Unable to join domain – ‘The network path was not found’ & Adding domain controller fails

Question

Hello,

I'm getting the attached error while adding the new tree newdomain.com to Forest (domain.com).

Even I tried to join the computers which are in sub-branch network (192.168.10.0) to our Main branch domain still facing the same issue.

Below are the points I have tested.

    *We can ping from AD server from Branch server  
*we can resolve the AD DNS names  
*assigned static IP to New server & added primary DNS as Main DC IP and checked  
*Checked by turning off domain firewall from both ends  
*Tried with enterprise & Domain admin user accounts while adding a tree.  
*Created branch site in active directory sites & subnets and mapped branch network subnet to site.  
*Added & allowed branch subnet(192.168.10.0/24) in domain firewall.  

We are not facing this issue in other branches, we have recently created new DC in one of my sub-branch locations and we didn't face any issue while adding a domain controller.

we are facing this issue only from the particular branch. we have IP Sec tunnel establish from this branch to main branch and nothing restricted. Please suggest

Regards,
Ram

Answer 1

Hello All,

The issue is resolved after the network team allowed the required ports in network firewall.
When we had a call discussion with the network team, they claimed nothing is blocked.
But however when we tested the connection of required ports by using PowerShell, we found connectivity is blocked.

UDP Port 88 for Kerberos authentication,

UDP and TCP Port 135 for domain controllers-to-domain controller and client to domain controller operations.

TCP Port 139 and UDP 138 for File Replication Service between domain controllers.

UDP Port 389 for LDAP to handle normal queries from client computers to the domain controllers.

TCP and UDP Port 445 for File Replication Service

TCP and UDP Port 464 for Kerberos Password Change

TCP Port 3268 and 3269 for Global Catalog from client to domain controller.

TCP and UDP Port 53 for DNS from client to domain controller and domain controller to domain controller

TEST from NEW server to domain controller

Test-netconnection 10.10.10.10 -port 445
Test-netconnection 10.10.10.10 -port 88
Test-netconnection 10.10.10.10. -port 138..........etc

After network team allowed those ports in firewall, we are able to create new tree domain and able to join domain.

If its failed, the windows or network firewall is blocking the ports...!!

Regards,
Ram

Answer 2

FANFAN, %windir%\debug\Netsetup.log

01/11/2021 12:42:22:314 -----------------------------------------------------------------
01/11/2021 12:42:22:314 NetpValidateName: checking to see if 'NEW-PDC' is valid as type 1 name
01/11/2021 12:42:22:314 NetpCheckNetBiosNameNotInUse for 'NEW-PDC' [MACHINE] returned 0x0
01/11/2021 12:42:22:314 NetpValidateName: name 'NEW-PDC' is valid for type 1
01/11/2021 12:42:22:314 -----------------------------------------------------------------
01/11/2021 12:42:22:314 NetpValidateName: checking to see if 'NEW-PDC' is valid as type 5 name
01/11/2021 12:42:22:314 NetpValidateName: name 'NEW-PDC' is valid for type 5
01/11/2021 12:42:22:314 -----------------------------------------------------------------
01/11/2021 12:42:22:314 NetpValidateName: checking to see if 'in.mydomain.net' is valid as type 3 name
01/11/2021 12:42:22:314 NetpValidateName: 'in.mydomain.net' is not a valid NetBIOS domain name: 0x7b
01/11/2021 12:42:24:627 NetpCheckDomainNameIsValid [ Exists ] for 'in.mydomain.net' returned 0x0
01/11/2021 12:42:24:627 NetpValidateName: name 'in.mydomain.net' is valid for type 3
01/11/2021 12:42:46:142 -----------------------------------------------------------------
01/11/2021 12:42:46:142 NetpDoDomainJoin
01/11/2021 12:42:46:142 NetpDoDomainJoin: using current computer names
01/11/2021 12:42:46:142 NetpDoDomainJoin: NetpGetComputerNameEx(NetBios) returned 0x0
01/11/2021 12:42:46:142 NetpDoDomainJoin: NetpGetComputerNameEx(DnsHostName) returned 0x0
01/11/2021 12:42:46:142 NetpMachineValidToJoin: 'NEW-PDC'
01/11/2021 12:42:46:142 NetpMachineValidToJoin: status: 0x0
01/11/2021 12:42:46:142 NetpJoinDomain
01/11/2021 12:42:46:142 HostName: NEW-PDC
01/11/2021 12:42:46:142 NetbiosName: NEW-PDC
01/11/2021 12:42:46:142 Domain: in.mydomain.net
01/11/2021 12:42:46:142 MachineAccountOU: (NULL)
01/11/2021 12:42:46:142 Account: in.mydomain.net\sccmadmin
01/11/2021 12:42:46:142 Options: 0x25
01/11/2021 12:42:46:142 NetpValidateName: checking to see if 'in.mydomain.net' is valid as type 3 name
01/11/2021 12:42:46:142 NetpValidateName: 'in.mydomain.net' is not a valid NetBIOS domain name: 0x7b
01/11/2021 12:42:48:205 NetpCheckDomainNameIsValid [ Exists ] for 'in.mydomain.net' returned 0x0
01/11/2021 12:42:48:205 NetpValidateName: name 'in.mydomain.net' is valid for type 3
01/11/2021 12:42:48:205 NetpDsGetDcName: trying to find DC in domain 'in.mydomain.net', flags: 0x40001010
01/11/2021 12:43:03:220 NetpDsGetDcName: failed to find a DC having account 'NEW-PDC$': 0x525, last error is 0x0
01/11/2021 12:43:03:470 NetpDsGetDcName: status of verifying DNS A record name resolution for 'ADC.in.mydomain.net': 0x0
01/11/2021 12:43:03:470 NetpDsGetDcName: found DC '\ADC.in.mydomain.net' in the specified domain
01/11/2021 12:43:03:470 NetpJoinDomainOnDs: NetpDsGetDcName returned: 0x0
01/11/2021 12:43:03:470 NetpDisableIDNEncoding: using FQDN in.mydomain.net from dcinfo
01/11/2021 12:43:04:486 NetpDisableIDNEncoding: DnsDisableIdnEncoding(UNTILREBOOT) on 'in.mydomain.net' succeeded
01/11/2021 12:43:04:486 NetpJoinDomainOnDs: NetpDisableIDNEncoding returned: 0x0
01/11/2021 12:43:07:424 NetUseAdd to \ADC.in.mydomain.net\IPC$ returned 53
01/11/2021 12:43:07:424 NetpJoinDomainOnDs: status of connecting to dc '\ADC.in.mydomain.net': 0x35
01/11/2021 12:43:07:424 NetpJoinDomainOnDs: Function exits with status of: 0x35
01/11/2021 12:43:08:439 NetpResetIDNEncoding: DnsDisableIdnEncoding(RESETALL) on 'in.mydomain.net' returned 0x0
01/11/2021 12:43:08:439 NetpJoinDomainOnDs: NetpResetIDNEncoding on 'in.mydomain.net': 0x0
01/11/2021 12:43:08:439 NetpDoDomainJoin: status: 0x35
01/11/2021 12:43:08:439 -----------------------------------------------------------------
01/11/2021 12:43:08:439 NetpDoDomainJoin
01/11/2021 12:43:08:439 NetpDoDomainJoin: using current computer names
01/11/2021 12:43:08:439 NetpDoDomainJoin: NetpGetComputerNameEx(NetBios) returned 0x0
01/11/2021 12:43:08:439 NetpDoDomainJoin: NetpGetComputerNameEx(DnsHostName) returned 0x0
01/11/2021 12:4308:439 NetpMachineValidToJoin: 'NEW-PDC'
01/11/2021 12:43:08:439 NetpMachineValidToJoin: status: 0x0
01/11/2021 12:43:08:439 NetpJoinDomain
01/11/2021 12:43:08:439 HostName: NEW-PDC
01/11/2021 12:43:08:439 NetbiosName: NEW-PDC
01/11/2021 12:43:08:439 Domain: in.mydomain.net
01/11/2021 12:43:08:439 MachineAccountOU: (NULL)
01/11/2021 12:43:08:439 Account: in.mydomain.net\sccmadmin
01/11/2021 12:43:08:439 Options: 0x27
01/11/2021 12:43:08:439 NetpValidateName: checking to see if 'in.mydomain.net' is valid as type 3 name
01/11/2021 12:43:08:439 NetpValidateName: 'in.mydomain.net' is not a valid NetBIOS domain name: 0x7b
01/11/2021 12:43:10:689 NetpCheckDomainNameIsValid [ Exists ] for 'in.mydomain.net' returned 0x0
01/11/2021 12:43:10:689 NetpValidateName: name 'in.mydomain.net' is valid for type 3
01/11/2021 12:43:10:689 NetpDsGetDcName: trying to find DC in domain 'in.mydomain.net', flags: 0x40001010
01/11/2021 12:43:14:970 NetpDsGetDcName: failed to find a DC having account 'NEW-PDC$': 0x525, last error is 0x0
01/11/2021 12:43:15:236 NetpDsGetDcName: status of verifying DNS A record name resolution for 'ADC.in.mydomain.net': 0x0
01/11/2021 12:43:15:236 NetpDsGetDcName: found DC '\ADC.in.mydomain.net' in the specified domain
01/11/2021 12:43:15:236 NetpJoinDomainOnDs: NetpDsGetDcName returned: 0x0
01/11/2021 12:43:15:236 NetpDisableIDNEncoding: using FQDN in.mydomain.net from dcinfo
01/11/2021 12:43:16:267 NetpDisableIDNEncoding: DnsDisableIdnEncoding(UNTILREBOOT) on 'in.mydomain.net' succeeded
01/11/2021 12:43:16:267 NetpJoinDomainOnDs: NetpDisableIDNEncoding returned: 0x0
01/11/2021 12:43:16:267 NetUseAdd to \ADC.in.mydomain.net\IPC$ returned 53
01/11/2021 12:43:16:267 NetpJoinDomainOnDs: status of connecting to dc '\ADC.in.mydomain.net': 0x35
01/11/2021 12:43:16:267 NetpJoinDomainOnDs: Function exits with status of: 0x35
01/11/2021 12:43:17:283 NetpResetIDNEncoding: DnsDisableIdnEncoding(RESETALL) on 'in.mydomain.net' returned 0x0
01/11/2021 12:43:17:283 NetpJoinDomainOnDs: NetpResetIDNEncoding on 'in.mydomain.net': 0x0
01/11/2021 12:43:17:283 NetpDoDomainJoin: status: 0x35

Answer 3

If you run "net helpmsg 53"(53 is decimal for 0x35) you can see the error means it cannot find the network path specified.

Check to see if the workstation have access to \ADC.in.mydomain.net\IPC$ when you want to join in.mydomain.net

Answer 4

Go back and check your DNS configuration, that's where the problem is. I spent 2 days with the same problem, my DNS configuration was wrong, once entered again it worked like a charm.

Answer 5

we had the same issue, we flushed the dns then renewed and all worked just fine afterwards.