Windows 2000 Host Cannot Join the Domain (266324)
The information in this article applies to:
- Microsoft Windows 2000 Server
- Microsoft Windows 2000 Advanced Server
- Microsoft Windows 2000 Professional
- Microsoft Small Business Server 2000
This article was previously published under Q266324 SYMPTOMS
When you attempt to add a host to a Windows 2000 domain, the attempt may be unsuccessful and the following error message may be displayed:
Network Identification
The following error occurred validating the name Domainname
The specified domain either does not exist or could not be contacted.
CAUSE
This behavior can occur if the Domain Name System (DNS) zone file that is parallel to the Active Directory domain uses an alias (CNAME) record as the target host of the Service Locator (SRV) records rather than a host or A record. For example:
_ldap._tcp.dc._msdcs 600 SRV 0 100 389 pdc.<Domain>
pdc 600 CNAME dc1.<Domain>
dc1 600 A 192.168.0.1
NOTE: The target host in this example is pdc. Domain which is an alias to the host dc1. NOTE: This may also occur if packet filtering/firewall software is blocking ports needed to connect, such as TCP port 389.
RESOLUTION
To resolve this problem, change the target host of every SRV record in the DNS zone for Active Directory to point to a host or A record.
MORE INFORMATION
SRV records are used in an Active Directory domain to locate domain controllers that are running Lightweight Directory Access Protocol (LDAP) and Kerberos services. RFC 2782 states that the target host for an SRV record must not be an alias. When you join a domain in Windows 2000, the client queries for the SRV record of _ldap._tcp.dc._msdcs.Domain. If the SRV record points to an alias rather than a host record, the client suspends its attempt to join the domain and returns an error message.
| Modification Type: | Major | Last Reviewed: | 12/3/2003 |
|---|
| Keywords: | kberrmsg kbnetwork kbprb KB266324 |
|---|
|