Tecra A9: Cannot join a domain or view websites wirelessly - Vista
I'm having a problem with wireless networking on this new installation of Vista.
I can view & connect to a wireless router no problem but when I try to join a domain or view most web pages it just will not play ball.
I can ping both local and external addresses and some web pages work with no problem at all.
I have tried updating the wireless drivers from the toshiba web site and when that did not make a difference from the intel website but to no avail.
If i plug in a network cable everything works fine.
I have another notebook running XP which connects to the same wireless router and has none of these problems.
Help!
Stu
Seems that there is nothing wrong with your wireless lan device at all. I think there are some settings of Vista, that prevent some internet pages from working, maybe built in firewall or antivirus program. Internet Explorer 7 has built in some security features as well, so you might take a look at this.
Perhaps the first thing you could try is to use another internet browser, like firefox and check firewall settings.
Similar Messages
-
7410 CIFS/NFS cannot join AD domain
I've been asked to help on this issue but I know little about the 7410 configuration, and the Admin Guide available wasn't much help with some of the errors I've seen.
This is a Sun Storage 7410 Version ak/SUNW,[email protected],1-1.17
CIFS and NFS are enabled, and appear to be configured correctly as far as controller names, IP addresses, etc. DNS is working and nslookup from the CLI does work. Lan Man Compatibility Level is set to 2. Looking in the logs, I noticed that in the log labled system-identity:node, there is a line that says:
aksh fatal error: could not connect to akd; is it both enabled and running?
What does this refer to?
Also, in the top title bar of the 7410 GUI, there is an error which says:
An attempt to import the resource 'ak:/ad/da0f40fc-014e-ca1f-880d-892ff109361c' has failed
Was this error as a result of someone trying to join a domain, or is it some other indicative error? When an administrator attempts to join a domain, the message "no such domain" appears, but the domain does indeed exist.
What else can I look at to find out the source of this problem?
Edit: I should add that we can ping to this 7410 by IP, but not by host name.
much thanks
Edited by: mdinaz on Jul 29, 2009 12:23 PMI would recomend sticking the latest patch on - there's a fix in there for AD 2008 domains - though not sure if this is your issue. Also, I don't think the box will show in DNS until it is added to the domain (unless manually added to the DNS server).
http://wikis.sun.com/display/FishWorks/Sun+Storage+7000+Series+Software+Updates
hth. Chris -
Cisco ACS 5.4.0.46.6 - Cannot join to domain
I am not able to join Cisco ACS to domain. I get the error "wrong domain". Nslookup resolves the domain correctly. ACS troubleshoot adcheck shows the below error
ADGC : Check Global Catalog servers
: There is no GC in site "INGUA"
: It is recommended that a GC exist in each site.
Checked with AD team and they confirm that GC does exist at this site. It is a Windows 2008 R2. I am able to telnet to the required ports from the ACS console. Tried applying the latest patch. Tried re-imaging the ACS server. Still the issue remains. Any help appreciated.
Cisco Application Deployment Engine OS Release: 2.0
ADE-OS Build Version: 2.0.3.063
ADE-OS System Architecture: i386
Copyright (c) 2005-2011 by Cisco Systems, Inc.
All rights reserved.
Hostname: ZINGUA6001
Version information of installed applications
Cisco ACS VERSION INFORMATION
Version : 5.4.0.46.6
Internal Build ID : B.221
Patches :
5-4-0-46-6Hi Minakshi,
I perform the update before your post and I test without deregister all server.
So far, all was good.
I had no issue and the update tooks me very less time without following the full UPGRADE procedure.
The command had also a rollback for the update, so I take the risk.
This is certainly not the case for upgrade but update seems to easier.
Kind regards.
Steve -
New 2012 R2 domain - xp clients cannot join or print
I just migrated a 2003 domain to 2012 R2. Things were working ok & then XP clients became AD stupid.
Steps I took:
Added a VM 2012 R2 DC to the domain. Server had DNS installed. Ran dcdiag & bpa and resolved any issues.
About a week later I moved all roles over to the VM DC.
Tore down one of the NT2003 DCs (not VM) and rebuit it as a 2012 R2 DC w/DNS. Ran dcdiag & bpa and resolved any issues. Had problems with DNS scavenging removing some static records. readded records & made sure the "Delete
record when it becomes stale" was unchecked on all static records (all fwd & rev zones).
Moved all roles from the VM DC to the hardware DC.
After a week I tore down the 2nd (& last) nt2003 DC (not VM) and rebuilt it as a 2012 R2 DC w/DNS. Ran dcdiag/bpa and fixed any issues. Also ran it on the other DCs.
Removed the VM 2012 R2 DC from the domain (demote, remove features, remove from domain, power off, delete VM).
Everything seems to be working fine. dcdiags look clean, event logs seem good.
Bump forest/domain to 2012 R2 native.
Then, a few days later, it goes bad. I (after hours) install all accumulated updates on both DCs. Reboot both.
Next AM a user calls. Her thin client cannot connect to the terminal services server. DNS has deleted its dns record, even though the delete when stale was unchecked. :| So I readd the static record and turn off scavenging.
Problem solved.
Next call s from a XP user (we have XP, Win 7, and thin clients). She cannot print. Printers show "cannot connect". Try various things to no avail. Check Win 7 boxes and they're working fine & printers are connected.
Note that the XP & Win7 boxes all pull their DHCP address from the same dhcp server/scope.
Review error logs and run dcdiag. There are several somewhat esoteric errors. After several hours or tail chasing I decide to take a more scorched earth tack. I demote the 2nd DC and remove AD & DNS from it. After demotion and role
removal I check AD and it still shows the DC. I remove the now just a server from the domain. Clean up DNS & AD removing all traces. This takes a while as I have to run variuos scripts (tahnk you google) to ensure AD is clean.
Run dcdiag and resolve issues. Even a detailed dcdiag comes out clean. Replication tests show the old server is now forgotten.
Check XP boxes and they still show printers as "cannot connect".
Remove a XP PC from the domain. Try to rejoin and I get a error. Rename it and still get the error. I can ping, nslookup, etc and they return the correct IP.
I've tried the simple change the join a domain in system properties. That gives a somewht non descript error. The network identification wizard seemed to find the domain but didn't work. As it was trying to find the PC in AD, I went ahead
and added it via AD users& Computer console. Run the wizard and it tells me it found the record in AD. It then says "a domain controller for the domain [ourdomain] could not be contacted." !? Yet the prior screen it told
me it had found the record for the PC on the DC.
nslookup for ourdomain.local as well as dcname.ourdomain.local resolve correctly. Tried chenging the PC to static - no change. Rename the old win 2012 R2 dc (now just a server outside the domain), reboot, and the try to rejoin the domain.
Works flawlessly.
BTW - We're running tcpip w/o netbios over tcpip.
So basically my XP boxes cannot use AD printers and cannot join the domain. IDK if they're picking up gp updates (I'll check in the AM), but I suspect they're not.
Short of buying a truckload of Win 7 licenses and reloading OSs, what can I do to fix this?
Details on the XP box error (fyi - I did a record to record comparison to a Win 2008 domain's SRV records and they look identical (except, fo course, the domain& server names)) :
The domain name [ourdomain] might be a NetBIOS domain name. If this is the case, verify that the domain name is properly registered with WINS.
If you are certain that the name is not a NetBIOS domain name, then the following information can help you troubleshoot your DNS configuration.
The following error occurred when DNS was queried for the service location (SRV) resource record used to locate a domain controller for domain [ourdomain]:
The error was: "DNS name does not exist."
(error code 0x0000232B RCODE_NAME_ERROR)
The query was for the SRV record for _ldap._tcp.dc._msdcs.[ourdomain]
Common causes of this error include the following:
- The DNS SRV record is not registered in DNS.
- One or more of the following zones do not include delegation to its child zone:
[ourdomain]
. (the root zone)
For information about correcting this problem, click Help.
dcdiag /test:dns results
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = Domctl1
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\DOMCTL1
Starting test: Connectivity
......................... DOMCTL1 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\DOMCTL1
Starting test: DNS
DNS Tests are running and not hung. Please wait a few minutes...
......................... DOMCTL1 passed test DNS
Running partition tests on : DomainDnsZones
Running partition tests on : ForestDnsZones
Running partition tests on : Schema
Running partition tests on : Configuration
Running partition tests on : [ourdomain]
Running enterprise tests on : [ourdomain].local
Starting test: DNS
Test results for domain controllers:
DC: Domctl1.[ourdomain].local
Domain: [ourdomain].local
TEST: Dynamic update (Dyn)
Warning: Failed to delete the test record dcdiag-test-record in zone [ourdomain].local
Domctl1 PASS PASS PASS PASS WARN PASS n/a
......................... [ourdomain].local passed test DNSI see the following errors:
"TCP/IP failed to establish an outgoing connection because the selected local endpoint was recently used to connect to the same remote endpoint. This error typically occurs when outgoing
connections are opened and closed at a high rate, causing all available local ports to be used and forcing TCP/IP to reuse a local port for an outgoing connection. To minimize the risk of data corruption, the TCP/IP standard requires a minimum time period
to elapse between successive connections from a given local endpoint to a given remote endpoint."
Please read that: http://social.technet.microsoft.com/Forums/windowsserver/en-US/d770e9fd-53a2-4ae9-99b3-2754c4564592/tcpip-connection-issue-on-windows-server-2008-sp2?forum=winserverPN
"DCOM was unable to communicate with the computer 8.8.8.8 using any of the configured protocols; requested by PID b70 (C:\Windows\system32\dcdiag.exe)."
As you can see, it is pointing to 8.8.8.8. You need to make sure that public DNS servers are configured as forwarders and not in IP setting of your DCs. Better if you could use your ISP DNS servers as public ones instead of 8.8.8.8.
Please read this Wiki article for recommendations about IP settings: http://social.technet.microsoft.com/wiki/contents/articles/18513.active-directory-replication-issues-basic-troubleshooting-steps-single-ad-domain-in-a-single-ad-forest.aspx
" TEST: Dynamic update (Dyn)
Test record dcdiag-test-record added successfully in zone [ourdomain].local
Warning: Failed to delete the test record dcdiag-test-record in zone [ourdomain].local
[Error details: 9505 (Type: Win32 - Description: Unsecured DNS packet.)]
Here, you need to make sure that only secure DNS updates are allowed if you would like to secure dynamic updates. This is detailed in here:http://social.technet.microsoft.com/wiki/contents/articles/21984.how-to-secure-dns-updates-on-microsoft-dns-servers.aspx
This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.
Get Active Directory User Last Logon
Create an Active Directory test domain similar to the production one
Management of test accounts in an Active Directory production domain - Part I
Management of test accounts in an Active Directory production domain - Part II
Management of test accounts in an Active Directory production domain - Part III
Reset Active Directory user password -
Windows 8.1 will not allow me to join a domain
I am trying to join laptops running Windows 8.1 to domain. When I go to properties for This Computer, Join a domain wizard is greyed out. Can I join a Windows 8.1 computer to a domain?Have you verified that your Windows 8.1 is a Pro or Enterprise edition? The Basic edition cannot join a domain.
-
Hi,
I am trying to build a 3-tier SharePoint 2013 farm.
1. SQL Server 2012, Windows 2012 VM
2. DC Server, Windows 2012 VM
3. SharePoint 2013, Windows 2012 VM
I didn't built the DC server. Someone else did. However, I created about 14 service domain user accounts for SQL Server and SharePoint install and operation.
I was able to join the SQL Server into the SharePoint server farm using SharePoint 2013 Product Configuration Wizard. When I start the Central Admin, and click on Servers in the Farm, I only see the SharePoint server and SQL server,
but the DC server is not listed. Any suggestion on what did I miss?
Thanks
JeanYou cannot join the Domain Controller to your SharePoint farm. You must instead join each server from that farm to the domain that is served up by that DC. You will want to uninstall SharePoint and probably SQL before you do this. If it's
an option, I would re-provision your VMs completely and start fresh. Once you login to a new server, join that server to the target domain like this:
http://www.petri.co.il/join-windows-server-2012-to-domain.htm
You'd have to ensure that your DNS resolves to the target domain on the server being joined to the domain. If it doesn't, you can always use HOSTS entries to overcome that in the short term.
Once you've joined both the future SQL and SharePoint servers to the domain, you can install SQL Server and then SharePoint on their prospective servers to create your farm.
I trust that answers your question...
Thanks
C
|
RSS |
http://crayveon.com/blog |
SharePoint Scripts | Twitter |
Google+ | LinkedIn |
Facebook | Quix Utilities for SharePoint -
Cannot join domain "the network path was not found"
Hi there.
As I wanted to install new Microsoft Lync Server, I tried to prepare a virtual machine for this. For some reason I used a virtual machine that I tested for some another services, therefore it had some changes on it.
As you know before installing Lync Server your client must be join a domain and when I tried to joined it I faced with this error "The following error occurred attempting
to join the domain “ysatech”; the network path was not found "
Before my search, I thought it was DNS problem. I checked DNS but nothing was wrong.
I searched for it and I read some forums answers and I resolved it:
As I said my client server had some changes, the problem was in the NIC but not about DNS or WINS. The "Client for Microsoft Networks" of
NIC of my domain network was not checked and it must be checked.Check the dns setting on client and ensure the setting as below.
1. Each workstation/member server should point to local DNS server as primary DNS and other remote DNS servers as secondary.
2. Do not set public DNS server in TCP/IP setting of client/member server.
3. If multiple NIC are configured disable the unrequired NIC.Check the NIC binding order too.
This issue may occur if the TCP/IP NetBIOS Helper Service is not running on the client computer.
http://www.chicagotech.net/pathnotfound.htm
Network Path Not Found" Error Message When You Try to Add Workstation to Domain:http://support.microsoft.com/kb/285182
I will also recommend to enable the Client for Microsoft Networks.If still issue persist post the ipconfig /all details of client computer.
Best Regards,
Sandesh Dubey.
MCSE|MCSA:Messaging|MCTS|MCITP:Enterprise Adminitrator |
My Blog
Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights. -
Reimaged Win 7 PC still cannot ping either domain controller by IP Address, but sees other PCs fine.
OK so this is weird one: I have a Window 7 box that when I went to use it, I discovered that it no longer had access to the internet, but it did see the other PCs on the network. After trying completely different network ports then removing/reading the NIC
and using system restore, I decided to reimage it from scratch and deleted the PC's name from the domain. Here's where it gets strange: Even after a completely wiped and reloaded PC from a known good template, it DOES get an IP address from DHCP/DC/DNS server
(same machine) it can view the other workstations on the domain, but it cannot even get a ping reply back from either of our 2 domain controllers, much less join the domain and it still does not see the internet. This one really has me kerfuffled! It is the
only PC with this problem and I've already scorched the HD.Hi,
According to your description, the Windows 7 PC has joined the domain before going wrong. And after a series of operations the Windows 7 still can’t access Internet and it can’t ping DC by IP address.
Have you checked the Windows Firewall to see if the firewall blocked the ICMP packet?
Due to the Windows PC can get an IP address from DHCP server as mentioned above, so what IP address the Windows 7 PC get? And what is the IP address of the Windows 7’s DNS server? We can use
ipconfig /all command to print out the TCP/IP configuration. Because we can’t ping DC by IP address, maybe the Windows 7 PC can’t connect to DHCP server. If a DHCP client can’t connect the DHCP server, it can assign a private IP address of
169.254.0.0/16 network to itself. Then the DHCP client will attempt to find an available DHCP server every five minutes. Obviously, computer with a private IP address can’t access Internet.
Best Regards,
Tina -
Macbook ver 10.6.8 after update 10.6.8 combo cannot join open wifi anymore
I am using Macbook ver 10.6.8 after update 10.6.8 combo i cannot join open wifi anymore.it shows me no internet connection.in fact before this i can acces any open wifi smoothly.it makes me annoyed and regret my action updating the combo.almost 3weeks i try to find the solution by read any suggestion from community but it makes me frustrated. for sure i refuse to send away my macbook to technician because what i knew they also take solution from here.i state here my macbook details :
Model Name: MacBook
Model Identifier: MacBook3,1
Processor Name: Intel Core 2 Duo
Processor Speed: 2.2 GHz
Number Of Processors: 1
Total Number Of Cores: 2
L2 Cache: 4 MB
Memory: 4 GB
Bus Speed: 800 MHz
Boot ROM Version: MB31.008E.B02
SMC Version (system): 1.24f3
Serial Number (system): W8744400Z63
Hardware UUID: 6172E4C5-C120-5C8A-9B2E-430B3D42C912
Sudden Motion Sensor:
State: Enabled
this the details my current network:
AirPort:
Type: AirPort
Hardware: AirPort
BSD Device Name: en1
IPv4 Addresses: 169.254.70.222
IPv4:
Addresses: 169.254.70.222
Configuration Method: DHCP
Interface Name: en1
Subnet Masks: 255.255.0.0
IPv6:
Configuration Method: Automatic
Ethernet:
MAC Address: 00:1d:4f:fc:c2:34
Media Options:
Media Subtype: Auto Select
Proxies:
Exceptions List: *.local, 169.254/16
FTP Passive Mode: Yes
Service Order: 2
this is the open wifi i always acces smoothly before i update the combo:
Software Versions:
Menu Extra: 6.2.2 (622.2)
configd plug-in: 6.2.5 (625.6)
System Profiler: 6.0.1 (601.1)
Network Preference: 6.2.2 (622.2)
AirPort Utility: 5.6.1 (561.3)
IO80211 Family: 3.2 (320.1)
Interfaces:
en1:
Card Type: AirPort Extreme (0x14E4, 0x88)
Firmware Version: Broadcom BCM43xx 1.0 (5.10.131.42.4)
Locale: APAC
Country Code: MY
Supported PHY Modes: 802.11 a/b/g/n
Supported Channels: 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 36, 40, 44, 48, 52, 56, 60, 64, 149, 153, 157, 161, 165
Wake On Wireless: Supported
Status: Connected
Current Network Information:
TM WiFi:
PHY Mode: 802.11g
BSSID: 0:19:be:80:20:1a
Channel: 1
Country Code: MY
Network Type: Infrastructure
Security: None
Signal / Noise: -77 dBm / -94 dBm
Transmit Rate: 36
Other Local Wireless Networks:
TM WiFi:
PHY Mode: 802.11g
BSSID: 0:19:be:80:21:96
Channel: 6
Network Type: Infrastructure
Security: None
Signal / Noise: -78 dBm / -99 dBm
Location (8/1/12 8:22 AM):<<<<<<<<<-------------------------At this time i can acces this open wifi with auto-login
Active Location: No
Services:
Ethernet:
Type: Ethernet
BSD Device Name: en0
Hardware (MAC) Address: 00:1b:63:a6:2e:44
IPv4:
Configuration Method: DHCP
IPv6:
Configuration Method: Automatic
Proxies:
Exceptions List: *.local, 169.254/16
FTP Passive Mode: Yes
FireWire:
Type: FireWire
BSD Device Name: fw0
Hardware (MAC) Address: 00:1d:4f:ff:fe:72:00:d4
IPv4:
Configuration Method: DHCP
IPv6:
Configuration Method: Automatic
Proxies:
Exceptions List: *.local, 169.254/16
FTP Passive Mode: Yes
AirPort:
Type: IEEE80211
BSD Device Name: en1
Hardware (MAC) Address: 00:1d:4f:fc:c2:34
IPv4:
Configuration Method: DHCP
IPv6:
Configuration Method: Automatic
DNS:
Search Domains: , 94C723E0-B495-45CF-8ACE-279AF0F2D687
Server Addresses:
Proxies:
Exceptions List: *.local, 169.254/16
FTP Passive Mode: Yes
IEEE80211:
Join Mode: Automatic
JoinModeFallback: Prompt
PreferredNetworks:
SecurityType: Open
SSID_STR: TM WiFi
Unique Network ID: 94C723E0-B495-45CF-8ACE-279AF0F2D687
after i update the combo:
and the page which the open wifi load automatically did not appear as before.
if the update affect the wifi,cant i just downgrade and remove the annoyed combo?any expertise r welcome to give great solution..plzz!!!need your help!!!!cant believe it nobody reply.. very dissapointed ..i bring my mac to experrt and he reset my mac to the original version 10.6.8 .. n seriously after it done.. the connection as i mentioned which annoyed me settled and it works like a charm.. when i try to check update my software ...it showned combined software for 10.6.8.. however i still afraid to update it.. i'm still in trauma...
-
Windows 8.1 VPN Functionality dissappears after joining a domain
Hello!
I can not seem to Identify the cause behind the following problem, I assume it is GP or permission related but I can not discover where.
Summary:
-New Tablet purchased from dell (Venue 11 pro series) started as windows 8.1 and the 8,1 pro pack update key was applied to enable domain functionality
-Setup and create network connections and establish a VPN connection as the local Admin ( Everything works)
-Join a domain
-Log on as a domain Admin
-Attempt to setup a VPN connection and an error is displayed in Charms saying "There is a problem with your modem or network adapter"
-Sign off and log on as the local administrator
-Attempt the same VPN setup, and the connection works and I receive the login credentials window in charms and the VPN can be established.
If anyone has any knowledge about this please let me know, I have yet to find 1 case similar to this.
****Update-
The VPN Connection appears in the Internet Options window Under the connections Tab, but when opening settings and properties I receive the following error:
"Cannot Load the remote access connection manger service.
error 5: Access Is denied"
In services the accounts appear to be correct for the log-on as local system
Attempting to change this to a domain admin account or local admin account proved to cause addition problems with other services because they did not have the same log-on accounts being used in the same process...
Again a search on this has yielded results for other OS but not Windows 8.1, Any fixes for these other OS that were attempted resulted in more log-on confilcts.
Any help would be appreciated.Hi,
According to your description, it seems like there was a problem with remote access connection manager service, please access to the path below to check RasMan rights, make sure all the user have write rights.
1. WIN+R, open Run, type regedit, press Enter.
2. Narrow to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RasMan
If problem persists, please contact Domain Adminstrator to check if there any limits with VPN.
Roger Lu
TechNet Community Support -
I cannot see toolbar with favourites, file etc so i cannot join any pages to my favourites. Where it's gone...?
Firefox 3.6+ versions have a feature to allow the user to hide the Menu bar.
Hit the '''Alt''' key to temporarily show the Menu bar, then open View > Toolbars and select Menu bar, so it has a check-mark. <br />
The F10 can also be used on most PC's to temporarily reveal the Menu bar.
https://support.mozilla.com/en-US/kb/Menu+bar+is+missing -
Hello,
We are trying to connect to Domain, Domain name is set up on the server.
We ping the IP and its working, but when we try to join the domain the following errors pop up
An Active Directory Domain Controller (AD DC) for the domain "proximity" could not be contacted. Ensure that the domain name is typed correctly.
Any idea please?If you have the ldp.exe tool installed on the device you can query ports 389 & 3268 to make sure they are open and able to reach the DC. If you have a DHCP server in this setup bypass it and try using a PC to DC join (remove all possible issues) DNS
can be an issue but using NSLOOKUP can quickly remove that from the equation. Make sure you have the required AD ports open between point A and B (Link for that below) Also If you have IPSEC in your enviroment this can be an issue. Needless to say it can be
a lot of things but if you need a simple method to start id do this:
Ensure all required AD ports are open and listening.
Ensure all required services (netlogon, task scheduler, etc) are enabled and the time is properly set on the device.
Ensure my NIC settings are configured correctly & I can resolve DNS using NSLOOKUP and typing the FQDN for the domain.
Ensure my IPSEC, firewall, etc is configured as needed.
AD Ports:
http://msdn.microsoft.com/en-us/library/dd772723(v=ws.10).aspx
DNS Issue Blog:
http://blogs.msdn.com/b/deva/archive/2013/03/23/dns-issue-cannot-join-domain-windows-server-2008-r2-server.aspx -
Solaris 11 - can't join AD domain
I've upgraded to Solaris 11 from 11 Express and am trying to join the system to an Active Directory domain. I first joined workgroup, then tried to rejoin the domain, at which time I get the following (names changed to protect the anonymous):
myuser@ganesh:~# smbadm join -u "DomainAdmin" lothlorien.domain.com
After joining lothlorien.domain.com the smb service will be restarted automatically.
Would you like to continue? [no]: yes
Enter domain password:
Locating DC in lothlorien.domain.com ... this may take a minute ...
Joining lothlorien.domain.com ... this may take a minute ...
failed to join lothlorien.domain.com: UNSUCCESSFUL
Please refer to the system log for more information.
/var/adm/messages shows this:
Nov 11 00:46:17 ganesh smbd[641]: [ID 270243 daemon.error] smb_ads_update_dsattr: ldap_sasl_interactive_bind_s Local error
Nov 11 00:46:35 ganesh smbd[641]: [ID 702911 daemon.error] smbns_kpasswd: KPASSWD protocol exchange failed (Cannot contact any KDC for requested realm)
Nov 11 00:46:35 ganesh smbd[641]: [ID 702911 daemon.notice] Machine password update failed
Nov 11 00:46:35 ganesh smbd[641]: [ID 702911 daemon.error] unable to join lothlorien.domain.com (UNSUCCESSFUL)
I know for sure the system is locating the DC and trying to register itself - I can see the events in the Windows event log. Having deleted the previous computer account, if I watch the Computers node of the AD Users & Computers MMC snap-in, I can see the Solaris system appear briefly as disabled, then disappear a few seconds later (with corresponding events in the DC's Security event log).
I can't find any documentation specific to S11 (as opposed to SE11) that addresses what might be different (if anything) in the smb join protocols. I know by now that S11 can autogenerate your /etc/krb5/krb5.conf so the fact that I can delete/rename that file and it will reappear with valid information validates the fact that it does locate and connect to the (K)DC and get relevant config info, not to mention that I can type garbage for my domain password and the behavior is different so it can do kerberos authentication.
I think the key error here is the "ldap_sasl_interactive_bind_s Local error" but it's not enough information for me to determine causality. I've already gone through Google searches and implemented changes related to the NTLM levels and so forth, but unlike with SE11 which I did have working, these did not solve the issue.
I'm still trying to go through the S11 documentation including the End of Feature Notices for what's changed but I didn't see anything revelatory in the Interop guide. I know this could also be something that's in my AD/GP configuration on the Windows side (e.g. I've implemented a PKI and strengthened system authentication among certain domain members). Has anyone run into anything similar? Do you have S11 (as opposed to SE11) joined to your domain?I finally got this figured out. It's a problem with client_lmauth_level on the smb service. the below script snippet configures Solaris 11 to join an AD domain on Windows 2008 R2:
echo *** Installing SMB system
pkg install system/file-system/smb
echo *** Installing SMB service
pkg install service/file-system/smb
echo server $TIMESERVER > /etc/inet/ntp.conf
svcadm enable ntp
echo *** Joining domain: $DOMAIN
svccfg -s smb setprop smb/client_lmauth_level=2
svcadm enable -r smb/server
smbadm join -u $DOMAIN/$DOMAINADMIN
Obviously, you should set the various variables for your local environment and probably a good idea to sync the clock explicitly instead of assuming ntpd will do it for you.
In addition, I had to set the auth level on the Windows 2008 domain:
Start -> Admin Tools -> Local Secuity Policy: Security Settings -> Local Policies -> Security Optiopns:
Network Security: LAN Manager authentication Level = Send LM & NTLM - Use NTLMv2 security session if negotiated -
Can't see SLES server joined to domain
Hi all: I am a domain membership on SLES newbee and I need some help with getting an SLES server working properly with our domain. The server I need help with was recently rebuilt from OES 11 to SLES 11 due to zenworks incompatibility. I still need to be able to access this server's storage over the network. When I browse the network from my Windows 7 computer the server does not show up and I cannot reach the server via \\servername. The server is in our DNS database.
So I joined the server to our domain successfully. I used the newer style domain notation rather than windows 2000/NT notation. I can see the server in now a member of the domain by looking at the domain members on one of our DCs. I have not enabled any other features such as "Also use SMB information for Linux Authentication" and "All users to share their directories". NTP is configured and operating. The server does verify that it is a domain member. Under Samba configuration I have set the domain using the older style domain notation. It is not a DC controller. I have also set the NETBIOS name.
I would appreciate some help understanding what I did wrong and what I need to do to correct this. BTW, I tried this once before on a test server and it worked well. Not sure what I did different.
Thanks for the help, Chris.DSfW does not apply as you pointed out, and I don't believe I was referencing that component. I need this SLES 11 SP3 server to be visible to some of my users. I want to share a directory named "storage" and I need it so that they can authenticate via AD rather than adding all these users as onto the SLES box. My users also need to be able to browse to the server using Windows Explorer or get to it via \\server.
So in YAST2 I can set up samba but I can also join the domain. This is where I am getting confused and setting something incorrectly.
>>> Simon Flood<[email protected]> 8/28/2014 8:32 AM >>>
On 28/08/2014 13:02, cmosentine wrote:
> Hi all: I am a domain membership on SLES newbee and I need some help
> with getting an SLES server working properly with our domain. The
> server I need help with was recently rebuilt from OES 11 to SLES 11 due
> to zenworks incompatibility. I still need to be able to access this
> server's storage over the network. When I browse the network from my
> Windows 7 computer the server does not show up and I cannot reach the
> server via \\servername <file://\\servername>. The server is in our DNS
> database.
>
> So I joined the server to our domain successfully. I used the newer
> style domain notation rather than windows 2000/NT notation. I can see
> the server in now a member of the domain by looking at the domain
> members on one of our DCs. I have not enabled any other features such
> as "Also use SMB information for Linux Authentication" and "All users to
> share their directories". NTP is configured and operating. The server
> does verify that it is a domain member. Under Samba configuration I
> have set the domain using the older style domain notation. It is not a
> DC controller. I have also set the NETBIOS name.
>
> I would appreciate some help understanding what I did wrong and what I
> need to do to correct this. BTW, I tried this once before on a test
> server and it worked well. Not sure what I did different.
Reading the above am I right in thinking that your server is not running
OES11 but instead "regular" SLES11? If so, where does Domain Services
for Windows (a component of OES11) fit in to the above?
HTH.
Simon
Novell Knowledge Partner
If you find this post helpful and are logged into the web interface,
please show your appreciation and click on the star below. Thanks. -
Remove & Join To Domain By Batch File
Hello,
I want to make a batch file that does the:
Remove from domain
Join to doamin
All one script that
performs this
I tried to make a batch file
with the NETDOM but the thing did not work
Can anyone help?Hi,
Please replace the netdom command with the simple Windows PowerShell cmdlets to join domain or remove the domain. Since you cannot use your batch file (containing netdom commands) on Windows 7 is that by default Windows 7 does not contain the netdom
command.
For more detailed information, please read this article:
Use PowerShell to Replace netdom Commands to Join the Domain
http://blogs.technet.com/b/heyscriptingguy/archive/2012/02/29/use-powershell-to-replace-netdom-commands-to-join-the-domain.aspx
Karen Hu
TechNet Community Support
Maybe you are looking for
-
Performance issues with Bapi BAPI_MATERIAL_AVAILABILITY...
Hello, I have a Z program to check ATP which is working with Bapi BAPI_MATERIAL_AVAILABILITY.... As I am in the retail system we have performance issues with this bapi due the huge amount of articles in the system we need to calculate the ATP. any w
-
I Want to create a formulated form in Dreamweaver for a Muse site
Hi, The form I want to create is more of a survey where each answer has a value and the values are calculated and displayed on the Page after pressing submit. How??? Thanks
-
R12 - Final Payment Register Report
Hi, We are about to upgrade to R12.1.3 from 11.5.9 and verifying the reports, specifically the AP module Final Payment Register report. I know this report is no longer available in R12 and was replaced by "Payment Register" report. The problem is, th
-
Using 2 data (SAP Netweaver BW) connections in Xcelsius dashboard
I have a situation when using 2 data (SAP Netweaver BW) connections in Xcelsius dashboard. Break-down of issue: I have a toggle button in our Sales dashboard which displays Top Ten Customers versus Bottom Ten Customers. I use the value of the toggle
-
Can you run two iphones on one account
Can you ? Two phones sync on one account .