unable to join computer to domain

I have a Win2k DC, some of my xp workstations can be successfully joined into
the domain, some cannot. On the problem machines, I get the error "the RPC
server is unavailable". I've done all the basic troubleshooting:
- i can ping the dc
- its netbios name is correct in lmhosts
- i can browse the workgroup and ping other machines by name
- when i try nltest.exe /dclist:[domain] i get this error: you don't have
access to dsbind on [domain], but then it tries NetServerEnum and it finds a
PDC.
- tried deleting the computer from active directory (it must partially
register in AD, otherwise it wouldn't be there)
- tried uninstalling file/print sharing and microsoft networking then
reinstalling
- made sure the rpc service was running
- i can connect to the c$ and admin$ of the DC as a domain admin (same
username i tried to join the computer to the domain with)

If anyone has ANY suggestions, I'd be most grateful.
Thanks,
Mike

This is generally a dns configuration problem. You must make sure that
domain computers and computers you want to join to the domain point ONLY to
Active Directory domain controllers running dns for the domain as their
preferred dns servers and NEVER an ISP dns server. See the link below on AD
dns to make sure your dns is configured correctly. The support tools netdiag
and dcdiag come in very handy troubleshooting such problems. Netdiag is for
any computer while dcdiag is for only domain controllers. I would be sure to
run both on your domain controllers and check Event Viewer on all computers
for pertinent clues For netdiag particularly look for
errors/warnings/failed tests for kerberos, dc discovery, dns, and
trust/secure channel. While it may appear that you have dns name resolution
in a domain, the domain computers must be able to find the _srv records for
the domain controllers to join and logon to the domain. Also check that the
computers that you are trying to join to the domain are in synch with the
time on the domain controller. Kerberos only allows for a five minute skew.
When checking time, check day/date/month/year/time zone/AM&PM also. There
also was a problem with SMB signing in certain configurations of XP Pro that
caused network connectivity problems in a W2K domain. This was fixed in
SP2. --- Steve


http://support.microsoft.com/default...en-us%3B291382
http://support.microsoft.com/default...b;en-us;321708 --- netdiag
and how to install support tools.
http://support.microsoft.com/default...b;en-us;241515 --- how to
use nslookup.

Using Nslookup
1. From your DNS server, type nslookup at a command prompt.
2. Type set type=all, and then press ENTER.
3. Type _ldap._tcp.dc._msdcs.domainname (where domainname is the name
of your domain), and then press ENTER.
Nslookup returns one or more SRV service location records in the following
format
hostname.domainname internet address = ipaddress

"mmi" <(E-Mail Removed)> wrote in message
news:EB0176CF-627B-469F-9537-(E-Mail Removed)...
>I have a Win2k DC, some of my xp workstations can be successfully joined
>into
> the domain, some cannot. On the problem machines, I get the error "the
> RPC
> server is unavailable". I've done all the basic troubleshooting:
> - i can ping the dc
> - its netbios name is correct in lmhosts
> - i can browse the workgroup and ping other machines by name
> - when i try nltest.exe /dclist:[domain] i get this error: you don't have
> access to dsbind on [domain], but then it tries NetServerEnum and it finds
> a
> PDC.
> - tried deleting the computer from active directory (it must partially
> register in AD, otherwise it wouldn't be there)
> - tried uninstalling file/print sharing and microsoft networking then
> reinstalling
> - made sure the rpc service was running
> - i can connect to the c$ and admin$ of the DC as a domain admin (same
> username i tried to join the computer to the domain with)
>
> If anyone has ANY suggestions, I'd be most grateful.
> Thanks,
> Mike
>

Are you using LMHOST? Do you have DNS and/or WINS? this may help, quoted from http://howtonetworking.com.

RPC Server is Unavailable
Symptoms: When running Replication, Winlogon, Terminal Server, User authentication, enabling trusted relationships, Connecting to domain controllers and trusted domains, you may receive the above error.

Causes: 1. The RPC service may not be started.
2. You are unable to resolve a DNS or NetBIOS name.
3. An RPC channel cannot be established.


Don't send e-mail or reply to me except you need consulting services. Posting on MS newsgroup will benefit all readers and you may get more help.

Bob Lin, MS-MVP, MCSE & CNE
How to Setup Windows, Network, Remote Access on http://www.HowToNetworking.com
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
This posting is provided "AS IS" with no warranties.
I recommend Brinkster for web hosting!

"mmi" <(E-Mail Removed)> wrote in message news:EB0176CF-627B-469F-9537-(E-Mail Removed)...
I have a Win2k DC, some of my xp workstations can be successfully joined into
the domain, some cannot. On the problem machines, I get the error "the RPC
server is unavailable". I've done all the basic troubleshooting:
- i can ping the dc
- its netbios name is correct in lmhosts
- i can browse the workgroup and ping other machines by name
- when i try nltest.exe /dclist:[domain] i get this error: you don't have
access to dsbind on [domain], but then it tries NetServerEnum and it finds a
PDC.
- tried deleting the computer from active directory (it must partially
register in AD, otherwise it wouldn't be there)
- tried uninstalling file/print sharing and microsoft networking then
reinstalling
- made sure the rpc service was running
- i can connect to the c$ and admin$ of the DC as a domain admin (same
username i tried to join the computer to the domain with)

If anyone has ANY suggestions, I'd be most grateful.
Thanks,
Mike

Thanks for the reply. I tried all of those troubleshooing steps. Therein
lies the problem - DNS is working fine. Nslookups work, ping -a works. It
sees my dc as a dc when I do an nltest.exe. It does fail the "get dc list"
test when I run netdiag, but that's what I'm trying to fix. I even used the
portqry tool to make sure that I could open an rpc port on the dc. Is there
some additional testing I can do to figure out what is wrong with rpc?
Thanks,
Mike


"Steven L Umbach" wrote:

> This is generally a dns configuration problem. You must make sure that
> domain computers and computers you want to join to the domain point ONLY to
> Active Directory domain controllers running dns for the domain as their
> preferred dns servers and NEVER an ISP dns server. See the link below on AD
> dns to make sure your dns is configured correctly. The support tools netdiag
> and dcdiag come in very handy troubleshooting such problems. Netdiag is for
> any computer while dcdiag is for only domain controllers. I would be sure to
> run both on your domain controllers and check Event Viewer on all computers
> for pertinent clues For netdiag particularly look for
> errors/warnings/failed tests for kerberos, dc discovery, dns, and
> trust/secure channel. While it may appear that you have dns name resolution
> in a domain, the domain computers must be able to find the _srv records for
> the domain controllers to join and logon to the domain. Also check that the
> computers that you are trying to join to the domain are in synch with the
> time on the domain controller. Kerberos only allows for a five minute skew.
> When checking time, check day/date/month/year/time zone/AM&PM also. There
> also was a problem with SMB signing in certain configurations of XP Pro that
> caused network connectivity problems in a W2K domain. This was fixed in
> SP2. --- Steve
>
>
> http://support.microsoft.com/default...en-us%3B291382
> http://support.microsoft.com/default...b;en-us;321708 --- netdiag
> and how to install support tools.
> http://support.microsoft.com/default...b;en-us;241515 --- how to
> use nslookup.
>
> Using Nslookup
> 1. From your DNS server, type nslookup at a command prompt.
> 2. Type set type=all, and then press ENTER.
> 3. Type _ldap._tcp.dc._msdcs.domainname (where domainname is the name
> of your domain), and then press ENTER.
> Nslookup returns one or more SRV service location records in the following
> format
> hostname.domainname internet address = ipaddress
>
> "mmi" <(E-Mail Removed)> wrote in message
> news:EB0176CF-627B-469F-9537-(E-Mail Removed)...
> >I have a Win2k DC, some of my xp workstations can be successfully joined
> >into
> > the domain, some cannot. On the problem machines, I get the error "the
> > RPC
> > server is unavailable". I've done all the basic troubleshooting:
> > - i can ping the dc
> > - its netbios name is correct in lmhosts
> > - i can browse the workgroup and ping other machines by name
> > - when i try nltest.exe /dclist:[domain] i get this error: you don't have
> > access to dsbind on [domain], but then it tries NetServerEnum and it finds
> > a
> > PDC.
> > - tried deleting the computer from active directory (it must partially
> > register in AD, otherwise it wouldn't be there)
> > - tried uninstalling file/print sharing and microsoft networking then
> > reinstalling
> > - made sure the rpc service was running
> > - i can connect to the c$ and admin$ of the DC as a domain admin (same
> > username i tried to join the computer to the domain with)
> >
> > If anyone has ANY suggestions, I'd be most grateful.
> > Thanks,
> > Mike
> >
>
>
>

It may be normal to see get dclist fail if you are not logged on as a domain
administrator. The RPC server is unavailable is usually a problem with
finding or network connectivity to a domain controller. If these computers
are using any software firewall or the built in Windows firewall, disable it
until the problem is resolved and also try booting into safe mode with
networking to see if it makes a difference. If it does you have a conflict
with a startup application/service. Make sure you run netdiag and dcdiag on
the domain controller also. If still a no go, open the Domain Controller
Security Policy and go to security settings/local policies/security options.
Find the two options for digitally sign communications(always) and set them
to disabled which may or may not help but is worth a try. The link below may
also help. --- Steve

http://support.microsoft.com/default...;en-us;Q224370

"mmi" <(E-Mail Removed)> wrote in message
news:BC9F18A3-6B19-412E-A4F7-(E-Mail Removed)...
> Thanks for the reply. I tried all of those troubleshooing steps. Therein
> lies the problem - DNS is working fine. Nslookups work, ping -a works.
> It
> sees my dc as a dc when I do an nltest.exe. It does fail the "get dc
> list"
> test when I run netdiag, but that's what I'm trying to fix. I even used
> the
> portqry tool to make sure that I could open an rpc port on the dc. Is
> there
> some additional testing I can do to figure out what is wrong with rpc?
> Thanks,
> Mike
>
>
> "Steven L Umbach" wrote:
>
>> This is generally a dns configuration problem. You must make sure that
>> domain computers and computers you want to join to the domain point ONLY
>> to
>> Active Directory domain controllers running dns for the domain as their
>> preferred dns servers and NEVER an ISP dns server. See the link below on
>> AD
>> dns to make sure your dns is configured correctly. The support tools
>> netdiag
>> and dcdiag come in very handy troubleshooting such problems. Netdiag is
>> for
>> any computer while dcdiag is for only domain controllers. I would be sure
>> to
>> run both on your domain controllers and check Event Viewer on all
>> computers
>> for pertinent clues For netdiag particularly look for
>> errors/warnings/failed tests for kerberos, dc discovery, dns, and
>> trust/secure channel. While it may appear that you have dns name
>> resolution
>> in a domain, the domain computers must be able to find the _srv records
>> for
>> the domain controllers to join and logon to the domain. Also check that
>> the
>> computers that you are trying to join to the domain are in synch with the
>> time on the domain controller. Kerberos only allows for a five minute
>> skew.
>> When checking time, check day/date/month/year/time zone/AM&PM also. There
>> also was a problem with SMB signing in certain configurations of XP Pro
>> that
>> caused network connectivity problems in a W2K domain. This was fixed in
>> SP2. --- Steve
>>
>>
>> http://support.microsoft.com/default...en-us%3B291382
>> http://support.microsoft.com/default...b;en-us;321708 ---
>> netdiag
>> and how to install support tools.
>> http://support.microsoft.com/default...b;en-us;241515 --- how
>> to
>> use nslookup.
>>
>> Using Nslookup
>> 1. From your DNS server, type nslookup at a command prompt.
>> 2. Type set type=all, and then press ENTER.
>> 3. Type _ldap._tcp.dc._msdcs.domainname (where domainname is the
>> name
>> of your domain), and then press ENTER.
>> Nslookup returns one or more SRV service location records in the
>> following
>> format
>> hostname.domainname internet address = ipaddress
>>
>> "mmi" <(E-Mail Removed)> wrote in message
>> news:EB0176CF-627B-469F-9537-(E-Mail Removed)...
>> >I have a Win2k DC, some of my xp workstations can be successfully joined
>> >into
>> > the domain, some cannot. On the problem machines, I get the error "the
>> > RPC
>> > server is unavailable". I've done all the basic troubleshooting:
>> > - i can ping the dc
>> > - its netbios name is correct in lmhosts
>> > - i can browse the workgroup and ping other machines by name
>> > - when i try nltest.exe /dclist:[domain] i get this error: you don't
>> > have
>> > access to dsbind on [domain], but then it tries NetServerEnum and it
>> > finds
>> > a
>> > PDC.
>> > - tried deleting the computer from active directory (it must partially
>> > register in AD, otherwise it wouldn't be there)
>> > - tried uninstalling file/print sharing and microsoft networking then
>> > reinstalling
>> > - made sure the rpc service was running
>> > - i can connect to the c$ and admin$ of the DC as a domain admin (same
>> > username i tried to join the computer to the domain with)
>> >
>> > If anyone has ANY suggestions, I'd be most grateful.
>> > Thanks,
>> > Mike
>> >
>>
>>
>>

It's gotta be your lmhosts file.. You certainly don't need to preload
netbios names in the remote name table. I would start by removing
your entries or posting them to the forum. Also you left out necessary
details on your setup e.g., protocols running, subnetting, and methods
of name resolution e.g., WINS?

"mmi" <(E-Mail Removed)> wrote in message news:
>I have a Win2k DC, some of my xp workstations can be successfully joined
>into
> the domain, some cannot. On the problem machines, I get the error "the
> RPC
> server is unavailable". I've done all the basic troubleshooting:
> - i can ping the dc
> - its netbios name is correct in lmhosts
> - i can browse the workgroup and ping other machines by name
> - when i try nltest.exe /dclist:[domain] i get this error: you don't have
> access to dsbind on [domain], but then it tries NetServerEnum and it finds
> a
> PDC.
> - tried deleting the computer from active directory (it must partially
> register in AD, otherwise it wouldn't be there)
> - tried uninstalling file/print sharing and microsoft networking then
> reinstalling
> - made sure the rpc service was running
> - i can connect to the c$ and admin$ of the DC as a domain admin (same
> username i tried to join the computer to the domain with)
>
> If anyone has ANY suggestions, I'd be most grateful.
> Thanks,
> Mike
>

I think I may have found the problem. I found some machines on our network
in a workgroup having the same name as our domain name. I used ethereal to
capture a trace when I ran the nltest /dclist:[domain] command from the
workstation, and it was trying to contact a laptop because it thought it was
the DC.

Doing the ethereal trace also showed that there were some TCP packets with
incorrect checksums - apparently the nic was offloading the rx and tx
checksum. I disabled those settings, and now at least the checksums are
showing as correct. Still working on removing the spurious workgroup names
from the network. It's just odd that some machines have no problem joining
the domain, despite the rogue workgroup with the same name as the domain.

Thanks for your suggestions.
Mike


"Steven L Umbach" wrote:

> It may be normal to see get dclist fail if you are not logged on as a domain
> administrator. The RPC server is unavailable is usually a problem with
> finding or network connectivity to a domain controller. If these computers
> are using any software firewall or the built in Windows firewall, disable it
> until the problem is resolved and also try booting into safe mode with
> networking to see if it makes a difference. If it does you have a conflict
> with a startup application/service. Make sure you run netdiag and dcdiag on
> the domain controller also. If still a no go, open the Domain Controller
> Security Policy and go to security settings/local policies/security options.
> Find the two options for digitally sign communications(always) and set them
> to disabled which may or may not help but is worth a try. The link below may
> also help. --- Steve
>
> http://support.microsoft.com/default...;en-us;Q224370
>
> "mmi" <(E-Mail Removed)> wrote in message
> news:BC9F18A3-6B19-412E-A4F7-(E-Mail Removed)...
> > Thanks for the reply. I tried all of those troubleshooing steps. Therein
> > lies the problem - DNS is working fine. Nslookups work, ping -a works.
> > It
> > sees my dc as a dc when I do an nltest.exe. It does fail the "get dc
> > list"
> > test when I run netdiag, but that's what I'm trying to fix. I even used
> > the
> > portqry tool to make sure that I could open an rpc port on the dc. Is
> > there
> > some additional testing I can do to figure out what is wrong with rpc?
> > Thanks,
> > Mike
> >
> >
> > "Steven L Umbach" wrote:
> >
> >> This is generally a dns configuration problem. You must make sure that
> >> domain computers and computers you want to join to the domain point ONLY
> >> to
> >> Active Directory domain controllers running dns for the domain as their
> >> preferred dns servers and NEVER an ISP dns server. See the link below on
> >> AD
> >> dns to make sure your dns is configured correctly. The support tools
> >> netdiag
> >> and dcdiag come in very handy troubleshooting such problems. Netdiag is
> >> for
> >> any computer while dcdiag is for only domain controllers. I would be sure
> >> to
> >> run both on your domain controllers and check Event Viewer on all
> >> computers
> >> for pertinent clues For netdiag particularly look for
> >> errors/warnings/failed tests for kerberos, dc discovery, dns, and
> >> trust/secure channel. While it may appear that you have dns name
> >> resolution
> >> in a domain, the domain computers must be able to find the _srv records
> >> for
> >> the domain controllers to join and logon to the domain. Also check that
> >> the
> >> computers that you are trying to join to the domain are in synch with the
> >> time on the domain controller. Kerberos only allows for a five minute
> >> skew.
> >> When checking time, check day/date/month/year/time zone/AM&PM also. There
> >> also was a problem with SMB signing in certain configurations of XP Pro
> >> that
> >> caused network connectivity problems in a W2K domain. This was fixed in
> >> SP2. --- Steve
> >>
> >>
> >> http://support.microsoft.com/default...en-us%3B291382
> >> http://support.microsoft.com/default...b;en-us;321708 ---
> >> netdiag
> >> and how to install support tools.
> >> http://support.microsoft.com/default...b;en-us;241515 --- how
> >> to
> >> use nslookup.
> >>
> >> Using Nslookup
> >> 1. From your DNS server, type nslookup at a command prompt.
> >> 2. Type set type=all, and then press ENTER.
> >> 3. Type _ldap._tcp.dc._msdcs.domainname (where domainname is the
> >> name
> >> of your domain), and then press ENTER.
> >> Nslookup returns one or more SRV service location records in the
> >> following
> >> format
> >> hostname.domainname internet address = ipaddress
> >>
> >> "mmi" <(E-Mail Removed)> wrote in message
> >> news:EB0176CF-627B-469F-9537-(E-Mail Removed)...
> >> >I have a Win2k DC, some of my xp workstations can be successfully joined
> >> >into
> >> > the domain, some cannot. On the problem machines, I get the error "the
> >> > RPC
> >> > server is unavailable". I've done all the basic troubleshooting:
> >> > - i can ping the dc
> >> > - its netbios name is correct in lmhosts
> >> > - i can browse the workgroup and ping other machines by name
> >> > - when i try nltest.exe /dclist:[domain] i get this error: you don't
> >> > have
> >> > access to dsbind on [domain], but then it tries NetServerEnum and it
> >> > finds
> >> > a
> >> > PDC.
> >> > - tried deleting the computer from active directory (it must partially
> >> > register in AD, otherwise it wouldn't be there)
> >> > - tried uninstalling file/print sharing and microsoft networking then
> >> > reinstalling
> >> > - made sure the rpc service was running
> >> > - i can connect to the c$ and admin$ of the DC as a domain admin (same
> >> > username i tried to join the computer to the domain with)
> >> >
> >> > If anyone has ANY suggestions, I'd be most grateful.
> >> > Thanks,
> >> > Mike
> >> >
> >>
> >>
> >>
>
>
>

Hmm. When you try to join a computer to the domain, use the fully qualified
domain name for the domain as in mydomain.com. You should be able to ping
mydomain.com and it should return the IP address of a domain controller. I
don't know how it could think a laptop is a domain controller. Check your
lmhosts files to see if they have any wrong entries. Normally you will not
need any entries in a lmhosts file for a Windows 2000/2003 domain member. If
you are using wins, check the wins database for wrong entries, particularly
for domain controller chi record types. If you are not entering the fully
qualified domain name for the domain when you try to join it possibly
netbios name resolution is being used instead causing your problem. If you
do a network trace when trying to join a computer to the domain with the
FQDN, one of the first items in your trace would be your client computer
querying the dns server for the _srv record for the domain controller as in
" Standard query SRV _ldap._tcp.dc._msdcs.mydomain.com " --- Steve


"mmi" <(E-Mail Removed)> wrote in message
news:7C44E1D9-FFD8-4B80-A731-(E-Mail Removed)...
>I think I may have found the problem. I found some machines on our network
> in a workgroup having the same name as our domain name. I used ethereal
> to
> capture a trace when I ran the nltest /dclist:[domain] command from the
> workstation, and it was trying to contact a laptop because it thought it
> was
> the DC.
>
> Doing the ethereal trace also showed that there were some TCP packets with
> incorrect checksums - apparently the nic was offloading the rx and tx
> checksum. I disabled those settings, and now at least the checksums are
> showing as correct. Still working on removing the spurious workgroup
> names
> from the network. It's just odd that some machines have no problem
> joining
> the domain, despite the rogue workgroup with the same name as the domain.
>
> Thanks for your suggestions.
> Mike
>
>
> "Steven L Umbach" wrote:
>
>> It may be normal to see get dclist fail if you are not logged on as a
>> domain
>> administrator. The RPC server is unavailable is usually a problem with
>> finding or network connectivity to a domain controller. If these
>> computers
>> are using any software firewall or the built in Windows firewall, disable
>> it
>> until the problem is resolved and also try booting into safe mode with
>> networking to see if it makes a difference. If it does you have a
>> conflict
>> with a startup application/service. Make sure you run netdiag and dcdiag
>> on
>> the domain controller also. If still a no go, open the Domain Controller
>> Security Policy and go to security settings/local policies/security
>> options.
>> Find the two options for digitally sign communications(always) and set
>> them
>> to disabled which may or may not help but is worth a try. The link below
>> may
>> also help. --- Steve
>>
>> http://support.microsoft.com/default...;en-us;Q224370
>>
>> "mmi" <(E-Mail Removed)> wrote in message
>> news:BC9F18A3-6B19-412E-A4F7-(E-Mail Removed)...
>> > Thanks for the reply. I tried all of those troubleshooing steps.
>> > Therein
>> > lies the problem - DNS is working fine. Nslookups work, ping -a works.
>> > It
>> > sees my dc as a dc when I do an nltest.exe. It does fail the "get dc
>> > list"
>> > test when I run netdiag, but that's what I'm trying to fix. I even
>> > used
>> > the
>> > portqry tool to make sure that I could open an rpc port on the dc. Is
>> > there
>> > some additional testing I can do to figure out what is wrong with rpc?
>> > Thanks,
>> > Mike
>> >
>> >
>> > "Steven L Umbach" wrote:
>> >
>> >> This is generally a dns configuration problem. You must make sure that
>> >> domain computers and computers you want to join to the domain point
>> >> ONLY
>> >> to
>> >> Active Directory domain controllers running dns for the domain as
>> >> their
>> >> preferred dns servers and NEVER an ISP dns server. See the link below
>> >> on
>> >> AD
>> >> dns to make sure your dns is configured correctly. The support tools
>> >> netdiag
>> >> and dcdiag come in very handy troubleshooting such problems. Netdiag
>> >> is
>> >> for
>> >> any computer while dcdiag is for only domain controllers. I would be
>> >> sure
>> >> to
>> >> run both on your domain controllers and check Event Viewer on all
>> >> computers
>> >> for pertinent clues For netdiag particularly look for
>> >> errors/warnings/failed tests for kerberos, dc discovery, dns, and
>> >> trust/secure channel. While it may appear that you have dns name
>> >> resolution
>> >> in a domain, the domain computers must be able to find the _srv
>> >> records
>> >> for
>> >> the domain controllers to join and logon to the domain. Also check
>> >> that
>> >> the
>> >> computers that you are trying to join to the domain are in synch with
>> >> the
>> >> time on the domain controller. Kerberos only allows for a five minute
>> >> skew.
>> >> When checking time, check day/date/month/year/time zone/AM&PM also.
>> >> There
>> >> also was a problem with SMB signing in certain configurations of XP
>> >> Pro
>> >> that
>> >> caused network connectivity problems in a W2K domain. This was fixed
>> >> in
>> >> SP2. --- Steve
>> >>
>> >>
>> >> http://support.microsoft.com/default...en-us%3B291382
>> >> http://support.microsoft.com/default...b;en-us;321708 ---
>> >> netdiag
>> >> and how to install support tools.
>> >> http://support.microsoft.com/default...b;en-us;241515 ---
>> >> how
>> >> to
>> >> use nslookup.
>> >>
>> >> Using Nslookup
>> >> 1. From your DNS server, type nslookup at a command prompt.
>> >> 2. Type set type=all, and then press ENTER.
>> >> 3. Type _ldap._tcp.dc._msdcs.domainname (where domainname is the
>> >> name
>> >> of your domain), and then press ENTER.
>> >> Nslookup returns one or more SRV service location records in the
>> >> following
>> >> format
>> >> hostname.domainname internet address = ipaddress
>> >>
>> >> "mmi" <(E-Mail Removed)> wrote in message
>> >> news:EB0176CF-627B-469F-9537-(E-Mail Removed)...
>> >> >I have a Win2k DC, some of my xp workstations can be successfully
>> >> >joined
>> >> >into
>> >> > the domain, some cannot. On the problem machines, I get the error
>> >> > "the
>> >> > RPC
>> >> > server is unavailable". I've done all the basic troubleshooting:
>> >> > - i can ping the dc
>> >> > - its netbios name is correct in lmhosts
>> >> > - i can browse the workgroup and ping other machines by name
>> >> > - when i try nltest.exe /dclist:[domain] i get this error: you don't
>> >> > have
>> >> > access to dsbind on [domain], but then it tries NetServerEnum and it
>> >> > finds
>> >> > a
>> >> > PDC.
>> >> > - tried deleting the computer from active directory (it must
>> >> > partially
>> >> > register in AD, otherwise it wouldn't be there)
>> >> > - tried uninstalling file/print sharing and microsoft networking
>> >> > then
>> >> > reinstalling
>> >> > - made sure the rpc service was running
>> >> > - i can connect to the c$ and admin$ of the DC as a domain admin
>> >> > (same
>> >> > username i tried to join the computer to the domain with)
>> >> >
>> >> > If anyone has ANY suggestions, I'd be most grateful.
>> >> > Thanks,
>> >> > Mike
>> >> >
>> >>
>> >>
>> >>
>>
>>
>>

Steven,

It is possible the OP is experiencing this problem causing the symptons he
is seeing.

Quoted from:
Netlogon incorrectly registers SRV records in DNS for Windows XP-based
clients
http://support.microsoft.com/Default.aspx?kbid=825675

SYMPTOMS
A Microsoft Windows XP-based client may randomly register service (SRV)
records in Domain Name System (DNS) as if the computer is a new domain
controller in the domain. Because of this, other computers on the network
may experience connectivity problems. For example, computers may not be able
to authenticate to the domain. When the other computers on the network query
for a domain controller, the Windows XP-based computer is returned together
with the actual domain controllers. Connectivity problems may be most
prevalent when the Windows XP-based computer that has registered SRV records
is shut down.

Resolution:
To resolve this problem, obtain the latest service pack for Microsoft
Windows XP.

--
Todd J Heron, MCSE
Windows Server 2003/2000/NT
----------------------------------------------------------------------------
This posting is provided "as is" with no warranties and confers no rights

Thanks for that info. I have not seen that yet. Hopefully that is not too
widespread as that could be a really big problem. One has to wonder how an XP
computer could register _srv records. -- Steve


"Todd J Heron" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Steven,
>
> It is possible the OP is experiencing this problem causing the symptons he
> is seeing.
>
> Quoted from:
> Netlogon incorrectly registers SRV records in DNS for Windows XP-based
> clients
> http://support.microsoft.com/Default.aspx?kbid=825675
>
> SYMPTOMS
> A Microsoft Windows XP-based client may randomly register service (SRV)
> records in Domain Name System (DNS) as if the computer is a new domain
> controller in the domain. Because of this, other computers on the network
> may experience connectivity problems. For example, computers may not be able
> to authenticate to the domain. When the other computers on the network query
> for a domain controller, the Windows XP-based computer is returned together
> with the actual domain controllers. Connectivity problems may be most
> prevalent when the Windows XP-based computer that has registered SRV records
> is shut down.
>
> Resolution:
> To resolve this problem, obtain the latest service pack for Microsoft
> Windows XP.
>
> --
> Todd J Heron, MCSE
> Windows Server 2003/2000/NT
> ----------------------------------------------------------------------------
> This posting is provided "as is" with no warranties and confers no rights
>
>