Adding windows 11 client to domain

rjtt64 · February 18, 2023, 1:35pm

Hello,

Just installed a univention domain controller master 4.4, in a new domain. Ive given it a static ip addr.
I then go to a windows 11 pro, set the dns to the static ip address of the univention domain controller master.
I change domain on windows 11 pro and I get an error message “the specified network resource or device is no longer available” . I can ping the domain fine from that machine. If I say ok, I then get a security prompt asking for a user with rights to join the domain, I put the adminsitrator in for the domain, but it errors with incorrect username or password.

From the windows client side I have this in the netsetup log, which confirms a username password error coming back from UCS. I would add Im using the administrator account to do this add.

I would love to see the log on the UCS side but currently cant find it if anyone could help

02/19/2023 10:28:18:939 NetpValidateName: checking to see if ‘dandr.intranet’ is valid as type 3 name
02/19/2023 10:28:19:064 NetpCheckDomainNameIsValid [ Exists ] for ‘dandr.intranet’ returned 0x0
02/19/2023 10:28:19:064 NetpValidateName: name ‘dandr.intranet’ is valid for type 3
02/19/2023 10:28:19:064 NetpDsGetDcName: trying to find DC in domain ‘dandr.intranet’, flags: 0x40001010
02/19/2023 10:28:19:773 NetpDsGetDcName: failed to find a DC having account ‘BEDROOM-PC$’: 0x525, last error is 0x0
02/19/2023 10:28:19:773 NetpDsGetDcName: status of verifying DNS A record name resolution for ‘dc1-server.dandr.intranet’: 0x0
02/19/2023 10:28:19:773 NetpDsGetDcName: found DC ‘\dc1-server.dandr.intranet’ in the specified domain
02/19/2023 10:28:19:773 NetpJoinDomainOnDs: NetpDsGetDcName returned: 0x0
02/19/2023 10:28:19:773 NetpDisableIDNEncoding: using FQDN dandr.intranet from dcinfo
02/19/2023 10:28:19:773 NetpDisableIDNEncoding: DnsDisableIdnEncoding(UNTILREBOOT) on ‘dandr.intranet’ succeeded
02/19/2023 10:28:19:773 NetpJoinDomainOnDs: NetpDisableIDNEncoding returned: 0x0
02/19/2023 10:28:19:883 NetUseAdd to \dc1-server.dandr.intranet\IPC$ returned 1326
02/19/2023 10:28:19:883 NetpJoinDomainOnDs: status of connecting to dc ‘\dc1-server.dandr.intranet’: 0x52e
02/19/2023 10:28:19:883 NetpJoinDomainOnDs: Function exits with status of: 0x52e
02/19/2023 10:28:19:883 NetpResetIDNEncoding: DnsDisableIdnEncoding(RESETALL) on ‘dandr.intranet’ returned 0x0
02/19/2023 10:28:19:883 NetpJoinDomainOnDs: NetpResetIDNEncoding on ‘dandr.intranet’: 0x0
02/19/2023 10:28:19:883 NetpDoDomainJoin: status: 0x52e

any ideas, be gratefully appreciated, I would be pulling my hair out if I had any left.

Thanks

boospy · February 19, 2023, 10:20pm

master 4.4 is EOL since 01.2023. Please use UCS 5.x

rjtt64 · February 20, 2023, 7:35am

oh thanks, I did try UCS 5.x but its active directory components didnt appear to be working. Can you create an active directory domain with UCS 5.x . My network is windows pcs and linux NASs

Many thanks

talleyrand · February 20, 2023, 8:26am

Yes 5.x works fine for an AD domain…

Just remember to join the domain as the local admin on the computer…
If… your local user is not set to admin on the machine.

log into local computer as an ADMIN user (no domain connection)
join the domain as the domain administrator.

rjtt64 · February 20, 2023, 8:39am

Great thanks for the advice, I had tried this once on 4.4 to no joy but I will try

Log on to local machine as admin user with no domain connection
Join the UCS domain with domain admin rights

Many thanks

rjtt64 · February 21, 2023, 8:04am

Hi
Thanks for the help.

My current attempt at adding a windows client to ucs is:

So I have a UCS 5.x Domain Controller master with the AD Compatible dc app installed.
I have a windows 11 latest patch client logged in as local administrator in a workgroup, with its DNS server pointing to the UCS 5.x Domain Controller master.

I add the windows 11 machine to the domain, using the Administrator account on the UCS 5.x Domain Controller master. I get an error message on the windows 11 client saying security id structure invalid.

I would also add that the windows pc picks up its ip successfully from the dhcp server on teh UCS server.

The log from the windows client, the last section is below
02/21/2023 07:51:47:753 NetpDsGetDcName: failed to find a DC having account ‘BEDROOM-PC$’: 0x525, last error is 0x0
02/21/2023 07:51:47:753 NetpDsGetDcName: status of verifying DNS A record name resolution for ‘dc1-server.dandr.intranet’: 0x0
02/21/2023 07:51:47:753 NetpDsGetDcName: found DC ‘\dc1-server.dandr.intranet’ in the specified domain
02/21/2023 07:51:47:753 NetpJoinDomainOnDs: NetpDsGetDcName returned: 0x0
02/21/2023 07:51:47:753 NetpDisableIDNEncoding: using FQDN dandr.intranet from dcinfo
02/21/2023 07:51:47:768 NetpDisableIDNEncoding: DnsDisableIdnEncoding(UNTILREBOOT) on ‘dandr.intranet’ succeeded
02/21/2023 07:51:47:768 NetpJoinDomainOnDs: NetpDisableIDNEncoding returned: 0x0
02/21/2023 07:51:47:800 NetUseAdd to \dc1-server.dandr.intranet\IPC$ returned 1326
02/21/2023 07:51:47:800 NetpJoinDomainOnDs: status of connecting to dc ‘\dc1-server.dandr.intranet’: 0x52e
02/21/2023 07:51:47:800 NetpJoinDomainOnDs: Function exits with status of: 0x52e
02/21/2023 07:51:47:815 NetpResetIDNEncoding: DnsDisableIdnEncoding(RESETALL) on ‘dandr.intranet’ returned 0x0
02/21/2023 07:51:47:815 NetpJoinDomainOnDs: NetpResetIDNEncoding on ‘dandr.intranet’: 0x0
02/21/2023 07:51:47:815 NetpDoDomainJoin: status: 0x52e

Id be very grateful of your kindness if you could help with this.

Many thanks