Results 1 to 5 of 5

Thread: Unable to join AD domain from DMZ network

  1. #1
    Join Date
    Sep 2005
    Posts
    229

    Unable to join AD domain from DMZ network

    We are on Windows 2003 AD Domain and want to allow user account authentication from DMZ to 2003 AD internal network. But when we try to join AD domain from the server in DMZ, we get an error message that states "The RPC Server is unavailable". I worked with the network guy and for testing purpose, he allowed any traffic between DMZ to the internal network and no traffic was being denied. So, we moved forward to next solution for setting up Ethernal and captured traffic from the server in DMZ when tried to join AD domain. We got one error in the Etherbak capture log that stated "STATUS_ACCESS_DENIED, Error: STATUS_ACCESS_DENIED". Can anyone tell me what is causing this issue?

  2. #2
    Join Date
    Aug 2006
    Posts
    221

    Re: Unable to join AD domain from DMZ network

    I have checked some enviroments where this is necessary. Only think of the security, you are are putting a DC into a zone, it can be accessed from outsiders and the internet. You should not go that way. CAn you note the requirements down and see whether you cannot do it with ADAM, now AD-LDS or ADFS. You can try to put a DC into the DMZ which is not a good idea in general.

  3. #3
    Join Date
    Nov 2008
    Posts
    49

    Re: Unable to join AD domain from DMZ network

    Use PortQueryUI.. U will have better Idea.

    Kidding.. Ask ur netwok team to open All ports from Untrust to TRUST :)
    =====
    Kumar

  4. #4
    Join Date
    Jun 2011
    Posts
    1
    Well, I’m running the same situation. DC 2008 r2 enterprise in the internal, subnet 10.1.2.0/24. Exchange server in the DMZ on subnet 192.168.10.0/24.
    All ports and FW roles setup in accordance with Microsoft recommendation.
    Can ping both ways from/to DC to Exchange server. When trying to join the Exchange server to the domain, get message "Network path was not found"
    Any ideas?

    Thanks,

    Danny.

  5. #5
    Join Date
    Dec 2007
    Posts
    1,599

    Re: Unable to join AD domain from DMZ network

    Quote Originally Posted by dannykor View Post
    Well, I’m running the same situation. DC 2008 r2 enterprise in the internal, subnet 10.1.2.0/24. Exchange server in the DMZ on subnet 192.168.10.0/24.
    All ports and FW roles setup in accordance with Microsoft recommendation.
    Can ping both ways from/to DC to Exchange server. When trying to join the Exchange server to the domain, get message "Network path was not found"
    Any ideas?

    Thanks,

    Danny.
    First of all you will have to make it sure that your Dns is configured properly and verify your SRV records. After that try disabling the firewall and Antivirus Application for a while on the Windows 2008 server and try. After that perform a Dcdiag and see if you find and errors, if at all you are not able to troubleshoot please post the dcdiag results we will help you. If the above solutions doesnt helps try a clean boot.

Similar Threads

  1. network path was not found when trying to join domain
    By RW in forum Windows Server Help
    Replies: 6
    Last Post: 29-08-2009, 05:16 AM
  2. Network ports required to join system to domain
    By Omar in forum Active Directory
    Replies: 2
    Last Post: 19-04-2009, 04:28 PM
  3. Unable to resolve DNS name while trying to join domain
    By tmosely in forum Windows Server Help
    Replies: 3
    Last Post: 14-12-2008, 11:51 PM
  4. Unable to join domain
    By Richard Mueller [MVP] in forum Windows Server Help
    Replies: 4
    Last Post: 23-04-2007, 01:07 AM
  5. Unable to join client to domain
    By Victor Kam in forum Small Business Server
    Replies: 1
    Last Post: 08-01-2007, 07:47 PM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Page generated in 1,656,840,685.93158 seconds with 17 queries