Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.
View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 


33 posts

Geek


  Reply # 204628 1-Apr-2009 10:17
Send private message

ok im getting soemthing wrong here...and probably just keying in the right info in the wrong place.

heres what i got.

So through Vista it says i need to give to following info when joining a Network ID/Domain under Computer Name window, shown in 2 boxes and i give the following info.

first:

User Name: Administrator (same as server login)

Password: abcd1234!@#$ (same as server login)

Domain Name: nickserverco.local (shows in all caps)

then it says it cant find an account for me on the domain and gives me the next box.

Computer Name:

Computer domain:

in that next box i got no idea what should be going in.......any help thanks. maybe can finally connet to this thing today.



33 posts

Geek


  Reply # 206211 9-Apr-2009 16:44
Send private message

ACCESS DENIED   ----WAAAT.

So, im still struggling to sort this out.

Im trying to connect this laptop to the server and it just doesnt want to let me in.

What Ive done so far is to create a user account in AD, and add this computer to AD also under the Computer folder. No joy.

I try to connect to the domain.

I go through System Properties, Joina Domain, I enter the user name and password that iset up in AD, and the domain name. username : abcd1234!@#$ : nickserverco

It says there is no account for me on the domain. So I have to type in the Computer Name : Asus and and COmputer Domain : nickserverco
I click next and get a box wanting a username, password and domain.
In this window, ive tried Adminstrator : abcd1234!@#$ : nickserverco, as well as other users that ive made in AD

But then it says Access Denied and thats it, I cant get past it.

I think DNS isnt set up properly...and im not pointing to the right DNS server from the laptop....how can i find the DNS address of the domain, and where do I need to set it in my laptop.....aaaahhh this is driving me nuts.

Really hoping someine can point me in the right direction.

PS - just got another error this time: Multiple connections are not allowed, please disconnect all other sessions and try again. - Does that mean its conencted....cos it doesnt look like :/

mjb

922 posts

Ultimate Geek
+1 received by user: 21

Trusted

  Reply # 206217 9-Apr-2009 16:56
Send private message

You don't create the computer object, the process of domain joining the PC does that for you.

You need to get the domain joining working first. When you enter the domain name in the 'join domain' box, you can enter either the Netbios domain name, or the FQDN domain. If it found the domain, you'll get the credentials box - this is so that you can provide credentials to the PC so it can connect to the domain controller and do the necessary changes in AD (such as creating the computer object, and assigning a SID and associated permissions. It'll then make some changes to the local registry, and ask you to reboot.

The Credentials you enter should be a domain user with rights to add computers - typically just the Domain Administrator. You should enter this as the username: "NETBIOSDOMAINNAME\Administrator", and then the domain admin password. If you don't enter it like that, the dialog will assume you're referring to the local PC administrator account, which doesn't exist in the domain, and will have no rights.

Once you reboot, you'll be presented with the "press C-A-D to log in" dialog. Once you do that, you'll be able to enter a username and password. (if it's XP or earlier, you'll get a domain box too). You'll see at the bottom that vista says 'Log on to: NETBIOSNAME' which could be the PC, or the domain. You enter your login details as 'DOMAIN\username', and that field will change.

Clear as mud?




contentsofsignaturemaysettleduringshipping


mjb

922 posts

Ultimate Geek
+1 received by user: 21

Trusted

  Reply # 206218 9-Apr-2009 16:59
Send private message

I should add that the netbios domain name and the FQDN domain name are two very different things, but they both refer to the same thing. 99% of the time, the netbios domain will be the first part of the FQDN domain, but that's not always the case. e.g.:

NICKSERVERCO ===> nickserverco.local

but some companies/places end up with something like:

COMPANY ===> internal.company.co.nz .

So be sure you know what they both are for you domain. This was asked of you during the Domain Controller promotion procedure.




contentsofsignaturemaysettleduringshipping




33 posts

Geek


  Reply # 206220 9-Apr-2009 17:12
Send private message

Thanks for the great reply.
but......

still wont let me in.

I tried
username: NETBIOSDOMAINNAME\Administrator, NETBIOSNICKSERVERCO\Administrator, NICKSERVERCO\Administrator
password: abcd1234!@#$
domain: NICKSERVERCO, NICKSERVERCO.LOCAL, SERVERNAME.NICKSERVERCO.LOCAL

but it wasnt havnt a bar of it. when it goes on to the computer details and domain, i try the same things again and i get parameter incorrect error. not as close as the access denied.....

I can see shared folders in the Network Places, just cant access them...so the connection is there.

im scratching my head at what im doing wrong. :(

im wondering if my network connection settings are wrong.....
IP/DNS all that stuff on the notebook is set to Auto, and I think is being set by the wireless router in the house. Perhaps I need to put in exact IPs and DNS for server instead......or can a connection be reached without it.

mjb

922 posts

Ultimate Geek
+1 received by user: 21

Trusted

  Reply # 206223 9-Apr-2009 17:45
Send private message

You do need to have DNS set right, AD is tightly integrated with DNS. Unless you told it not to, the AD server will be running windows DNS which will be doing things right.

Configure your PC to use the AD server as its DNS, and that will help immensely.

You should then configure the windows DNS to forward any queries it can't answer on to your DSL router. I forget where that option is, hunt around, you'll find it (it's in the DNS admin console).

The reason for this is that AD inserts a whole bundle of DNS entries into some subdomains of "nickserverco.local" that assist Domain member systems in locating the domain and various services.

Finally, sorry, when I said "NETBIOSDOMAINNAME", I meant that you need to change that to whatever the netbios name of your domain is. 99% likely this is "NICKSERVERCO".




contentsofsignaturemaysettleduringshipping


mjb

922 posts

Ultimate Geek
+1 received by user: 21

Trusted

  Reply # 206225 9-Apr-2009 17:50
Send private message

Oh - I forget what the Vista domain join credential dialog gives, but these are the values you want:

Username: NICKSERVERCO\Administrator
Password: [password]
Domain: [blank]

---OR---

Username: Administrator
Password: [password]
Domain: NICKSERVERCO



This is *after* you click OK to setting something like this in the change domain dialog:

Free Image Hosting at www.ImageShack.us




contentsofsignaturemaysettleduringshipping


mjb

922 posts

Ultimate Geek
+1 received by user: 21

Trusted

  Reply # 206226 9-Apr-2009 17:56
Send private message

Aaaaaaaaaand yet more info.


If you have a local user on the laptop already, then that user won't exist as a domain user - when logged in as that you will not be able to access domain resources. the User Profile (in c:\Users) will also not be available unless you do some careful adjustment to the NTFS permissions on the profile and registry, or by copying the profile for a domain user to use.

When you get to that point, I can help you, but to start with you should just use a fresh profile with a fresh domain user for a little bit till you get a handle on things.

Finally, when logged into the PC to a *local* account ( that is, one that exists on the PC only, not on the domain ), you will have to provide credentials to the domain every time you want to query AD for a username to assign rights or whatnot.. with that dialog, you can enter any domain user - they all have read permission on the domain for that purpose. The primary reason you'll come across this is when you're logged into the PC as the local administrator, and want to assign NTFS rights on a folder to a domain user...




contentsofsignaturemaysettleduringshipping


1 | 2 
View this topic in a long page with up to 500 replies per page Create new topic

Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.