joining domain

By semaja2.net
in Microsoft (Windows)

 Share

Recommended Posts

Grand Master

semaja2.net

Posted
  • Author
Posted

ive looked through all the mods that have been done and there is nothing that could really stuff this up, but i found some things on the audit logs on the server

so ive included everything that it has from the login i used to add the account

Event Type: Success Audit

Event Source: Security

Event Category: Logon/Logoff

Event ID: 538

Date:  1/01/2005

Time:  2:50:19 PM

User:  JHOME\jamesas

Computer: CURLY

Description:

User Logoff:

  User Name: jamesas

  Domain:  JHOME

  Logon ID:  (0x0,0x211B42)

  Logon Type: 3

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type: Success Audit

Event Source: Security

Event Category: Account Management

Event ID: 646

Date:  1/01/2005

Time:  2:50:18 PM

User:  JHOME\jamesas

Computer: CURLY

Description:

Computer Account Changed:

  -

  Target Account Name: STINGER$

  Target Domain: JHOME

  Target Account ID: JHOME\STINGER$

  Caller User Name: jamesas

  Caller Domain: JHOME

  Caller Logon ID: (0x0,0x211B42)

  Privileges: -

Changed Attributes:

  Sam Account Name: -

  Display Name: -

  User Principal Name: -

  Home Directory: -

  Home Drive: -

  Script Path: -

  Profile Path: -

  User Workstations: -

  Password Last Set: -

  Account Expires: -

  Primary Group ID: -

  AllowedToDelegateTo: -

  Old UAC Value: 0x80

  New UAC Value: 0x81

  User Account Control:

  Account Disabled

  User Parameters: -

  Sid History: -

  Logon Hours: -

  DNS Host Name: -

  Service Principal Names: -

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type: Success Audit

Event Source: Security

Event Category: Account Management

Event ID: 629

Date:  1/01/2005

Time:  2:50:18 PM

User:  JHOME\jamesas

Computer: CURLY

Description:

User Account Disabled:

  Target Account Name: STINGER$

  Target Domain: JHOME

  Target Account ID: JHOME\STINGER$

  Caller User Name: jamesas

  Caller Domain: JHOME

  Caller Logon ID: (0x0,0x211B42)

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type: Success Audit

Event Source: Security

Event Category: Directory Service Access

Event ID: 565

Date:  1/01/2005

Time:  2:50:18 PM

User:  JHOME\jamesas

Computer: CURLY

Description:

Object Open:

  Object Server: Security Account Manager

  Object Type: SAM_DOMAIN

  Object Name: DC=JHOME,DC=ath,DC=cx

  Handle ID: 47271400

  Operation ID: {0,2169795}

  Process ID: 528

  Process Name: C:\WINDOWS\system32\lsass.exe

  Primary User Name: CURLY$

  Primary Domain: JHOME

  Primary Logon ID: (0x0,0x3E7)

  Client User Name: jamesas

  Client Domain: JHOME

  Client Logon ID: (0x0,0x211B42)

  Accesses: DELETE

  READ_CONTROL

  WRITE_DAC

  WRITE_OWNER

  ReadPasswordParameters

  WritePasswordParameters

  ReadOtherParameters

  WriteOtherParameters

  CreateUser

  CreateGlobalGroup

  CreateLocalGroup

  GetLocalGroupMembership

  ListAccounts

 

  Privileges: -

  Properties:

---

domain

DELETE

READ_CONTROL

WRITE_DAC

WRITE_OWNER

ReadPasswordParameters

WritePasswordParameters

ReadOtherParameters

WriteOtherParameters

CreateUser

CreateGlobalGroup

CreateLocalGroup

GetLocalGroupMembership

ListAccounts

  Domain Password & Lockout Policies

  lockOutObservationWindow

  lockoutDuration

  lockoutThreshold

  maxPwdAge

  minPwdAge

  minPwdLength

  pwdHistoryLength

  pwdProperties

  Other Domain Parameters (for use by SAM)

  serverState

  serverRole

  modifiedCount

  uASCompat

  forceLogoff

  domainReplica

  oEMInformation

  Domain Administer Server

  Access Mask: 0

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type: Success Audit

Event Source: Security

Event Category: Logon/Logoff

Event ID: 538

Date:  1/01/2005

Time:  2:50:18 PM

User:  JHOME\jamesas

Computer: CURLY

Description:

User Logoff:

  User Name: jamesas

  Domain:  JHOME

  Logon ID:  (0x0,0x211B8C)

  Logon Type: 3

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type: Success Audit

Event Source: Security

Event Category: Logon/Logoff

Event ID: 540

Date:  1/01/2005

Time:  2:50:18 PM

User:  JHOME\jamesas

Computer: CURLY

Description:

Successful Network Logon:

  User Name: jamesas

  Domain:  JHOME

  Logon ID:  (0x0,0x211B8C)

  Logon Type: 3

  Logon Process: Kerberos

  Authentication Package: Kerberos

  Workstation Name:

  Logon GUID: {b5971aae-3c83-4c93-27a7-551b90b7b6bf}

  Caller User Name: -

  Caller Domain: -

  Caller Logon ID: -

  Caller Process ID: -

  Transited Services: -

  Source Network Address: 192.168.0.21

  Source Port: 1552

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type: Success Audit

Event Source: Security

Event Category: Privilege Use

Event ID: 576

Date:  1/01/2005

Time:  2:50:18 PM

User:  JHOME\jamesas

Computer: CURLY

Description:

Special privileges assigned to new logon:

  User Name: jamesas

  Domain:  JHOME

  Logon ID:  (0x0,0x211B8C)

  Privileges: SeChangeNotifyPrivilege

  SeBackupPrivilege

  SeRestorePrivilege

  SeDebugPrivilege

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Link to comment
https://www.neowin.net/forum/topic/265015-joining-domain/#findComment-585208280
Share on other sites
Mentor

Eversurf

Posted
Posted

Is your PC getting DHCP and DNS from the Server. Check on the server to see if the computer has already been created. If so delete it and try to join again. Can you ping the server by IP. Check if you have a firewall on both machines. Cause it seems like it cannot comunicate via RPC. Make sure the RPC services are started on both the server and the workstation.

Have fun!!!

Link to comment
https://www.neowin.net/forum/topic/265015-joining-domain/#findComment-585230558
Share on other sites
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.

  • Posts

    • Microsoft about to radically change how often your Edge browser updates

      By seacaptain · Posted

      Why? Does anybody actually want this? The constant need to close all browser sessions and wait for a new version to install, just so that there’s a integrated coupon manager feels like a waste of everyone’s time
    • Louis Rossmann suing Samsung over "990 Pro SSD warranty scam"

      By PsYcHoKiLLa · Posted

      I remember when Louis used to just do interesting Mac/iPhone repairs, now he's boring and just launches "crusades" every week
    • Microsoft releases new Windows 11 Media Creation Tool with the latest updates

      By ad47uk · Posted

      A shame it don't allow people to bypass the MS account, I will stick to using Rufus.
    • Microsoft about to radically change how often your Edge browser updates

      By zikalify · Posted

      Microsoft about to radically change how often your Edge browser updates by Paul Hill Microsoft has just announced that starting with Edge 152, it will be moving to a two-week release cycle for faster, smaller updates. This faster release cadence will begin on August 27. This change comes just several months after Microsoft switched Visual Studio Code to weekly updates. The company said that the Extended Stable releases will remain on an eight-week cycle and that no admin changes are needed to experience the faster release cycle on the Stable channel. The new two-week release cycle will enable the faster delivery of security updates and platform improvements, all while reducing the size and complexity of individual updates. Microsoft claims that organizations will benefit from this change as it offers predictable validation cycles. For organizations that prefer a “more deliberate pace”, the Extended Stable channel remains an option. This change will affect Edge Stable releases on Windows, macOS, Linux, and mobile. The Extended Stable channel will continue to be updated every eight weeks, or every fourth Stable release, for example: versions 152, 156, 160, and 164. The Extended Stable could be a good option for organizations that don’t want the latest updates twice a month and don’t want as much hassle constantly updating browsers. In the case of Visual Studio Code, many of the updates being pushed by Microsoft are AI-related. As we all know, Microsoft Edge has a lot of AI features, so we could see Microsoft pushing more AI, thanks to the faster cycles. On the flip side, quicker releases could mean faster security updates, which is beneficial in a world where AI systems are hunting for software exploits. What do you think? Let us know in the comments. For more updates on Edge, be sure to follow Neowin's coverage. In May alone, we reported on Edge offering in-browser pop-ups to assist users with website compatibility issues, that Edge was losing Copilot Mode, and that Microsoft had fixed a plain-text password bug in Edge. Source: Microsoft 365 Admin Center
    • Euro-Office must default to ODF to be considered "genuinely European", LibreOffice argues

      By ad47uk · Posted

      not yet, because at the moment it is not a threat to MS, if and I mean if it did become a threat to MS Office, then it may be a different thing. MS don't like competition

  • Recent Achievements

    • Week One Done
      davidbazooked earned a badge
      Week One Done
    • One Month Later
      Jamswaz earned a badge
      One Month Later
    • Week One Done
      Jamswaz earned a badge
      Week One Done
    • Rookie
      Marzoid went up a rank
      Rookie
    • Community Regular
      coch went up a rank
      Community Regular

  • Popular Contributors

    1. 1
      +primortal
      514
    2. 2
      PsYcHoKiLLa
      185
    3. 3
      +Edouard
      159
    4. 4
      Steven P.
      83
    5. 5
      ATLien_0
      75
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!