problems setting up domain - windows 2000 machines joining 3

[chunky28]

I am currently attempting to set up a domain on our LAN.

I have a Windows 2000 server machine with active directory set up.

I also have a few Windows NT 4 sp6a machines and a few Windows 2000 professional machines which I am attempting to add to my domin.

I do not have any problems adding the NT machines but I can't correctly configure the 2000 pro machines!!!

Please Help....

I am logging on as an Administrator
and have entered the usual Network ID info...

I can see the domain within my network places and I can see and access the windows 2000 machine from the server and from the other nt machines. But I can't access the network from the 2000 machine.

When I do I get:
'There are currently no logon servers available to service your request'
I have used netdiag.exe on my 2000 server machine and it fails on the following:
1.
IP loopback ping test. . . . . . . : Failed
[FATAL] IP loopback failed.
You may have a problem with your IP stack.
- I can ping other machines from the server - but not itself!
2.
DNS test . . . . . . . . . . . . . : Failed
[WARNING] The DNS entries for this DC are not registered correctly on DNS server '158.152.1.58'. Please wait for 30 minutes for DNS server replication.
[WARNING] The DNS entries for this DC are not registered correctly on DNS server '158.152.1.43'. Please wait for 30 minutes for DNS server replication.
[FATAL] No DNS servers have the DNS records for this DC registered.
3.
DC list test . . . . . . . . . . . : Failed
'DATACHASE': No DCs are up.
I have used netdiag.exe on on of the Windows 2000 pro machines and it fails on the following:
1.
WINS service test. . . . . : Failed
The test failed. We were unable to query the WINS servers.
2.
IP loopback ping test. . . . . . . : Failed
[FATAL] IP loopback failed.
You may have a problem with your IP stack.
3.
DNS test . . . . . . . . . . . . . : Failed
[FATAL]: The DNS registration for 'server4.datachase.oracledatabaseconsulting.com' is incorrect on all DNS servers.
4.
DC list test . . . . . . . . . . . : Failed
'DATACHASE': No DCs are up.
oh and it also takes a long time to logon to the domain - about 20 mins 30 mins!!!!!

Thank you in advance for any suggestions!!!
Charlie

 

[LeonBar]

I just went through this. We have 7 NT4 and 25 2K machines the NT4 connected just fine the 2K machines didn't. Have you setup a DNS server? If You have active directory setup you can't add win2k machines unless the DNS server is activated.

Get this article for Setting up the domain name system for active directory, after you do that windows2k workstations will connect. I used the IP address of my server for my dns address because I am not using my server for a web server.

Microsoft knowledge base article 237675

http://support.microsoft.com/default.aspx?scid=kb;en-us;237675

Leon

 

[GiaBetiu]

Your server indeed doesn't seem to be happy at all.
Try an ipcongig /all. What is saying there?
Then, you have to check the DNS configuration. DNS is a must for Windows 2000. Entire name resolution schema in Win2000 is based on DNS.
The Windows 2000 DC will create special zones there, that will be used by variuos services from Windows (eg: global catalogs, domains, kerberos,. etc).
But, if the DNS is not runnig properly I don't see why your server is not answering properly to ping localhost!
So, things are getting strange there. What protocols are configured on that network interface?

Windows NT machines are not using DNS to find the domain that they have to join. Win2000 is using.


Gia Betiu
giabetiu@chello.nl
Computer Eng. CNE 4, CNE 5, MCSE Win2K

 

[chunky28]

Thanks to you both for responding.

I am currently looking at the document regarding setting up DNS for Active Directory.

The results of C:\>ipconfig /all is as follows:

Windows 2000 IP Configuration

Host Name . . . . . . . . . . . . : mailgate
Primary DNS Suffix . . . . . . . : datachase.oracledatabaseconsulting.c
om
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : datachase.oracledatabaseconsulting.c
om
oracledatabaseconsulting.com

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : VIA VT6102 Rhine II Fast Ethernet Ad
apter
Physical Address. . . . . . . . . : 00-50-8D-46-57-7E
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 193.195.222.226
Subnet Mask . . . . . . . . . . . : 255.255.255.240
Default Gateway . . . . . . . . . : 193.195.222.225
DNS Servers . . . . . . . . . . . : 193.195.222.226
158.152.1.53
Primary WINS Server . . . . . . . : 193.195.222.0

This is a relatively new install and I have very little experience in this but it seems as though the DNS configuration is the culprit.

I am attempting to set the DNS up again from scratch. I am also using other remote dns's for internet name resolution.

Thanks again

Charlie

 

[GiaBetiu]

Ok,.. it looks ok. Your IP stack should be loaded properly, even if your IP name resolution is working bad (if DNS is unproperly installed).
As I see on the server it is installed DNS (or at least in your configuration it is pointing to itself).

I'm courious why netdiag is saying that loopback is not working.
try ping localhost
and ping 193.195.222.226
If this will work, then there is no problem with your IP stack.

About DNS,... don't forget that your WIn2k clients should use same DNS server (193.195.222.226).
Have you some errors in the event viewer from your server? Something like: couldn't register a DNS record,.. etc?

Gia Betiu
giabetiu@chello.nl
Computer Eng. CNE 4, CNE 5, MCSE Win2K

 

[chunky28]

ping localhost and ping 193.195.222.226 both fail with request timed out.

And yes the event viewer on both the win 2000 client and server are full of errors. These are as follows:

Server:

source we2Time - The Windows Time Service was not able to find a Domain Controller. A time and date update was not possible.

source we2Time - This Machine is a PDC of the domain at the root of the forest. Configure to sync from External time source using the net command, 'net time /setsntp:<server name>'.

Netlogon - Registration of the DNS record '_gc._tcp.datachase.oracledatabaseconsulting.com. 600 IN SRV 0 100 3268 mailgate.datachase.oracledatabaseconsulting.com.' failed with the following error:
DNS server unable to interpret format.

Netlogon - Registration of the DNS record '_kerberos._tcp.Default-First-Site-Name._sites.datachase.oracledatabaseconsulting.com. 600 IN SRV 0 100 88 mailgate.datachase.oracledatabaseconsulting.com.' failed with the following error:
DNS server unable to interpret format.

Netlogon - Registration of the DNS record '_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.datachase.oracledatabaseconsulting.com. 600 IN SRV 0 100 389 mailgate.datachase.oracledatabaseconsulting.com.' failed with the following error:
DNS server unable to interpret format.

Netlogon - Registration of the DNS record '_ldap._tcp.dc._msdcs.datachase.oracledatabaseconsulting.com. 600 IN SRV 0 100 389 mailgate.datachase.oracledatabaseconsulting.com.' failed with the following error:
DNS server unable to interpret format.

Client:

MRxSmb - The redirector was unable to initialize security context or query context attributes.

Netlogon - Attempt to update HOST Service Principal Names (SPNs) of the computer object in Active Directory failed. The updated values were '<UNAVAILABLE>' and '<UNAVAILABLE>'. The following error occurred:
Could not find the domain controller for this domain.

Netlogon - Attempt to update DNS Host Name of the computer object in Active Directory failed. The updated value was 'server4'. The following error occurred:
Could not find the domain controller for this domain.

I have looked at various Microsoft documents which appear to relevant to the overall problem but none have made any difference.

e.g.

237675 - Setting Up the Domain Name System for Active Directory

306927 - Windows 2000-Based or Windows Server 2003-Based Computer Is Inaccessible from the Domain

244474 - How to Force Kerberos to Use TCP Instead of UDP

Thanks again for you assistance

Charlie

 

[GiaBetiu]

Well, well. Before to start those things from MS site, first it seems that your IP stack is damaged.
Why? Difficult to say. Check what protocols you have installed there? Check if you don't have a conflict with another IP address in the network. I think that your NT machines are using NetBIOS. Because otehrwise, if TCP/IP is down,. i don't see how they will connect. So,,, is it there (NetBEUI)?

Install a Microsoft loopback adapter (is a virtual network card). Assign it an IP address, and try to ping it. In this way you will see if the problem is in Network driver of that VIA Network Adapter.

First be sure that the TCP/IP stack is ok, and will answer to that ping local.
Then, you can go to DNS configuration, where obviously are a lot of mistakes added because the system couldn't configure it properly (since IP stack is not oK).


Gia Betiu
giabetiu@chello.nl
Computer Eng. CNE 4, CNE 5, MCSE Win2K

 

[chunky28]

I installed a microsoft loopback adapter and assigned it an IP address (it doesn't matter what this is does it - as it's internal).

Anyway the ping failed again with Requets timed out error.

Within my local area connection propeties sheet the protocols installed are: Network Monitor Drive and Internet Protocol (TCP/IP).

Thanks

Charlie

 

[GiaBetiu]

What I mean is:
- install loopback
- assign an IP to it!
- ping to that IP
- ping to localhost then


Gia Betiu
giabetiu@chello.nl
Computer Eng. CNE 4, CNE 5, MCSE Win2K

 

[chunky28]

yes - I attempted to ping the IP address (didn't try ping localhost though)

Now rebooted the machine. Will attempt this again but it's taken about 20 mins to boot up so far!!

Thanks for your continued help.

Charlie

 

[GiaBetiu]

If not even communication via loopback adapter is not working,.. i'm afraid that next is a nice reinstall... (

Gia Betiu
giabetiu@chello.nl
Computer Eng. CNE 4, CNE 5, MCSE Win2K

 

[chunky28]

Really?!! - OK

It still hasn't booted up anyway (taken about 30 - 40 mins now)

Would you suggest a complete reinstall or should I attempt to repair the install with the CD - I assume this is an option as with other windows versions.

Thanks for the suggestions

Charlie

 

[WiredNDC69]

Reinstall... Other thing is to make sure that you have no firewalls installed.

 

[cbrider]

If your are about to reinstall, definitly backup any data you may have stored on the server. Now you have two options:

Clean install: format the drive.

System overlay: reinstalls just windows.

To just reinstall windows and leave your files intact, in setup select for a new windows 2000 install. then setup will run a check for previous versions of windows. then it will have the option to completley remove windows and start from scratch, or leave files intact and install windows over it,(or somthing to that extent).

 

[chunky28]

Oh - why would the IP loopback test fail on the client machine too?

Wouldn't it be a bit unlucky for both machines to be corrupted in this way????? The netdiag results showed the following for the client:
IP loopback ping test. . . . . . . : Failed
[FATAL] IP loopback failed.
You may have a problem with your IP stack.

Charlie

 

[chunky28]

thanks for the advice.

This is a very new install anyway - so I have vary little on the machine.

So a backup may not be necessary - So would you suggest a complete format and reinstall?

Thanks

Charlie

 

[GiaBetiu]

Completelly reinstall. The long time from the startup now is because of TCP/IP stack bad, and also DNS requests, that AD is trying to make them (registering itself,. etc).

1. reinstall w2k
2. do not add anny other DNS server in IP settings
3. run dcpromo
4. during install it will ask you a DNS server, say that you don't have, and let it create it
But! I don't know what are the name conventions in your network. Eventually, before to run dcpromo, you can install DNS server first. And, then you can choose to be part of the curent name structure.
DCpromo needs a DNS that suports: SRV records and dynamic updates. WIndows 2000 DNS, and BIND version 8 has such possibilities. So, the best way install locally a DNS server.

Gia Betiu
giabetiu@chello.nl
Computer Eng. CNE 4, CNE 5, MCSE Win2K

 

[LeonBar]

Just my opinion, I have tried to repair 2k and run upgrades too. Every time I did that some problems seem to crop up. I would recommend to format the drive and start from scratch if you can. Just remember your settings. and backup your data. One other problem we had, our network was giving us a lot of problems it turned out to be one of the hubs were bad. After we replaced the hubs all of the strange problems were fixed. I suggest getting a small hub and a laptop and making sure you don’t have any network hardware issues.

After you run the format setup use the wizzards to configure active directory and DNS. That is how I did the server here and it is working great now.
Good luck
leon

 

[chunky28]

Just about to start reinstall.

But as asked previously:

does anyone know how the IP loopback stack could have failed on both the server machine and the client machine I tested with netdiag.

Wouldn't it be a bit unlucky for both machines to be corrupted in this way?????

&quot;The netdiag results showed the following for the client:
IP loopback ping test. . . . . . . : Failed
[FATAL] IP loopback failed.
You may have a problem with your IP stack. &quot;

Thanks to all!

 

[GiaBetiu]

As I said, your IP stack was not installed properly. Reinstall the server as I said.

Gia Betiu
giabetiu@chello.nl
Computer Eng. CNE 4, CNE 5, MCSE Win2K