Joining a domain?????

Discussion in 'Parallels Desktop for Mac' started by mrrrl, Sep 15, 2006.

  1. mrrrl

    mrrrl Bit poster

    Messages:
    3
    Anyone else having problem joining a Windows domain? It times out saying it could not start the service in a timely fashion. Is kinda important to be able to join a domain network to be able to use applications I need at work and access the SQL servers.

    When I look on the server side I see that the computer has been recoginzed and is installed in the active directory. So is this something on the client side? Parallels side?

    TIA
     
  2. mrrrl

    mrrrl Bit poster

    Messages:
    3
    Has anyone been able to join an AD network?
     
  3. owensd

    owensd Bit poster

    Messages:
    3
    Yes, I've been able to successfully join a domain. Has worked for me for a long time now.
     
  4. murdocdv

    murdocdv Junior Member

    Messages:
    16
    I am having the problem, I can't join the domain but I am getting a slightly different error. I am told The remote procedure call failed and did not execute.

    If you run netdiag /d:yourdomainname which is available in the Support Tools which is installable from the Windows CD, you can get a more specific error.

    In my case I am seeing that DsBind cannot complete the RPC call to the domain controller on my subnet.

    This is extremely frustrating, and I have been trying like crazy to troubleshoot the issue to no effect. I am trying to join Win2K3 R2 to the domain as a member server. The Win XP SP2 BootCamp partition has no problem joining the domain.
     
  5. Delphyne

    Delphyne Member

    Messages:
    51
    Are you trying to do with with bridged or host-only networking? If you're using bridged, what's the output of "netstat -a" (with all pertinent info redacted for your privacy...) while attempting to bind?
     
  6. murdocdv

    murdocdv Junior Member

    Messages:
    16
    I tried both bridged and host-only network with internet sharing. Bridged gets the RPC error, host-only with internet sharing resulted in kindof spotty network access.

    I also applied the hotfix mentioned in http://support.microsoft.com/kb/899148/ for Win 2K3 SP1 computers, it didn't help. I then added the Server2003NegotiateDisable registry key to try and disable the RPC packet changes identified in the same KB article, to no effect.

    netstat -a looks like this:
    Proto Local Address Foreign Address State
    TCP MACHINENAME:http WW-DMURDOCKW2K3:0 LISTENING
    TCP MACHINENAME:epmap WW-DMURDOCKW2K3:0 LISTENING
    TCP MACHINENAME:microsoft-ds WW-DMURDOCKW2K3:0 LISTENING
    TCP MACHINENAME:1025 WW-DMURDOCKW2K3:0 LISTENING
    TCP MACHINENAME:1029 WW-DMURDOCKW2K3:0 LISTENING
    TCP MACHINENAME:1056 WW-DMURDOCKW2K3:0 LISTENING
    TCP MACHINENAME:ms-olap1 WW-DMURDOCKW2K3:0 LISTENING
    TCP MACHINENAME:ms-olap2 WW-DMURDOCKW2K3:0 LISTENING
    TCP MACHINENAME:msolap-ptp2 WW-DMURDOCKW2K3:0 LISTENING
    TCP MACHINENAME:4265 WW-DMURDOCKW2K3:0 LISTENING
    TCP MACHINENAME:netbios-ssn WW-DMURDOCKW2K3:0 LISTENING
    UDP MACHINENAME:microsoft-ds *:*
    UDP MACHINENAME:isakmp *:*
    UDP MACHINENAME:1030 *:*
    UDP MACHINENAME:ms-sql-m *:*
    UDP MACHINENAME:ipsec-msft *:*
    UDP MACHINENAME:ntp *:*
    UDP MACHINENAME:netbios-ns *:*
    UDP MACHINENAME:netbios-dgm *:*
    UDP MACHINENAME:ntp *:*

    I was also able to create a clean XP SP2 image and add that to the domain without any problem. One more interesting nugget, once the 2K3 image notifies me of an RPC error when joining the domain, I can see the machine account disabled in AD Users and Computers.
     
  7. murdocdv

    murdocdv Junior Member

    Messages:
    16
    Solution

    I finally found a combination of things that solved this issue for all the VMs running Windows Server 2003 R2 SP1, at least under Parallels Build 1940.

    It involves acquiring a hotfix from Microsoft, installing that hotfix, and then changing a registry setting.

    The hotfix information and the registry key to change are identified in this MS KB article:
    http://support.microsoft.com/?kbid=899148

    Win2K3 SP1 changed the format of RPC packets by design to try to increase performance. However, some VPN and firewall software reject these RPC packets because they are different enough that it doesn't recognize them as RPC packets. It was my theory that the way Parallels networks to the host machine is close enough to a VPN that some bit of their software is rejecting these new RPC packets.

    Turns out I was right, if you install the hotfix, reboot, and then set the registry key and reboot again you can add a Windows Server 2003 SP1 VM to the domain without any problem. Sorry getting this hotfix requires a call to MS.
     

Share This Page