Unable to Manage a Domain Computer from Domain Controller


Recommended Posts

I have installed Active Directory on Virtual Machine with Win2k8 Server, which is a domain controller. I am joining other computers i. e Laptops and Virtual Machines to the Domain.

There are few problems that i am facing,

1) I am able to join all the Laptops to domain, but i am not able to manage them using domain controller. When i right click on computer->Mangage computer, it shows an error

Computer \\Computername.domainname cannot be managed.The Network path was not found.

Surprisingly 1 of the Win 7 laptops is working fine, and i am able to manage it without making any changes. All others show the same error.

Changes that i have made so far are:

i) Under Network and Sharing Center -> Advance settings, I have enabled Network Discovery as well as File and Printer sharing.

ii) Turned windows as well as domain Firewall off.

Still getting the same error.

2) After joining the domain, laptops are not able to connect to other networks other then our local network.

3) I have setup a VPN on Server that is domain controller, I am able to connect to that VPN connection from these laptops but i am not able to ping the server, or any other VMs running under same network.

In case of VMs (all running Win 2k8) i am not having any of above mentioned issues. I am assuming there is some setting particularly in Win 7 that needs to be changes.

"2) After joining the domain, laptops are not able to connect to other networks other then our local network."

What does this mean? Makes no sense - do you mean wireless network, plugged into a wire somewhere else and don't get an IP. Can not access the internet, what other networks are you talking about?

Are you windows 7 laptops using dhcp from your DC? Are they static? Where do they point for dns?

So all the VMs are working - how does your VMs connect to your physical network - are you natting the connection or bridging?

Is your pinging issue while they are connected via vpn? So when they connect via vpn they are at another location or on your same network? Why would you connect to vpn if on your local network - and if they are remote I thought you said they can not connect to any other networks?

Keep in mind having adomain controller as a virtual machine is a bad idea. you can get time sync errors and other problems that creep up.

Can you ping your domain name?

Also when you remotely connect to a machine it should either be just the "machinename" or "machinename.domain" not "computer\\computer.domain"

All Laptops are using DHCP.

Before joining the Domain, I set the Preferred DNS of Laptops to the IP of the Domain Controller. Left the alternate DNS blank. Reverting it back to Auto DNS has solved the issue. Now i am able to connect to other Wifi connections and ping the router after joining VPN.

Other issues are still there.

Yes i am able to ping the workstations using machine name.

Dhcp from where?? Your DC? Or your router?

All member machines of a domain need to use the AD for dns - PERIOD!!!! you then need to setup your AD dns to either forward to your router for dns, isp or something outside like google or opendns. Or have it lookup direct from roots.

I could fire up a clean w7 box and join it to domain - there should be NOTHING you have to do on the pc to allow remote admin using the domain admin account. This gets added to local administrators on the box when it joins the domain.

But if the pc is not using your AD dns - it would be possible that it would not be able to verify authentication from the DC when you try and access it.

Your not running any sort of 3rd party firewall/security suite on the PCs are you?

just wondering...could Remote Registry have something to do with it? I know if you disable that service, you cannot manage remote PC's....just curious. And puzzled, lol! At least you have BudMan to help...he is the king! (Y)

yes remote registry could be an issue - but why would that be off?

What is more likely is he has basic configuration wrong - ie machines using his router or isp for dns vs his AD dns. This is common problem in the home lab, user has router for dhcp that hands out its own info gateway, dns point to it, it then forwards to ISP

If you want to run AD you should most likely disable router dhcp, turn on dhcp on your server and just point to your router as gateway in the dhcp scope. DNS needs to point to AD DC, and dhcp also helps with the registrations in dns for your member boxes. You then configure AD dns to forward or use root hints.

I would look to this sort of configuration problem before seeing if a default service on multiple machines has been disable - but sure it is quite possible that could be a problem.

There should be a group policy setting that makes sure this is set to automatic - but yeah he could check if for whatever reason this is not set to automatic and starting once you join a domain.

Remote Registry was off, But turning it on did not make any difference.

Yes, machines are using DNS provided by router (ISP). Based on the network structure we have, i do not want all the machines to be a part of AD, so i can not turn off the auto DNS function of Router.

To me it does not sounds to be the DNS issue, because i have 2 win 7 computers on my desk, both using same network configuration. After joining them to domain, 1 works perfectly fine, and i face all those issues with the second computer.

Issue has been resolved.

I logged in as administrator (default account before joining the domain) and turned off the windows and domain firewall. Now i am able to manage the computer from domain controller.

"Yes, machines are using DNS provided by router (ISP).

This is going to cause you NOTHING but ISSUES!!! All members of a domain NEED to point to the AD DNS - if they do not then they can not correctly resolve SRV records, etc..

All machines in your network can point to AD dns - even if they are NOT members of the domain, this is not going to hurt anything. Then your AD dns points to ISP or direct from roots.

Anyone that would point a AD member to non AD dns clearly has not even the most basic understanding of how DNS is integrated into AD.

http://mcpmag.com/articles/2004/05/01/10-dns-errors-that-will-kill-your-network.aspx

10 DNS Errors That Will Kill Your Network

1. TCP/IP Configuration Points to Public DNS Servers

This is by far the most common DNS error. Each network interface has a set of TCP/IP settings that lists the DNS servers used by that interface.

If the TCP/IP settings for a member computer specify the IP address of a public DNS server?perhaps at an ISP or DNS vendor or the company?s public-facing name server?the TCP/IP resolver won?t find Service Locator (SRV) records that advertise domain controller services, LDAP, Kerberos and Global Catalog. Without these records, a member computer can?t authenticate and get the information it needs to operate in the domain. It then acts like a teenager who can?t get the car keys, growing sullen and exhibiting a variety of bad behaviors.

This topic is now closed to further replies.
  • Posts

    • Google Chrome 137.0.7151.69 (offline installer) by Razvan Serea The web browser is arguably the most important piece of software on your computer. You spend much of your time online inside a browser: when you search, chat, email, shop, bank, read the news, and watch videos online, you often do all this using a browser. Google Chrome is a browser that combines a minimal design with sophisticated technology to make the web faster, safer, and easier. Use one box for everything--type in the address bar and get suggestions for both search and Web pages. Thumbnails of your top sites let you access your favorite pages instantly with lightning speed from any new tab. Desktop shortcuts allow you to launch your favorite Web apps straight from your desktop. Chrome has many useful features built in, including automatic full-page translation and access to thousands of apps, extensions, and themes from the Chrome Web Store. Google Chrome is one of the best solutions for Internet browsing giving you high level of security, speed and great features. Important to know! The offline installer links do not include the automatic update feature. Google Chrome 137.0.7151.69 changelog: [N/A][420636529] High CVE-2025-5419: Out of bounds read and write in V8. Reported by Clement Lecigne and Benoît Sevens of Google Threat Analysis Group on 2025-05-27. This issue was mitigated on 2025-05-28 by a configuration change pushed out to Stable across all Chrome platforms. [$1000][409059706] Medium CVE-2025-5068: Use after free in Blink. Reported by Walkman on 2025-04-07 Google is aware that an exploit for CVE-2025-5419 exists in the wild. Download web installer: Google Chrome Web 32-bit | Google Chrome 64-bit | Freeware Download: Google Chrome Offline Installer 64-bit | 128.0 MB Download: Google Chrome Offline Installer 32-bit | 115.0 MB Download page: Google Chrome Portable Download: Google Chrome MSI Installers for Windows (automatic update) View: Chrome Website | Release Notes Get alerted to all of our Software updates on Twitter at @NeowinSoftware
    • Last night I watched "I, Robot" movie: https://www.youtube.com/watch?v=7Dlo-VB0-HI The day they put AI into Robots is our END... I really scare from that day!!
    • This site is just old men ranting at clouds. Neowin knows its audience.
    • That's nice and all. but I generally just stick with Lutris paired with 'ge-proton' (which gets updated fairly often (June 1st was last update) as the 'ge-proton' entry in Lutris uses stuff here... https://github.com/GloriousEggroll/proton-ge-custom/releases ) and the like to play my games. p.s. if a person wants to stick with a specific version from that link you can download a specific version and extract it to "~/.local/share/lutris/runners/proton/". then select it in Lutris options on game shortcut is the basic idea. because by default the standard 'ge-proton' entry will automatically get updated which can occasionally cause issues even though it's usually fine. but manually setting it on a specific version will prevent the standard updates on 'ge-proton' from messing with it on a particular game you may have issues with if that gets updated etc. one good example of the 'ge-proton' updates messing with a game in particular is the offline version of RDR2 1491.50 as I setup a specific version there and after removing the 'vulkan-1 (native)' entry in 'Wine configuration' on 'RDR2.exe' entry (if you don't remove this the game won't start up) is when the 'ge-proton' updates, it will restore that 'vulkan-1 (native)' entry and prevent the game from working. you can always remove the entry on the RDR2.exe in Wine configuration specifically after updates, but doing that everytime that updates will get old quickly. hence, keeping it on a specific GE Proton version stops me from having to mess with it as then you just adjust it once and you are done with it. also, when using 'bat' files to start a game (like Hitman: WoA for example using Peacock etc) I had some issues with GE Proton after '9-27', so I got the game locked to '9-27' (April 1st) instead of the newer ones (10-1 etc).
    • Sam Altman says AI could soon help with discovering new knowledge by Hamid Ganji OpenAI is currently at the forefront of developing powerful AI models, while its ChatGPT product is rewriting our traditional way of looking for new information. The company's CEO, Sam Altman, now says AI could even help humans discover new knowledge. He also described AI agents as junior employees. Speaking at the Snowflake Summit 2025, Altman boasted that AI agents can act like junior employees, saying, "You hear people that talk about their job now is to assign work to a bunch of agents, look at the quality, figure out how it fits together, give feedback, and it sounds a lot like how they work with a team of still relatively junior employees." OpenAI CEO also added AI agents could help humans discover new knowledge in "limited cases" or "figure out solutions to business problems that are kind of very non-trivial." While the use of AI for scientific discovery is still viewed with skepticism, the technology has proven its capabilities for new discoveries in several cases. For example, the Microsoft Discovery platform, designed for accelerating scientific research and development by AI agents, was recently able to discover a new chemical for cooling data centers in just 200 hours, a process that normally takes years to research and complete by humans. AI firms are also shifting their focus toward developing AI agents capable of performing various tasks. OpenAI recently unveiled Codex, which contains AI agents for helping programmers write and debug code. According to Altman, OpenAI engineers are already using Codex. As AI agents become more intelligent, more employees should be concerned about losing their jobs. Companies have already started replacing some specific roles with AI. For example, Duolingo has replaced its contract workers with AI, while Shopify managers need to provide reasons why AI cannot handle a job before seeking approval for new hires. Via: Business Insider
  • Recent Achievements

    • First Post
      nothin earned a badge
      First Post
    • Enthusiast
      Epaminombas went up a rank
      Enthusiast
    • Posting Machine
      Fiza Ali earned a badge
      Posting Machine
    • One Year In
      WaynesWorld earned a badge
      One Year In
    • First Post
      chriskinney317 earned a badge
      First Post
  • Popular Contributors

    1. 1
      +primortal
      188
    2. 2
      snowy owl
      134
    3. 3
      ATLien_0
      130
    4. 4
      Xenon
      119
    5. 5
      +FloatingFatMan
      97
  • Tell a friend

    Love Neowin? Tell a friend!