Error adding machine on Windows Server 2008 R2 domain

Wellington De Paula 1 Reputation point
2020-11-17T17:32:28.07+00:00

Prezados,

Não estou conseguindo inserir maquinas no dominio. Tenho 2 controladores server 2008 R2, ambos estão pingando, porem, não estão replicando, desliguei o primario e torner o segundario como master e ainda sim não consegui, fica retornando erro The network path was not found.

Realizei os teste do DCDiag e teste de DNS que estão abaixo em anexo.

----------

Translated from Portuguese to English:

Dear,

I am not able to insert machines in the domain. I have 2 server controllers 2008 R2, both are dripping, however, they are not replicating, I turned off the primary and made the second as master and still I couldn't, it keeps returning error The network path was not found.

I performed the DCDiag and DNS test tests that are attached below.
40478-dns.txt40409-dcdiagreport.txt

Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,443 questions
0 comments

13 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Vicky Wang 2,731 Reputation points
    2020-11-23T08:55:40.36+00:00

    Hi,

    Open command prompt and run "net share" on each DC to confirm the SYSVOL and NETLOGON shares are available.

    Run "repadmin /replsum" and "ipconfig /all" of problem DC and post the result.

    Ensure the following on each DC:

    Each DC / DNS server points to its private IP address as primary DNS server and other internal/remote DNS servers as secondary DNS in TCP/IP property.
    Each DC has just one IP address, if multiple NICs are present, disable unused NICs. Active NIC should be on top in NIC bind order.
    Once you are done with above, open command prompt and run "ipconfig /flushdns & ipconfig /registerdns", restart DNS server and NETLOGON service on each DC.

    Dcdiag fails for NCSecDesc test :
    If you have not run adprep/rodcprep, Dcdiag.exe will return an error when it runs the NCSecDesc test. If you do not plan to add an RODC to the forest, you can disregard this error. If you plan to add an RODC to the forest, you must run adprep /rodcprep.
    http://support.microsoft.com/kb/967482

    DCDIAG another error message regarding the Group Policy :
    "The processing of Group Policy failed. Windows could not authenticate to the Active Directory service on a domain controller. (LDAP Bind function call failed). Look in the details tab for error code and description."
    As per Microsoft:

    "This problem occurs on new 2008 DC in to a 2003 domain because the version number of the KRBTGT account increases when you perform an authoritative restoration. The KRBTGT account is a service account that is used by the Kerberos Key Distribution Center (KDC) service".

    See KB939820 for a hotfix applicable to Microsoft Windows Server 2003 : http://support.microsoft.com/kb/939820

    Reference: http://social.technet.microsoft.com/Forums/en-US/winserverDS/thread/3fdc100f-16cb-4d4d-b1ca-4ce00bc7bbcc/
    reference:https://social.technet.microsoft.com/Forums/lync/en-US/3a1dde0e-f49b-4909-baa3-1832ddb8f47b/windows-2008-r2-error-events-with-ldap-sysvol-and-group-policy?forum=winserverDS
    Regards,
    Vicky

    0 comments
  2. Vicky Wang 2,731 Reputation points
    2020-11-25T07:05:35.17+00:00

    Hi,

    Just checking in to see if the information provided was helpful.

    Please let us know if you would like further assistance.

    Best Regards,
    Vicky

    0 comments
  3. Wellington De Paula 1 Reputation point
    2020-11-25T11:33:52.023+00:00

    Good Morning!

    The information is being of great value.

    The links sent are not available, you would have the KBs to send?

    I looked on the internet but I can't find it.

    Folder sharing is available at 127.0.0.1.
    However I can not access other machines.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.