RE: [ActiveDir] Joining workstation to domain over vpn(again)
Hi Tom, I am sorry if I appear to not sound sympathetic to your issue. I can understand your feelings about you not going to Florida for any thing, I feel the same way ( Although I would not mind visiting Disney World, but we both know that when you travel for business you can't even have a day off on a Saturday or a Sunday while your there ). One last thing to try, Do you have a router at his office that you can create an IPSEC tunnel into your corporate network that way the end user can connect with out having to use a VPN client? That should eliminate the VPN client is the problem. BTW: I do not mind your emails, and I am just as curious as to how this problem is solved and what you isolated it too. Regards, Jose Medeiros :-) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Kern, Tom Sent: Friday, May 27, 2005 8:36 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Joining workstation to domain over vpn(again) I guess you want me to stop posting about this issue :) so i will, after responding. 1. The pc is in Florida. I'm in NYC. I'm not going to Florida for a pc. Hell, I wouldn't go to Florida for anything. 2.We don't have or pay for support with MS and I'm not gonna open one up for one laptop. 3.They have no IT support in the Florida branch. That would be me. I don't think RIS over the internet is such a hot idea. Thanks and sorry to bug you guys with this one issue. Its Friday and it was kinda slow here this week so I thought I'd spend some time figuring out what was really wrong with this laptop rather than just chuck the whole thing and reinstall. Thanks again. Medeiros, Jose wrote: > Here are my ideas: > > 1. Tell your user to bring in his system and see if you can join > while it is on your lan. > > 2. Open a support call with Micrososft Premier Support and see if > they can help you solve the problem. > > 3. Reimage the system.. you allready stated that other systems did > not have a problem joining using your VPN and you have allready spent > to much time trying to trouble shoot this issue. > > I am sure you don't want to hear this, but I thoght I would just > throw it out there. :-) > > Have a good weekend. > > Jose > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Kern, Tom > Sent: Friday, May 27, 2005 8:19 AM > To: ActiveDir@mail.activedir.org > Subject: RE: [ActiveDir] Joining workstation to domain over vpn(again) > > > Thanks. yeah, i've seen it. It doesn't apply as I'm logged in as > local admin when i type that command or try to join the domain. > > Any other ideas? > > thanks again > > > Charlie Kaiser wrote: >> Tom; I assume you've seen this and verified perms? >> >> http://support.microsoft.com/?kbid=888373 >> >> ** >> Charlie Kaiser >> MCSE, CCNA >> Systems Engineer >> Essex Credit / Brickwalk >> 510 595 5083 >> ********** >> >> >>> -Original Message- >>> From: [EMAIL PROTECTED] >>> [mailto:[EMAIL PROTECTED] On Behalf Of Kern, Tom >>> Sent: Friday, May 27, 2005 6:46 AM >>> To: ActiveDir@mail.activedir.org >>> Subject: RE: [ActiveDir] Joining workstation to domain over >>> vpn(again) >>> >>> Running "nbtstat -an" gets me this- >>> "Failed to access NetBT driver -- NetBT may not be loaded" >>> >>> Also, even though netbios over tcp/ip is enabled in the nic >>> and vpn properties, it still shows up as disabled when doing >>> an "ipconfig" >>> >>> How can I "load" this? >>> I reset tcp/ip via netsh, but that did nothing. >>> Thanks >>> >>> >>> >>> >>> >>> Medeiros, Jose wrote: >>>> Hi Tom, >>>> >>>> Can you run nbtstat -an and post or send me the output? >>>> >>>> Jose >>>> >>>> -Original Message- >>>> From: [EMAIL PROTECTED] >>>> [mailto:[EMAIL PROTECTED] Behalf Of Kern, Tom >>>> Sent: Thursday, May 26, 2005 4:50 PM >>>> To: ActiveDir@mail.activedir.org >>>> Subject: Re: [ActiveDir] Joining workstation to domain over >>>> vpn(again) >>>> >>>> >>>> No. >>>> Its enabled in tcp/ip properties but when you do an ipconfig, it >>>> says disabled. I don't know what that's
RE: [ActiveDir] Joining workstation to domain over vpn(again)
I guess you want me to stop posting about this issue :) so i will, after responding. 1. The pc is in Florida. I'm in NYC. I'm not going to Florida for a pc. Hell, I wouldn't go to Florida for anything. 2.We don't have or pay for support with MS and I'm not gonna open one up for one laptop. 3.They have no IT support in the Florida branch. That would be me. I don't think RIS over the internet is such a hot idea. Thanks and sorry to bug you guys with this one issue. Its Friday and it was kinda slow here this week so I thought I'd spend some time figuring out what was really wrong with this laptop rather than just chuck the whole thing and reinstall. Thanks again. Medeiros, Jose wrote: > Here are my ideas: > > 1. Tell your user to bring in his system and see if you can join > while it is on your lan. > > 2. Open a support call with Micrososft Premier Support and see if > they can help you solve the problem. > > 3. Reimage the system.. you allready stated that other systems did > not have a problem joining using your VPN and you have allready spent > to much time trying to trouble shoot this issue. > > I am sure you don't want to hear this, but I thoght I would just > throw it out there. :-) > > Have a good weekend. > > Jose > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Kern, Tom > Sent: Friday, May 27, 2005 8:19 AM > To: ActiveDir@mail.activedir.org > Subject: RE: [ActiveDir] Joining workstation to domain over vpn(again) > > > Thanks. yeah, i've seen it. It doesn't apply as I'm logged in as > local admin when i type that command or try to join the domain. > > Any other ideas? > > thanks again > > > Charlie Kaiser wrote: >> Tom; I assume you've seen this and verified perms? >> >> http://support.microsoft.com/?kbid=888373 >> >> ** >> Charlie Kaiser >> MCSE, CCNA >> Systems Engineer >> Essex Credit / Brickwalk >> 510 595 5083 >> ********** >> >> >>> -Original Message- >>> From: [EMAIL PROTECTED] >>> [mailto:[EMAIL PROTECTED] On Behalf Of Kern, Tom >>> Sent: Friday, May 27, 2005 6:46 AM >>> To: ActiveDir@mail.activedir.org >>> Subject: RE: [ActiveDir] Joining workstation to domain over >>> vpn(again) >>> >>> Running "nbtstat -an" gets me this- >>> "Failed to access NetBT driver -- NetBT may not be loaded" >>> >>> Also, even though netbios over tcp/ip is enabled in the nic >>> and vpn properties, it still shows up as disabled when doing >>> an "ipconfig" >>> >>> How can I "load" this? >>> I reset tcp/ip via netsh, but that did nothing. >>> Thanks >>> >>> >>> >>> >>> >>> Medeiros, Jose wrote: >>>> Hi Tom, >>>> >>>> Can you run nbtstat -an and post or send me the output? >>>> >>>> Jose >>>> >>>> -Original Message- >>>> From: [EMAIL PROTECTED] >>>> [mailto:[EMAIL PROTECTED] Behalf Of Kern, Tom >>>> Sent: Thursday, May 26, 2005 4:50 PM >>>> To: ActiveDir@mail.activedir.org >>>> Subject: Re: [ActiveDir] Joining workstation to domain over >>>> vpn(again) >>>> >>>> >>>> No. >>>> Its enabled in tcp/ip properties but when you do an ipconfig, it >>>> says disabled. I don't know what that's all about. >>>> Thanks >>>> -- >>>> Sent from my BlackBerry Wireless Handheld (www.BlackBerry.net) >>>> >>>> List info : http://www.activedir.org/List.aspx >>>> List FAQ: http://www.activedir.org/ListFAQ.aspx >>>> List archive: >>>> http://www.mail-archive.com/activedir%40mail.activedir.org/ >>>> >>>> List info : http://www.activedir.org/List.aspx >>>> List FAQ: http://www.activedir.org/ListFAQ.aspx >>>> List archive: >>>> http://www.mail-archive.com/activedir%40mail.activedir.org/ >>> >>> List info : http://www.activedir.org/List.aspx >>> List FAQ: http://www.activedir.org/ListFAQ.aspx >>> List archive: >>> http://www.mail-archive.com/activedir%40mail.activedir.org/ >>> >> List info : http://www.activedir.org/List.aspx >> List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: >> http://www.mail-archive.com/activedir%40mail.activedir.org/ > > List info : http://www.activedir.org/List.aspx > List FAQ: http://www.activedir.org/ListFAQ.aspx > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ > > List info : http://www.activedir.org/List.aspx > List FAQ: http://www.activedir.org/ListFAQ.aspx > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Joining workstation to domain over vpn(again)
Here are my ideas: 1. Tell your user to bring in his system and see if you can join while it is on your lan. 2. Open a support call with Micrososft Premier Support and see if they can help you solve the problem. 3. Reimage the system.. you allready stated that other systems did not have a problem joining using your VPN and you have allready spent to much time trying to trouble shoot this issue. I am sure you don't want to hear this, but I thoght I would just throw it out there. :-) Have a good weekend. Jose -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Kern, Tom Sent: Friday, May 27, 2005 8:19 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Joining workstation to domain over vpn(again) Thanks. yeah, i've seen it. It doesn't apply as I'm logged in as local admin when i type that command or try to join the domain. Any other ideas? thanks again Charlie Kaiser wrote: > Tom; I assume you've seen this and verified perms? > > http://support.microsoft.com/?kbid=888373 > > ** > Charlie Kaiser > MCSE, CCNA > Systems Engineer > Essex Credit / Brickwalk > 510 595 5083 > ** > > >> -Original Message- >> From: [EMAIL PROTECTED] >> [mailto:[EMAIL PROTECTED] On Behalf Of Kern, Tom >> Sent: Friday, May 27, 2005 6:46 AM >> To: ActiveDir@mail.activedir.org >> Subject: RE: [ActiveDir] Joining workstation to domain over >> vpn(again) >> >> Running "nbtstat -an" gets me this- >> "Failed to access NetBT driver -- NetBT may not be loaded" >> >> Also, even though netbios over tcp/ip is enabled in the nic >> and vpn properties, it still shows up as disabled when doing >> an "ipconfig" >> >> How can I "load" this? >> I reset tcp/ip via netsh, but that did nothing. >> Thanks >> >> >> >> >> >> Medeiros, Jose wrote: >>> Hi Tom, >>> >>> Can you run nbtstat -an and post or send me the output? >>> >>> Jose >>> >>> -Original Message- >>> From: [EMAIL PROTECTED] >>> [mailto:[EMAIL PROTECTED] Behalf Of Kern, Tom >>> Sent: Thursday, May 26, 2005 4:50 PM >>> To: ActiveDir@mail.activedir.org >>> Subject: Re: [ActiveDir] Joining workstation to domain over >>> vpn(again) >>> >>> >>> No. >>> Its enabled in tcp/ip properties but when you do an ipconfig, it >>> says disabled. I don't know what that's all about. >>> Thanks >>> -- >>> Sent from my BlackBerry Wireless Handheld (www.BlackBerry.net) >>> >>> List info : http://www.activedir.org/List.aspx >>> List FAQ: http://www.activedir.org/ListFAQ.aspx >>> List archive: >>> http://www.mail-archive.com/activedir%40mail.activedir.org/ >>> >>> List info : http://www.activedir.org/List.aspx >>> List FAQ: http://www.activedir.org/ListFAQ.aspx >>> List archive: >>> http://www.mail-archive.com/activedir%40mail.activedir.org/ >> >> List info : http://www.activedir.org/List.aspx >> List FAQ: http://www.activedir.org/ListFAQ.aspx >> List archive: >> http://www.mail-archive.com/activedir%40mail.activedir.org/ >> > List info : http://www.activedir.org/List.aspx > List FAQ: http://www.activedir.org/ListFAQ.aspx > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Joining workstation to domain over vpn(again)
Thanks. yeah, i've seen it. It doesn't apply as I'm logged in as local admin when i type that command or try to join the domain. Any other ideas? thanks again Charlie Kaiser wrote: > Tom; I assume you've seen this and verified perms? > > http://support.microsoft.com/?kbid=888373 > > ** > Charlie Kaiser > MCSE, CCNA > Systems Engineer > Essex Credit / Brickwalk > 510 595 5083 > ** > > >> -Original Message- >> From: [EMAIL PROTECTED] >> [mailto:[EMAIL PROTECTED] On Behalf Of Kern, Tom >> Sent: Friday, May 27, 2005 6:46 AM >> To: ActiveDir@mail.activedir.org >> Subject: RE: [ActiveDir] Joining workstation to domain over >> vpn(again) >> >> Running "nbtstat -an" gets me this- >> "Failed to access NetBT driver -- NetBT may not be loaded" >> >> Also, even though netbios over tcp/ip is enabled in the nic >> and vpn properties, it still shows up as disabled when doing >> an "ipconfig" >> >> How can I "load" this? >> I reset tcp/ip via netsh, but that did nothing. >> Thanks >> >> >> >> >> >> Medeiros, Jose wrote: >>> Hi Tom, >>> >>> Can you run nbtstat -an and post or send me the output? >>> >>> Jose >>> >>> -Original Message- >>> From: [EMAIL PROTECTED] >>> [mailto:[EMAIL PROTECTED] Behalf Of Kern, Tom >>> Sent: Thursday, May 26, 2005 4:50 PM >>> To: ActiveDir@mail.activedir.org >>> Subject: Re: [ActiveDir] Joining workstation to domain over >>> vpn(again) >>> >>> >>> No. >>> Its enabled in tcp/ip properties but when you do an ipconfig, it >>> says disabled. I don't know what that's all about. >>> Thanks >>> -- >>> Sent from my BlackBerry Wireless Handheld (www.BlackBerry.net) >>> >>> List info : http://www.activedir.org/List.aspx >>> List FAQ: http://www.activedir.org/ListFAQ.aspx >>> List archive: >>> http://www.mail-archive.com/activedir%40mail.activedir.org/ >>> >>> List info : http://www.activedir.org/List.aspx >>> List FAQ: http://www.activedir.org/ListFAQ.aspx >>> List archive: >>> http://www.mail-archive.com/activedir%40mail.activedir.org/ >> >> List info : http://www.activedir.org/List.aspx >> List FAQ: http://www.activedir.org/ListFAQ.aspx >> List archive: >> http://www.mail-archive.com/activedir%40mail.activedir.org/ >> > List info : http://www.activedir.org/List.aspx > List FAQ: http://www.activedir.org/ListFAQ.aspx > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Joining workstation to domain over vpn(again)
Tom; I assume you've seen this and verified perms? http://support.microsoft.com/?kbid=888373 ** Charlie Kaiser MCSE, CCNA Systems Engineer Essex Credit / Brickwalk 510 595 5083 ** > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Kern, Tom > Sent: Friday, May 27, 2005 6:46 AM > To: ActiveDir@mail.activedir.org > Subject: RE: [ActiveDir] Joining workstation to domain over vpn(again) > > Running "nbtstat -an" gets me this- > "Failed to access NetBT driver -- NetBT may not be loaded" > > Also, even though netbios over tcp/ip is enabled in the nic > and vpn properties, it still shows up as disabled when doing > an "ipconfig" > > How can I "load" this? > I reset tcp/ip via netsh, but that did nothing. > Thanks > > > > > > Medeiros, Jose wrote: > > Hi Tom, > > > > Can you run nbtstat -an and post or send me the output? > > > > Jose > > > > -Original Message- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] Behalf Of Kern, Tom > > Sent: Thursday, May 26, 2005 4:50 PM > > To: ActiveDir@mail.activedir.org > > Subject: Re: [ActiveDir] Joining workstation to domain over > vpn(again) > > > > > > No. > > Its enabled in tcp/ip properties but when you do an > ipconfig, it says > > disabled. I don't know what that's all about. > > Thanks > > -- > > Sent from my BlackBerry Wireless Handheld (www.BlackBerry.net) > > > > List info : http://www.activedir.org/List.aspx > > List FAQ: http://www.activedir.org/ListFAQ.aspx > > List archive: > > http://www.mail-archive.com/activedir%40mail.activedir.org/ > > > > List info : http://www.activedir.org/List.aspx > > List FAQ: http://www.activedir.org/ListFAQ.aspx > > List archive: > > http://www.mail-archive.com/activedir%40mail.activedir.org/ > > List info : http://www.activedir.org/List.aspx > List FAQ: http://www.activedir.org/ListFAQ.aspx > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ > List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Joining workstation to domain over vpn(again)
Running "nbtstat -an" gets me this- "Failed to access NetBT driver -- NetBT may not be loaded" Also, even though netbios over tcp/ip is enabled in the nic and vpn properties, it still shows up as disabled when doing an "ipconfig" How can I "load" this? I reset tcp/ip via netsh, but that did nothing. Thanks Medeiros, Jose wrote: > Hi Tom, > > Can you run nbtstat -an and post or send me the output? > > Jose > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Kern, Tom > Sent: Thursday, May 26, 2005 4:50 PM > To: ActiveDir@mail.activedir.org > Subject: Re: [ActiveDir] Joining workstation to domain over vpn(again) > > > No. > Its enabled in tcp/ip properties but when you do an ipconfig, it says > disabled. I don't know what that's all about. > Thanks > -- > Sent from my BlackBerry Wireless Handheld (www.BlackBerry.net) > > List info : http://www.activedir.org/List.aspx > List FAQ: http://www.activedir.org/ListFAQ.aspx > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ > > List info : http://www.activedir.org/List.aspx > List FAQ: http://www.activedir.org/ListFAQ.aspx > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Joining workstation to domain over vpn(again)
Hi Tom, Can you run nbtstat -an and post or send me the output? Jose -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Kern, Tom Sent: Thursday, May 26, 2005 4:50 PM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] Joining workstation to domain over vpn(again) No. Its enabled in tcp/ip properties but when you do an ipconfig, it says disabled. I don't know what that's all about. Thanks -- Sent from my BlackBerry Wireless Handheld (www.BlackBerry.net) List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Re: [ActiveDir] Joining workstation to domain over vpn(again)
No. Its enabled in tcp/ip properties but when you do an ipconfig, it says disabled. I don't know what that's all about. Thanks -- Sent from my BlackBerry Wireless Handheld (www.BlackBerry.net) List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Joining workstation to domain over vpn(again)
Is netbios over tcpip disabled? You can find this setting on the WINS tab under the advanced setting of your network card. I remember seeing that error message for a different problem "Network cannot be found" and enabling netbios fixed it. You never know. Good luck Yves -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Thursday, May 26, 2005 6:03 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Joining workstation to domain over vpn(again) Hmmm... MTU setting maybe? You haven't been able to join successfully. Why would the machine name come up in an ldap search? :m:dsm:cci:mvp -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kern, Tom Sent: Thursday, May 26, 2005 4:24 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Joining workstation to domain over vpn(again) I have no idea but I doubt it because it does an ldap search on my dc's looking for its name and comes up null. I'm not sure what to look for, i've never run a sniffer while joining a domain. I guess i'd expect some kerberos and smb... but i don't see that. just the ldap search(ethereal calls it "cldap") and dns queries. even if it were blocked, i should see an attempt on the client side to connect on these ports but i don't. and as i said, no firewall of any kind and all other clients at that location can join via vpn with no issues. thanks [EMAIL PROTECTED] wrote: > Does the LDAP ping imply that the client can't access port 389? > >> m:dsm:cci:mvp > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Kern, Tom > Sent: Thursday, May 26, 2005 3:47 PM > To: ActiveDir@mail.activedir.org > Subject: RE: [ActiveDir] Joining workstation to domain over vpn(again) > > No. > There are about 5 other win xp clients in that office that have been > able to join the domain via VPN. > > This is the only one with an issue and its not running any fw > software. > > Some of the other's are running xp sp2 with the firewall on and they > have no issues. > > thanks > > Medeiros, Jose wrote: >> Hi Tom, >> >> Do you have Zone Alarm or some other type of Software Based Firewall >> installed? >> >> Jose >> >> -Original Message- >> From: [EMAIL PROTECTED] >> [mailto:[EMAIL PROTECTED] Behalf Of Kern, Tom >> Sent: Thursday, May 26, 2005 12:03 PM >> To: ActiveDir (E-mail) >> Subject: [ActiveDir] Joining workstation to domain over vpn(again) >> >> >> I'm still having problems joining a winxp sp1 MS PPTP vpn client to >> my domain. The client is connecting to a windows 2000 sp4 RRAS server >> via pptp. When i try to join the domain, I get the prompt to enter >> creditianls and then, "network name could not be found" error. >> I have all correct dns/wins settings. I made an #PRE and #DOM entry >> in lmhosts pointing to the PDCE. >> >> When i run ethereal, i see the client querying and getting the srv >> records from my dns for all dc's in the domain and doing an ldap >> search on a number of dc's sucessfully. >> >> Then the last thing i get is a failed ldap ping(port unreachable). >> >> I'm not sure if that's the issue. >> >> I'm not doing NAT or Port address transaltion for the RRAS server. It >> has a public ip. The only PAT/NAT is on the client side but I don't >> think that is really an issue as I can vpn and auth to AD thru the >> RRAS server and term service in app mode to other servers. I just >> can't join the domain. >> >> Any help would be great. >> thanks >> List info : http://www.activedir.org/List.aspx >> List FAQ: http://www.activedir.org/ListFAQ.aspx >> List archive: >> http://www.mail-archive.com/activedir%40mail.activedir.org/ >> >> List info : http://www.activedir.org/List.aspx >> List FAQ: http://www.activedir.org/ListFAQ.aspx >> List archive: >> http://www.mail-archive.com/activedir%40mail.activedir.org/ > > List info : http://www.activedir.org/List.aspx > List FAQ: http://www.activedir.org/ListFAQ.aspx > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ > List info : http://www.activedir.org/List.aspx > List FAQ: http://www.activedir.org/ListFAQ.aspx > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Re: [ActiveDir] Joining workstation to domain over vpn(again)
Well maybe its checking to see if that name exists and there's a duplicate in the directory before joining? Anyways, the result of the search is always null. All the machines have the default mtu setting and they are fine ecxept this one. The ppoe is done on the bellsouth rotuer side... I should see some kerberos and smb and a slew of ldap stuff in my network trace, but I don't... Thanks -- Sent from my BlackBerry Wireless Handheld (www.BlackBerry.net) List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Joining workstation to domain over vpn(again)
Hmmm... MTU setting maybe? You haven't been able to join successfully. Why would the machine name come up in an ldap search? :m:dsm:cci:mvp -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kern, Tom Sent: Thursday, May 26, 2005 4:24 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Joining workstation to domain over vpn(again) I have no idea but I doubt it because it does an ldap search on my dc's looking for its name and comes up null. I'm not sure what to look for, i've never run a sniffer while joining a domain. I guess i'd expect some kerberos and smb... but i don't see that. just the ldap search(ethereal calls it "cldap") and dns queries. even if it were blocked, i should see an attempt on the client side to connect on these ports but i don't. and as i said, no firewall of any kind and all other clients at that location can join via vpn with no issues. thanks [EMAIL PROTECTED] wrote: > Does the LDAP ping imply that the client can't access port 389? > >> m:dsm:cci:mvp > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Kern, Tom > Sent: Thursday, May 26, 2005 3:47 PM > To: ActiveDir@mail.activedir.org > Subject: RE: [ActiveDir] Joining workstation to domain over vpn(again) > > No. > There are about 5 other win xp clients in that office that have been > able to join the domain via VPN. > > This is the only one with an issue and its not running any fw > software. > > Some of the other's are running xp sp2 with the firewall on and they > have no issues. > > thanks > > Medeiros, Jose wrote: >> Hi Tom, >> >> Do you have Zone Alarm or some other type of Software Based Firewall >> installed? >> >> Jose >> >> -Original Message- >> From: [EMAIL PROTECTED] >> [mailto:[EMAIL PROTECTED] Behalf Of Kern, Tom >> Sent: Thursday, May 26, 2005 12:03 PM >> To: ActiveDir (E-mail) >> Subject: [ActiveDir] Joining workstation to domain over vpn(again) >> >> >> I'm still having problems joining a winxp sp1 MS PPTP vpn client to >> my domain. The client is connecting to a windows 2000 sp4 RRAS >> server via pptp. When i try to join the domain, I get the prompt to >> enter creditianls and then, "network name could not be found" error. >> I have all correct dns/wins settings. I made an #PRE and #DOM entry >> in lmhosts pointing to the PDCE. >> >> When i run ethereal, i see the client querying and getting the srv >> records from my dns for all dc's in the domain and doing an ldap >> search on a number of dc's sucessfully. >> >> Then the last thing i get is a failed ldap ping(port unreachable). >> >> I'm not sure if that's the issue. >> >> I'm not doing NAT or Port address transaltion for the RRAS server. It >> has a public ip. The only PAT/NAT is on the client side but I don't >> think that is really an issue as I can vpn and auth to AD thru the >> RRAS server and term service in app mode to other servers. I just >> can't join the domain. >> >> Any help would be great. >> thanks >> List info : http://www.activedir.org/List.aspx >> List FAQ: http://www.activedir.org/ListFAQ.aspx >> List archive: >> http://www.mail-archive.com/activedir%40mail.activedir.org/ >> >> List info : http://www.activedir.org/List.aspx >> List FAQ: http://www.activedir.org/ListFAQ.aspx >> List archive: >> http://www.mail-archive.com/activedir%40mail.activedir.org/ > > List info : http://www.activedir.org/List.aspx > List FAQ: http://www.activedir.org/ListFAQ.aspx > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ > List info : http://www.activedir.org/List.aspx > List FAQ: http://www.activedir.org/ListFAQ.aspx > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Joining workstation to domain over vpn(again)
I can't browse or access file shares. If i type a unc with an ip, i get "the network location could not be reached". Its my understanding that when you use an ip in a UNC, you are using NTLM and NOT kerberos. When i run ethereal while trying the unc with ip combo, it looks as if the client is trying to connect on port 80 to the ip?!! i thought it would be 445. However, term services in app mode works fine over the vpn and i'm logging into the domain via the vpn client and the RRAS server. i can ping DC's by name and ip. all dns and wins settings are correct. this is very very strange... i wish i could figure this out. its gonna drive me to distraction. thanks Alex Fontana wrote: > While vpn'd in can you browse/access file shares? I remember having a > similar issue and the fix being the following: > http://support.microsoft.com/default.aspx?scid=kb;en-us;244474 > > -Alex > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Kern, Tom > Sent: Thursday, May 26, 2005 1:24 PM > To: ActiveDir@mail.activedir.org > Subject: RE: [ActiveDir] Joining workstation to domain over vpn(again) > > I have no idea but I doubt it because it does an ldap search on my > dc's looking for its name and comes up null. > > I'm not sure what to look for, i've never run a sniffer while joining > a domain. > I guess i'd expect some kerberos and smb... > but i don't see that. just the ldap search(ethereal calls it "cldap") > and dns queries. > even if it were blocked, i should see an attempt on the client side to > connect on these ports but i don't. > and as i said, no firewall of any kind and all other clients at that > location can join via vpn with no issues. > thanks > > > [EMAIL PROTECTED] wrote: >> Does the LDAP ping imply that the client can't access port 389? >> >>> m:dsm:cci:mvp >> >> -----Original Message----- >> From: [EMAIL PROTECTED] >> [mailto:[EMAIL PROTECTED] On Behalf Of Kern, Tom >> Sent: Thursday, May 26, 2005 3:47 PM >> To: ActiveDir@mail.activedir.org >> Subject: RE: [ActiveDir] Joining workstation to domain over >> vpn(again) >> >> No. >> There are about 5 other win xp clients in that office that have been >> able to join the domain via VPN. >> >> This is the only one with an issue and its not running any fw >> software. >> >> Some of the other's are running xp sp2 with the firewall on and they >> have no issues. >> >> thanks >> >> Medeiros, Jose wrote: >>> Hi Tom, >>> >>> Do you have Zone Alarm or some other type of Software Based >>> Firewall installed? >>> >>> Jose >>> >>> -Original Message- >>> From: [EMAIL PROTECTED] >>> [mailto:[EMAIL PROTECTED] Behalf Of Kern, Tom >>> Sent: Thursday, May 26, 2005 12:03 PM >>> To: ActiveDir (E-mail) >>> Subject: [ActiveDir] Joining workstation to domain over vpn(again) >>> >>> >>> I'm still having problems joining a winxp sp1 MS PPTP vpn client to >>> my domain. The client is connecting to a windows 2000 sp4 RRAS >>> server via pptp. When i try to join the domain, I get the prompt to >>> enter creditianls and then, "network name could not be found" error. >>> I have all correct dns/wins settings. I made an #PRE and #DOM entry >>> in lmhosts pointing to the PDCE. >>> >>> When i run ethereal, i see the client querying and getting the srv >>> records from my dns for all dc's in the domain and doing an ldap >>> search on a number of dc's sucessfully. >>> >>> Then the last thing i get is a failed ldap ping(port unreachable). >>> >>> I'm not sure if that's the issue. >>> >>> I'm not doing NAT or Port address transaltion for the RRAS server. >>> It has a public ip. The only PAT/NAT is on the client side but I >>> don't think that is really an issue as I can vpn and auth to AD >>> thru the RRAS server and term service in app mode to other servers. >>> I just can't join the domain. >>> >>> Any help would be great. >>> thanks >>> List info : http://www.activedir.org/List.aspx >>> List FAQ: http://www.activedir.org/ListFAQ.aspx >>> List archive: >>> http://www.mail-archive.com/activedir%40mail.activedir.org/ >>> >>> List info : http://www.activedir.org/List.aspx >>> List FAQ: http://www.activedir.org/ListFAQ.aspx >>
RE: [ActiveDir] Joining workstation to domain over vpn(again)
While vpn'd in can you browse/access file shares? I remember having a similar issue and the fix being the following: http://support.microsoft.com/default.aspx?scid=kb;en-us;244474 -Alex -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kern, Tom Sent: Thursday, May 26, 2005 1:24 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Joining workstation to domain over vpn(again) I have no idea but I doubt it because it does an ldap search on my dc's looking for its name and comes up null. I'm not sure what to look for, i've never run a sniffer while joining a domain. I guess i'd expect some kerberos and smb... but i don't see that. just the ldap search(ethereal calls it "cldap") and dns queries. even if it were blocked, i should see an attempt on the client side to connect on these ports but i don't. and as i said, no firewall of any kind and all other clients at that location can join via vpn with no issues. thanks [EMAIL PROTECTED] wrote: > Does the LDAP ping imply that the client can't access port 389? > >> m:dsm:cci:mvp > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Kern, Tom > Sent: Thursday, May 26, 2005 3:47 PM > To: ActiveDir@mail.activedir.org > Subject: RE: [ActiveDir] Joining workstation to domain over vpn(again) > > No. > There are about 5 other win xp clients in that office that have been > able to join the domain via VPN. > > This is the only one with an issue and its not running any fw > software. > > Some of the other's are running xp sp2 with the firewall on and they > have no issues. > > thanks > > Medeiros, Jose wrote: >> Hi Tom, >> >> Do you have Zone Alarm or some other type of Software Based Firewall >> installed? >> >> Jose >> >> -Original Message- >> From: [EMAIL PROTECTED] >> [mailto:[EMAIL PROTECTED] Behalf Of Kern, Tom >> Sent: Thursday, May 26, 2005 12:03 PM >> To: ActiveDir (E-mail) >> Subject: [ActiveDir] Joining workstation to domain over vpn(again) >> >> >> I'm still having problems joining a winxp sp1 MS PPTP vpn client to >> my domain. The client is connecting to a windows 2000 sp4 RRAS >> server via pptp. When i try to join the domain, I get the prompt to >> enter creditianls and then, "network name could not be found" error. >> I have all correct dns/wins settings. I made an #PRE and #DOM entry >> in lmhosts pointing to the PDCE. >> >> When i run ethereal, i see the client querying and getting the srv >> records from my dns for all dc's in the domain and doing an ldap >> search on a number of dc's sucessfully. >> >> Then the last thing i get is a failed ldap ping(port unreachable). >> >> I'm not sure if that's the issue. >> >> I'm not doing NAT or Port address transaltion for the RRAS server. It >> has a public ip. The only PAT/NAT is on the client side but I don't >> think that is really an issue as I can vpn and auth to AD thru the >> RRAS server and term service in app mode to other servers. I just >> can't join the domain. >> >> Any help would be great. >> thanks >> List info : http://www.activedir.org/List.aspx >> List FAQ: http://www.activedir.org/ListFAQ.aspx >> List archive: >> http://www.mail-archive.com/activedir%40mail.activedir.org/ >> >> List info : http://www.activedir.org/List.aspx >> List FAQ: http://www.activedir.org/ListFAQ.aspx >> List archive: >> http://www.mail-archive.com/activedir%40mail.activedir.org/ > > List info : http://www.activedir.org/List.aspx > List FAQ: http://www.activedir.org/ListFAQ.aspx > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ > List info : http://www.activedir.org/List.aspx > List FAQ: http://www.activedir.org/ListFAQ.aspx > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Joining workstation to domain over vpn(again)
I have no idea but I doubt it because it does an ldap search on my dc's looking for its name and comes up null. I'm not sure what to look for, i've never run a sniffer while joining a domain. I guess i'd expect some kerberos and smb... but i don't see that. just the ldap search(ethereal calls it "cldap") and dns queries. even if it were blocked, i should see an attempt on the client side to connect on these ports but i don't. and as i said, no firewall of any kind and all other clients at that location can join via vpn with no issues. thanks [EMAIL PROTECTED] wrote: > Does the LDAP ping imply that the client can't access port 389? > >> m:dsm:cci:mvp > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Kern, Tom > Sent: Thursday, May 26, 2005 3:47 PM > To: ActiveDir@mail.activedir.org > Subject: RE: [ActiveDir] Joining workstation to domain over vpn(again) > > No. > There are about 5 other win xp clients in that office that have been > able to join the domain via VPN. > > This is the only one with an issue and its not running any fw > software. > > Some of the other's are running xp sp2 with the firewall on and they > have no issues. > > thanks > > Medeiros, Jose wrote: >> Hi Tom, >> >> Do you have Zone Alarm or some other type of Software Based Firewall >> installed? >> >> Jose >> >> -Original Message- >> From: [EMAIL PROTECTED] >> [mailto:[EMAIL PROTECTED] Behalf Of Kern, Tom >> Sent: Thursday, May 26, 2005 12:03 PM >> To: ActiveDir (E-mail) >> Subject: [ActiveDir] Joining workstation to domain over vpn(again) >> >> >> I'm still having problems joining a winxp sp1 MS PPTP vpn client to >> my domain. The client is connecting to a windows 2000 sp4 RRAS >> server via pptp. When i try to join the domain, I get the prompt to >> enter creditianls and then, "network name could not be found" error. >> I have all correct dns/wins settings. I made an #PRE and #DOM entry >> in lmhosts pointing to the PDCE. >> >> When i run ethereal, i see the client querying and getting the srv >> records from my dns for all dc's in the domain and doing an ldap >> search on a number of dc's sucessfully. >> >> Then the last thing i get is a failed ldap ping(port unreachable). >> >> I'm not sure if that's the issue. >> >> I'm not doing NAT or Port address transaltion for the RRAS server. It >> has a public ip. The only PAT/NAT is on the client side but I don't >> think that is really an issue as I can vpn and auth to AD thru the >> RRAS server and term service in app mode to other servers. I just >> can't join the domain. >> >> Any help would be great. >> thanks >> List info : http://www.activedir.org/List.aspx >> List FAQ: http://www.activedir.org/ListFAQ.aspx >> List archive: >> http://www.mail-archive.com/activedir%40mail.activedir.org/ >> >> List info : http://www.activedir.org/List.aspx >> List FAQ: http://www.activedir.org/ListFAQ.aspx >> List archive: >> http://www.mail-archive.com/activedir%40mail.activedir.org/ > > List info : http://www.activedir.org/List.aspx > List FAQ: http://www.activedir.org/ListFAQ.aspx > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ > List info : http://www.activedir.org/List.aspx > List FAQ: http://www.activedir.org/ListFAQ.aspx > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Joining workstation to domain over vpn(again)
Does the LDAP ping imply that the client can't access port 389? :m:dsm:cci:mvp -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kern, Tom Sent: Thursday, May 26, 2005 3:47 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Joining workstation to domain over vpn(again) No. There are about 5 other win xp clients in that office that have been able to join the domain via VPN. This is the only one with an issue and its not running any fw software. Some of the other's are running xp sp2 with the firewall on and they have no issues. thanks Medeiros, Jose wrote: > Hi Tom, > > Do you have Zone Alarm or some other type of Software Based Firewall > installed? > > Jose > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Kern, Tom > Sent: Thursday, May 26, 2005 12:03 PM > To: ActiveDir (E-mail) > Subject: [ActiveDir] Joining workstation to domain over vpn(again) > > > I'm still having problems joining a winxp sp1 MS PPTP vpn client to > my domain. > The client is connecting to a windows 2000 sp4 RRAS server via pptp. > When i try to join the domain, I get the prompt to enter creditianls > and then, "network name could not be found" error. > I have all correct dns/wins settings. I made an #PRE and #DOM entry > in lmhosts pointing to the PDCE. > > When i run ethereal, i see the client querying and getting the srv > records from my dns for all dc's in the domain and doing an ldap > search on a number of dc's sucessfully. > > Then the last thing i get is a failed ldap ping(port unreachable). > > I'm not sure if that's the issue. > > I'm not doing NAT or Port address transaltion for the RRAS server. It > has a public ip. The only PAT/NAT is on the client side but I don't > think that is really an issue as I can vpn and auth to AD thru the > RRAS server and term service in app mode to other servers. I just > can't join the domain. > > Any help would be great. > thanks > List info : http://www.activedir.org/List.aspx > List FAQ: http://www.activedir.org/ListFAQ.aspx > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ > > List info : http://www.activedir.org/List.aspx > List FAQ: http://www.activedir.org/ListFAQ.aspx > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Joining workstation to domain over vpn(again)
yup. read the first of this thread- i ran ethereal while joining and all dns queries for dc srv records were fine. also, i do get prompted for creditentials for joining the domain and THEN i get network nsme could not be found. so i'm making some connection. also, i see a lot of succesful ldap lookups in ethereal as well. thanks Medeiros, Jose wrote: > Hmm.. Well Microsoft's software based firewall was designed to join a > domain with it on, the third party firewalls are written to block > everything by default as most of the customers using their products > are using them on their home systems desktops. > > I hope that I am not asking you a redundant question, as I have not > read your entire thread, however are you using PPTP? Do you have the > correct internal DNS and WINS servers listed on the client > connection? Are you sure the computer name does not exist in AD? > > Jose :-) > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Kern, Tom > Sent: Thursday, May 26, 2005 12:47 PM > To: ActiveDir@mail.activedir.org > Subject: RE: [ActiveDir] Joining workstation to domain over vpn(again) > > > No. > There are about 5 other win xp clients in that office that have been > able to join the domain via VPN. > > This is the only one with an issue and its not running any fw > software. > > Some of the other's are running xp sp2 with the firewall on and they > have no issues. > > thanks > > Medeiros, Jose wrote: >> Hi Tom, >> >> Do you have Zone Alarm or some other type of Software Based Firewall >> installed? >> >> Jose >> >> -Original Message- >> From: [EMAIL PROTECTED] >> [mailto:[EMAIL PROTECTED] Behalf Of Kern, Tom >> Sent: Thursday, May 26, 2005 12:03 PM >> To: ActiveDir (E-mail) >> Subject: [ActiveDir] Joining workstation to domain over vpn(again) >> >> >> I'm still having problems joining a winxp sp1 MS PPTP vpn client to >> my domain. The client is connecting to a windows 2000 sp4 RRAS >> server via pptp. When i try to join the domain, I get the prompt to >> enter creditianls and then, "network name could not be found" error. >> I have all correct dns/wins settings. I made an #PRE and #DOM entry >> in lmhosts pointing to the PDCE. >> >> When i run ethereal, i see the client querying and getting the srv >> records from my dns for all dc's in the domain and doing an ldap >> search on a number of dc's sucessfully. >> >> Then the last thing i get is a failed ldap ping(port unreachable). >> >> I'm not sure if that's the issue. >> >> I'm not doing NAT or Port address transaltion for the RRAS server. It >> has a public ip. The only PAT/NAT is on the client side but I don't >> think that is really an issue as I can vpn and auth to AD thru the >> RRAS server and term service in app mode to other servers. I just >> can't join the domain. >> >> Any help would be great. >> thanks >> List info : http://www.activedir.org/List.aspx >> List FAQ: http://www.activedir.org/ListFAQ.aspx >> List archive: >> http://www.mail-archive.com/activedir%40mail.activedir.org/ >> >> List info : http://www.activedir.org/List.aspx >> List FAQ: http://www.activedir.org/ListFAQ.aspx >> List archive: >> http://www.mail-archive.com/activedir%40mail.activedir.org/ > > List info : http://www.activedir.org/List.aspx > List FAQ: http://www.activedir.org/ListFAQ.aspx > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ > > List info : http://www.activedir.org/List.aspx > List FAQ: http://www.activedir.org/ListFAQ.aspx > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Joining workstation to domain over vpn(again)
Hmm.. Well Microsoft's software based firewall was designed to join a domain with it on, the third party firewalls are written to block everything by default as most of the customers using their products are using them on their home systems desktops. I hope that I am not asking you a redundant question, as I have not read your entire thread, however are you using PPTP? Do you have the correct internal DNS and WINS servers listed on the client connection? Are you sure the computer name does not exist in AD? Jose :-) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Kern, Tom Sent: Thursday, May 26, 2005 12:47 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Joining workstation to domain over vpn(again) No. There are about 5 other win xp clients in that office that have been able to join the domain via VPN. This is the only one with an issue and its not running any fw software. Some of the other's are running xp sp2 with the firewall on and they have no issues. thanks Medeiros, Jose wrote: > Hi Tom, > > Do you have Zone Alarm or some other type of Software Based Firewall > installed? > > Jose > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Kern, Tom > Sent: Thursday, May 26, 2005 12:03 PM > To: ActiveDir (E-mail) > Subject: [ActiveDir] Joining workstation to domain over vpn(again) > > > I'm still having problems joining a winxp sp1 MS PPTP vpn client to > my domain. > The client is connecting to a windows 2000 sp4 RRAS server via pptp. > When i try to join the domain, I get the prompt to enter creditianls > and then, "network name could not be found" error. > I have all correct dns/wins settings. I made an #PRE and #DOM entry > in lmhosts pointing to the PDCE. > > When i run ethereal, i see the client querying and getting the srv > records from my dns for all dc's in the domain and doing an ldap > search on a number of dc's sucessfully. > > Then the last thing i get is a failed ldap ping(port unreachable). > > I'm not sure if that's the issue. > > I'm not doing NAT or Port address transaltion for the RRAS server. It > has a public ip. The only PAT/NAT is on the client side but I don't > think that is really an issue as I can vpn and auth to AD thru the > RRAS server and term service in app mode to other servers. I just > can't join the domain. > > Any help would be great. > thanks > List info : http://www.activedir.org/List.aspx > List FAQ: http://www.activedir.org/ListFAQ.aspx > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ > > List info : http://www.activedir.org/List.aspx > List FAQ: http://www.activedir.org/ListFAQ.aspx > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Joining workstation to domain over vpn(again)
No. There are about 5 other win xp clients in that office that have been able to join the domain via VPN. This is the only one with an issue and its not running any fw software. Some of the other's are running xp sp2 with the firewall on and they have no issues. thanks Medeiros, Jose wrote: > Hi Tom, > > Do you have Zone Alarm or some other type of Software Based Firewall > installed? > > Jose > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Kern, Tom > Sent: Thursday, May 26, 2005 12:03 PM > To: ActiveDir (E-mail) > Subject: [ActiveDir] Joining workstation to domain over vpn(again) > > > I'm still having problems joining a winxp sp1 MS PPTP vpn client to > my domain. > The client is connecting to a windows 2000 sp4 RRAS server via pptp. > When i try to join the domain, I get the prompt to enter creditianls > and then, "network name could not be found" error. > I have all correct dns/wins settings. I made an #PRE and #DOM entry > in lmhosts pointing to the PDCE. > > When i run ethereal, i see the client querying and getting the srv > records from my dns for all dc's in the domain and doing an ldap > search on a number of dc's sucessfully. > > Then the last thing i get is a failed ldap ping(port unreachable). > > I'm not sure if that's the issue. > > I'm not doing NAT or Port address transaltion for the RRAS server. It > has a public ip. The only PAT/NAT is on the client side but I don't > think that is really an issue as I can vpn and auth to AD thru the > RRAS server and term service in app mode to other servers. I just > can't join the domain. > > Any help would be great. > thanks > List info : http://www.activedir.org/List.aspx > List FAQ: http://www.activedir.org/ListFAQ.aspx > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ > > List info : http://www.activedir.org/List.aspx > List FAQ: http://www.activedir.org/ListFAQ.aspx > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Joining workstation to domain over vpn(again)
Hi Tom, Do you have Zone Alarm or some other type of Software Based Firewall installed? Jose -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Kern, Tom Sent: Thursday, May 26, 2005 12:03 PM To: ActiveDir (E-mail) Subject: [ActiveDir] Joining workstation to domain over vpn(again) I'm still having problems joining a winxp sp1 MS PPTP vpn client to my domain. The client is connecting to a windows 2000 sp4 RRAS server via pptp. When i try to join the domain, I get the prompt to enter creditianls and then, "network name could not be found" error. I have all correct dns/wins settings. I made an #PRE and #DOM entry in lmhosts pointing to the PDCE. When i run ethereal, i see the client querying and getting the srv records from my dns for all dc's in the domain and doing an ldap search on a number of dc's sucessfully. Then the last thing i get is a failed ldap ping(port unreachable). I'm not sure if that's the issue. I'm not doing NAT or Port address transaltion for the RRAS server. It has a public ip. The only PAT/NAT is on the client side but I don't think that is really an issue as I can vpn and auth to AD thru the RRAS server and term service in app mode to other servers. I just can't join the domain. Any help would be great. thanks List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/