Using domain join UI to join a workgroup computer to an AD domain by specifying the target DNS domain name fails - Windows Server

  • 5,000
  • Tác giả: admin
  • Ngày đăng:
  • Lượt xem: 5
  • Tình trạng: Còn hàng

Windows 7 or Windows Server 2008 R2 domain name join displays error (Changing the Primary Domain DNS name of this computer to tướng "" failed....)

This article provides a solution to tướng an error that occurs when you use the domain name join User Interface (UI) to tướng join a Windows 7 or Windows Server 2008 R2 workgroup computer to tướng an Active Directory domain name by specifying the target DNS domain name name.

Original KB number:   2018583

Symptoms

Using the domain name join UI to tướng join a Windows 7 or Windows Server 2008 R2 workgroup computer to tướng an Active Directory domain name by specifying the target DNS domain name name fails with the following on-screen error:

Changing the Primary Domain DNS name of this computer to tướng "" failed. The name will remain ".".
The error was:

The specified server cannot perform the required operation.

The NETSETUP.LOG on the computer being joined contains the following text:

where 0x3a maps to:

UI Error Symbolic Error String Hex Error # Decimal Error #
The specified server cannot perform the operation ERROR_BAD_NET_RESP 0x3a 58

Cases where the "Changing the Primary Domain DNS name.." error appears in conjunction with extended errors other kêu ca "the specified server cannot perform the required operation", including those listed in the table below, are NOT related to tướng the symptom, cause, or resolution text discussed in this article.

The Extended errors that make the "Changing the Primary DNS name..." error unrelated to tướng this KB include:

Extended Error
A security package specific error occurred
The remote procedure điện thoại tư vấn failed and did not execute

Cause

When a computer is joined to tướng the domain name, it attempts to tướng register a Service Principal Name to tướng ensure that its DNS suffix is allowed in the target domain name. The domain name join UI queries information from the Local Security Authority (LSA) policy database for the short (NetBIOS) and long (DNS) names of the target domain name.

The error described in the Symptoms section occurs because a function in the domain name join UI improperly performs a LDAP bind to tướng a Domain Controller in the target domain name by its short name, which fails in one of the following conditions:

  • The Disable NetBIOS over TCP/IP checkbox has been disabled in the IPv4 properties of the computer being joined.
  • Connectivity over UDP port 137 is blocked between client and the helper DC servicing the join operation in the target domain name.
  • The TCP/IPv4 protocol has been disabled so sánh that the client being joined or the DC in the destination domain name targeted by the LDAP BIND is running TCP/IPv6 only.

Resolution

Despite the appearance of the on-screen error described in the Symptoms section, the domain name join operation completes as evidenced by the status in the NETSETUP.LOG.

NetpCompleteOfflineDomainJoin SUCCESS: Requested a reboot :0x0
NetpDoDomainJoin: status: 0x0

To eliminate the error, use one of the following methods:

  • Verify that NetBIOS over TCP/IP is enabled.

    1. Click Start, click Run, type ncpa.cpl, and then click OK.
    2. In Network Connections, right-click Local Area Connection, and then click Properties.
    3. Click Internet Protocol Version 4 (TCP/IPv4), and then click Properties.
    4. In the Internet Protocol Version 4 (TCP/IPv4) Properties dialog box, click Advanced.
    5. On the WINS tab, verify Enable NetBIOS Over TCP/IP is enabled, and then click OK three times.
  • Verify end-to-end network connectivity over UDP port 137 over the network path connecting the client being and the helper DC serving the join operation.

  • If the error occurred in an IPv6 only environment or you require a fix to tướng resolve the error, open a tư vấn incident with Microsoft Customer Service and Support requesting a post RTM fix for Windows 7/Windows Server 2008 R2.

  • Add Domain DNS Suffix in the TCP/IP Properties.

    1. Click Start, click Run, type ncpa.cpl, and then click OK.
    2. In Network Connections, right-click Local Area Connection, and then click Properties.
    3. Click Internet Protocol Version 4 (TCP/IPv4), and then click Properties.
    4. In the Internet Protocol Version 4 (TCP/IPv4) Properties dialog box, click Advanced.
    5. On the DNS tab, select these DNS Suffixes, click Add, type the FQDN of the domain name in the DNS Server dialog box, click Add, and then click OK three times.