clients using DHCP can't add on DC

Asus P6x58d premium motherboard
April 26, 2010 at 09:39:57
Specs: Windows server 2003 enterprise edition
i'm trying to set up a small network of 13 pc's using windows XP Pro and a server using Windows Server 2003 enterprise ediion, which I have set up as DC, configured DNS and AD, and assigned static IP,nslookup works perfectly and I can ping from server to clients and the opposite.DHCP enabled :No
The ment to be clients refuse to be added to the domain.DHCP enabled :YES.
If I try to give the DNS IP address of the DC=server, they can't even access the internet.
Please help, how can I add them to the domain?
In attempt of adding them to the domain from a workgroup, the error is: you can't have more than one user accounts

See More: clients using DHCP cant add on DC

Report •

April 26, 2010 at 09:53:02
Your dhcp server, presumably your router, needs to be configured to provide the servers ip address as dns server.

Now they won't get internet

Next step is in the servers dns server forwarders tab [not to be confused with forward lookup zone] you put the isp's listed dns servers ip.

Now both with both internet and name resolution will work.

This does not explain the error you are getting when trying to join the pcs to the domain.

Report •

April 27, 2010 at 02:56:31
thank you so much for your reply!
I have to say that this is the 1st time I try to set up a LAN and things are more difficult than I expected.
1) If i fill in the DNS preferred field (in the xp machine)with the server's IP address which is also DNS IP (it's 10.65.169) then I have no internet and the error message is :
The defined server cannot execute the above function
2) If I set Obtain DNS address automatically then I can connect to the internet I can view the domain from my network places, also I can view the server and some folders but when I try to join the domain after admin username and password I get the same error message.

The DNS server forwarders Tab, you suggested, I had already put all the ip addresses but when I try to add the ip of the server ( an error message pops up saying that this is an invalid address.
Yes, I have a router who dynamically gives the addresses to all XP machines, but I don't understand what to do when you say to configure my router...
Please reply for more information...thank you in advance

Report •

April 27, 2010 at 06:20:57
go to the server and do a ipconfig /all and post the results
also post the exact ip addresses you put in the dns servers forwarders tab.

Report •

Related Solutions

April 27, 2010 at 08:35:25
The exact ipconfig /all post will be written tomorrow morning when I'll get back to work, b/c I'm home right now.
But I know most of them by heart, so the server configuration IP's are

primary dns suffix : school.local
DHCP enabled : NO
Ip address :
subnet mask :
default gateway :
DNS Server:

DNS forwarders Tab
All DNS list
194.xx.xx.xx (I''l post these tomorrow)
when I try to put write invalid address
Thank you

Report •

April 27, 2010 at 08:59:45
The forwarders tab is there so when local name resolution doesn' t resolve the request [like for] it 'forwards' it to the isp listed dns servers. Fortunately MS DNS is smart enough to know it can't forward to itself.

Those 192.x.x.x ips are not valid public dns entries. Those are private not public ip addresses.

Concerning do you have another server running dns?

Report •

April 28, 2010 at 01:43:19
The IP config on the server shows:
Host Name : Server
Primary DNS Suffix : school.local
Node Type : Hybrid
IP Routing Enabled: No
WINS Proxy Enabled : No
DNS Suffix Search List : school.local

Ethernet adapter...

Connection-specific DNS suffix : school.local
Description: Realtek PCIe GBE Family Controller
Physical Address : 00-26-18-DB-87-6C
DHCP Enabled : No
IP address :
Subnet mask :
Default Gateway :
DNS Servers :
Now, today I've changed the Server's IP address to, b/c we are not allowed to use any other digits than 10(first and last) for the1st domain controller and if we want to add a 2nd later on, we should use (this would be the IP address and DNS for the 2nd DC)

In the clients' properties TCP/IP the radio buttons are set to automatically, b/c they get their addresses from the DHCP (router)

So the configuration in a client shows:

Host Name : client13
Primary DNS Suffix :

IP Routing Enabled: No
WINS Proxy Enabled : No
DNS Suffix Search List : school.local

Ethernet adapter...local area connection

Connection-specific DNS suffix : school.local
Description: Controller 3Con 3C920 Fast Ethernet(compatible with 3C905C-TX)
Physical Address : 00-01-02-03-F3-9B
DHCP Enabled : YES
Automatic setting enabled : YES
IP address :
Subnet mask :
Default Gateway :
DNS Servers :

With the above settings I can access internet either from the client and the server and they can ping to each other.
The nslookup on the client shows: DNS request timed out. timed out
Server :
Address :
school.local : non-existent domain

And of course ,when I try to join the domain, the error message on the client continues to be the same.

Report •

April 28, 2010 at 08:03:21
Does not appear dns server is running/configured on the server. Normally you would have none of the 194.x.x.x dns entries on any of the clients or the server. The forwarders take care of this.

After the server ip change did you update dns accordingly? For example you have school.local which should have ip of now?

Report •

April 28, 2010 at 08:38:56
Today I've changed the server's ip to and of course I opened dns and I checked to see if this address was updated, and there it was. The forwarders tab listed
The only entry I deleted was in the forward look up zone the Host(A) which had a previous IP address and I did the same in the reverse look upzone.
nslookup on server identifies the domain school.local
nslookup on client nothing.
When I type in the explorer window, says: the page is under construction and the help referres to something about a function not available in windows server 2003 for security reasons??
Of course, clients can't be part of the domain yet...

Report •

April 28, 2010 at 08:57:40
"forwarders tab listed"
You should not be able to add the same dns servers ip to this. That is forwarding to itself which is a loop. Remove this entry.

It also does not make sense to forward to the 192.x.x.x which clearly are the schools dns servers. This just means they in turn forward a local request for out to the isp's dns servers.

What are the isp's dns server ips????

Let's do a simple clean test.

On the server remove for tcp/ip dns entries
On the server remove from the forwarders tab and have only

On the workstation do a static ip assignment so you can set dns to only

Reboot both the server then the workstation. Do a nslookup to school.local
The response should be and the servers ip address

Report •

April 28, 2010 at 09:30:21
Thanks. I have to do that, on next Monday when i'll get back to that server.
I work in a different one tomorrow.
I suspected that the address shouldn't be in the forwarder's tab from your previous reply.
The list with the 194.x.x.x works like this:
the architectural structure of the Lab is developed, so that the server should use as a forwarder the 1st nearest DNS server of the perfecture nod in which the lab belongs to, and then the 2nd nearest DNS server.These DNS servers are not present in my lab, but are somewhere in the wider area. All labs are controlled and parts of metropolitan or wide area network. In that way all requests for internet sites resolve in the Lab's environment.
I don't know if all that made any sense, but sure thing I'll try what you suggested the sooner.

Why can't some things be resolved by themselves??

Thanks very much.

Report •

May 5, 2010 at 03:52:46
Well, I've been trying whole week to join the xp clients to the domain, I tried exactly what you suggested and didn't work.
I uninstalled DNS and AD and then installed it again .
I also have a windows 2000 wkst and yes, immediately joined the domain.(named plato)
Then I tried with an xp pro wkst (client12) and I could make it join the domain after renaming it and moving to domain and some other attempts.
When I tried the same thing with another XP pro (client01) renamed it to PC01 said welcome to the domain, but I couldn't have acess from the server, although I have acess to
plato and client12, so I decided it to move it back to the workgroup, renamed it to client01 and then tried to join the domain again, but the message is as: "can not contact the domain or the domain is busy right now"
Oh. I removed the server's IP address from the forwarders tab, thanks for the advice

Now what?

Report •

May 5, 2010 at 08:45:58
If you unjoin a workstation you then have to remove it from active directory before you try to add it back.

We need to make sure dhcp/dns is configured properly. Can you do a successful tracert to

When trying to access the workstation from the server are you going to Run and typing \\wkstation name\c$ [default admin shares]? Post an ipconfig /all from a working connected to the domain pc for review.

Report •

May 10, 2010 at 02:42:05
I did remove the wks from AD berfore trying to add it to the domain with the same name, with a different name and with whatever way can anyone imagine.
At a time I got the message welcome to the domain and then some kind of error, I rebooted the wks and I couldn't logon to the domain, b/c the error wrote : the domain school is currently anavailable.
I run the tracert command to and it completed succesfully.
Accessing the client12 (working fine) from run command , succesfull access to files.To other wks, e.g. client09 waits to fill in a password, but tries to connect me as client09/guest???

the working wks's configuration is:
Host Name : client12
Primary DNS Suffix : school.local

IP Routing Enabled: No
WINS Proxy Enabled : No
DNS Suffix Search List : school.local

Ethernet adapter...local area connection

Connection-specific DNS suffix : school.local
Description: Controller 3Con 3C920 Fast Ethernet(compatible with 3C905C-TX)
Physical Address : 00-01-02-04-AF-2D
DHCP Enabled : YES
Automatic setting enabled : YES
IP address :
Subnet mask :
Default Gateway :
DNS Servers :

I've formatted one client so that I could join the domain from the start but even then, a message poped up saying sthng about an error and that I should continue with the installation and try to join the domain later.
In AD the computer's account showed up disabled, I enabled it and wait for the installation to finish. I'll reboot the server once more and see..

Report •

May 11, 2010 at 10:22:32
I've managed to join the domain 4 clients and the method is so difficult, and if you miss a step you have to start all over again.
The problem with xp clients is that you can't simply join the domain by changing from workgroup to domain, but you have to change the name of the computer AND join the domain at the same time. You first get the welcome to the domain window but then an error pops up saying that you can't join the domain with the new name but only under the old name.
Ok. So far so good. After restart, you notice that there is a domain selection but you can't log on b/c the server unfortunately has created the account under the new name.
So, smthg is wrong here, as you see the server and the client
have different names. The wks keeps the old name and the server the new name and as a result you can't log on to the domain but only locally.
So I figured I have to do sthng that the server both and client keep the same name and preferrably name: clientxx.
So I changed to workgroup(having log in locally) and changed the name at the same time. After restart both server and client hold the same name but wks is still a member of a workgroup.Now, I change the name of the computer once more and join the domain at the same time. The welcome message pops up and the error message too.But after restart, if thing have gone all right the server shows 2 names the old one and the new one. check to disable the different one and finally join the domain!!
After that I delete the other name on the server machine...
Question: if you know, why do the domain clients need so much time to log on to the domain every time?
One more thing: I can see all the clients in my network places either on server or on clients but can't have access.
The message is as: contact with your administrator (who obviously is me and also I have connected with admin username and password) and network path not found.
Is there anything I should change to gain access?
In AD all computers appear with their current domain names e.g. clientxx

Report •

May 11, 2010 at 10:32:01
remove these entries from the dhcp server

I take it this is your first domain setup?

Something is seriously wrong from what you describe. If the workstation has not been added to the domain it should be as simple as join domain and you get the welcome to the domain message. No name change required unless the workstation was added previously and then not deleted from AD.

I would suggest you consider reinstalling the DC from scratch.

Report •

Ask Question