand then starting the service withnet start netlogon, flushing DNS config withipconfig /flushdnsfrom the client machine and thenipconfig registerdns, guess what, still I had no success. To cut the story short, I did change the dynamically assigned client ip to static ip, then tried to join the DC and voila... Welcome to DC message PS. my Server is Win2k8 32bit version and I was trying to join Window vista ultimate to DC. Even though it makes no sense of why it did not work for me in the first place, I think you might want to try this maybe it will work for you too. Let me know if that helped cheers Vayanga Camara
September 14th, 2008 5:42pm

Hello,I had the same problem when trying joining Vista to a domain (Windows 2008 Server):"An attempt to resolve the DNS name of a DC in the domain being joined has failed. Please verify this client is configured to reach a DNS server that can resolve DNS names in the target domain."My solution was to assign static IP to both server and client, disable IPv6 (router isn't compatible anyway), also enable forwarding ports used by SRVs (found in DNS settings) in my router: _gc tcp 3268; _kerberos tcp & udp 88; _kpasswrd tcp & udp 464; _ldap tcp 389.Joined the domain in first try.Sorry for my english, isn't very good.
Free Windows Admin Tool Kit Click here and download it now
September 18th, 2008 7:00pm

1.Disable all firewalls. 2. Creatspecial built-in Administrators account on the 2003 Server to avoid using the Administrator account as non-extant pass through authentication in Vista SP1. 3.Use static IP address on workstation--including ip, subnet, gateway, dns. (Note: Usually dns IP = gateway IP). 4. Connect to domain from workstation using account login from step 2. I am running a Windows Server 2008 x64 Hyper-v private virtual network with VMs x86 Windows Vista SP1 and x86 Windows Server 2003 R2 SP2. Windows Server 2003 R2 SP2 is new with ADS DC, DHCP and DNS. No Security Configuration Wizard. No problem with Windows XP SP3. I did not: 1. Disable IPV6 on Vista SP1. 2. I did not use KB 239897. 3. I did not modify WINS or go into the advanced properties of the TCP/IP V4 properties. Notes: * Problematic: Modifying static IP address of the Windows Server 2003 R2 SP2.Use Hyper-V snapshots to revert to an unmodified IP server. * Windows Vista does not have the Guest account enabled by default--linked to the Local Security Policy Network Access: Not Classic--linked to File Sharing--linked Workgroup Pass-through authentication.
October 7th, 2008 2:54am

i have a lot of trouble to settle this problem, finally i can solve this problem. if you go trought all the reply in this forum and follow all the setting, if you lucky u problem can settle. U dindnt have to disabled IPv6 on the connection and Didn't have to use WINS or NetBIOS. What you must do is:- 1- You must active your administrator account and than logon as administrator. 2- In system properties, you must field the Primary DNS suffix on this computer: with your doman name. eg, microsoft.com and than tick the box Change primary DNS suffix when domain membership changes. Must restart after this setting. 3- You must edit file hosts. Default location is : MyComputer/Local C/Windows/System32/Drivers/etc/hosts(open with notepad) - Remember if you logon as user/administrator you cannot edit this file. 4- End of line:- 127.0.0.1 localhost ::1 localhost 192.168.1.1 server.microsoft.com Red - IP Server Green - Computer Server Name Blue - Domain Name That's all i have to do, and i finally can join all vista to my domain. Osman
Free Windows Admin Tool Kit Click here and download it now
October 19th, 2008 5:24pm

Great stuff Osman whent through your instructions and it all worked. Well just to make sure I reinstalled Vista and just did the "you must field the Primary DNS suffix on this computer: with your doman name. eg, microsoft.com and than tick the box Change primary DNS suffix when domain membership changes. Must restart after this setting." And hey presto it all worked just by doing that and nothing else cheers M8. Mick Rice ICT Liverpool.
November 21st, 2008 4:28pm

I was able to resolve this issue by insuring that my primary DC was the first in the DNS list (ad integrated). I had this reveresed by mistake (note this is on my home test lab) - so my router to the internet was first, followed by test DC. Reversed this and was able to join domain just fine.
Free Windows Admin Tool Kit Click here and download it now
December 7th, 2008 6:39pm

Hi ,Problem got solved after changes done in system propeties for primary DNS suffix of this computerShrini
March 21st, 2009 10:33am

i have a lot of trouble to settle this problem, finally i can solve this problem. if you go trought all the reply in this forum and follow all the setting, if you lucky u problem can settle. U dindnt have to disabled IPv6 on the connection and Didn't have to use WINS or NetBIOS. What you must do is:- 1- You must active your administrator account and than logon as administrator. 2- In system properties, you must field the Primary DNS suffix on this computer: with your doman name. eg, microsoft.com and than tick the box Change primary DNS suffix when domain membership changes. Must restart after this setting. 3- You must edit file hosts. Default location is : MyComputer/Local C/Windows/System32/Drivers/etc/hosts(open with notepad) - Remember if you logon as user/administrator you cannot edit this file. 4- End of line:- 127.0.0.1 localhost ::1 localhost 192.168.1.1 server.microsoft.com Red - IP Server Green - Computer Server Name Blue - Domain Name That's all i have to do, and i finally can join all vista to my domain. OsmanThanks osman for your instruction it is work for me all fine.eRick
Free Windows Admin Tool Kit Click here and download it now
May 18th, 2009 11:41am

set the DNS server to have a static IP Address (Servers Address) on the client machine and you are good to go. Thnx
January 7th, 2010 12:24pm

Hi Guys, Had a similar problem with WIN2008 not getting added to domain and was getting the below error. Tried all the possiblities which has been gn above. However stil the issue was not resolved. Therefore one of ma team mate checked and resolved the issue..... Error : An attempt to resolve the DNS name of a DC in the domain being joined has failed. Please verify this client is configured to reach a DNS server that can resolve DNS names in the target domain." Resolution: The Backup NIC was pointing to an incorrect Subnet Mask Not sure if this can help u guys....
Free Windows Admin Tool Kit Click here and download it now
June 3rd, 2010 2:09pm

i found a solution just put the ip address of the DC machine in the DNS section of the network connection. it seems to be because the DC is not registered in the current DNS server's list.
June 15th, 2010 8:33am

i found a solution just put the ip address of the DC machine in the DNS section of the network connection. it seems to be because the DC is not registered in the current DNS server's list. Hi Jaackov, The settings you described are actually the proper way to have all internal AD machines (DCs, member servers and client machines) configured, that is to only use the internal DNS server that hosts the AD zone. Otherwise, if using a different server, such as an ISP's DNS server, or say the router's IP address as a DNS address, it will definitely cause numerous problems with Active Directory DC to DC and client to DC communications. I have a blog on AD's reliance on DNS, posted below. I hope you and others find it helpful. Active Directory and Its Reliance on DNS, and using a DNS address that doesn't host a copy of the AD zone, nor does it have a reference to the AD zone. http://msmvps.com/blogs/acefekay/archive/2009/08/17/ad-and-its-reliance-on-dns.aspx Ace Ace Fekay, MVP, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007, MCSE & MCSA 2003/2000, MCSA Messaging 2003, Microsoft Certified Trainer, Microsoft MVP - Directory Services. This posting is provided AS-IS with no warranties or guarantees and confers no rights.
Free Windows Admin Tool Kit Click here and download it now
June 23rd, 2010 11:56pm

this is an easy fix. make sure that the primary dns is pointing to the domain controllers IP address
January 6th, 2011 1:19pm

This is for Windows 7, but clearing the IPV6 option for the adapter fix my issue.
Free Windows Admin Tool Kit Click here and download it now
March 6th, 2011 12:43am

I'm not sure what all the confusion is with joining a machine to a domain. Simply put, if you notice some of the ipconfigs that were posted, some of the DNS addresses show they are pointing to their gateway/router address. In some instances, some admins will configure their ISP's DNS servers in their machines (Comcast, Verizon, or whatebver you have). Simply put, you can't do that. To explain, AD relies on DNS. Period. So when you join a machine, it tries to "find" Active Directory resources by asking DNS, "where is my domain controller for the AD domain I want to join?" If you're asking your router this question, does it know the answer? Let's say when you went to bed, you know your refridgerator had a full case of beer in it chilling for tomorrow's party. No one else is in the house. You wake up come to find the beer is all gone. You walk out front and you ask the first person you see, a neighbor that you've never talked to before, and you yell out, "Hey, where is my beer?" Does he have the answer? I guess if you see the look on his face, you'll no he doesn't. Same with asking your router or your ISP about where your AD domain resources are. And no, WINS is not the answer. And no, disabling IPv6 is not the answer. To gain a better understanding of what's going on with AD and its DNS reliance, please read the following: Active Directory's Reliance on DNS, and why you should never use an ISP's DNS address or your router as a DNS address, or any other DNS server that does not host the AD zone name http://msmvps.com/blogs/acefekay/archive/2009/08/17/ad-and-its-reliance-on-dns.aspx I hope everyone finds this helpful. AceAce Fekay MVP, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007, MCSE & MCSA 2003/2000, MCSA Messaging 2003 Microsoft Certified Trainer Microsoft MVP - Directory Services This posting is provided AS-IS with no warranties or guarantees and confers no rights.
March 6th, 2011 3:07am

Hello Tommy , 1) Please give a static IP address in case if your vista machine is not getting a IP from the DHCP server. 2) Please try pinging the DNS server by FQDN , by IP and by netbios name. 3)Please try to access shares locates on a domain controller and the dns server by doing \\DC. 4)Please do a NSLOOKUP on the client machine and try resolving the DNS and DC by putting in IP addresses. 5)If the above 5 works fine all you need is the correct admin user id and password. 6)If all abover are working fine and still you are unable to join vista machine to the domain then disable IPV6 - reboot the vista machine and try again - this should work! Thanks Rajesh
Free Windows Admin Tool Kit Click here and download it now
June 10th, 2011 2:54pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics