无法加入域?

tag-icon tag-icon windows-server-2008 microsoft-forefront-2010
无法加入域?

我在将 Windows Server 加入域时遇到了困难,我知道可能是什么问题吗?

我怀疑这个 DR 内部站点和部署了 Forefront TMG 2010 的 DMZ 之间有防火墙?

DCDiag /s: result:

Directory Server Diagnosis

Performing initial setup:
   [DCDNS01.domain.com] LDAP bind failed with error 1326,
   Win32 Error 1326.
   Server DCDNS01.domain.com resolved to these IP addresses: 192.168.127.10,
   but none of the addresses could be reached (pinged). Please check the
   network.
   Error: 0x2b02 "Win32 Error 11010"
   This error more often means that the targeted server is shutdown or
   disconnected from the network.

好的,从 portqry 我得到以下结果,而其余的则退出并返回代码0x00000000意思是没问题?那么为什么有些退出代码是 1 和 2 呢?

UDP port 389 (unknown service): LISTENING or FILTERED

Using ephemeral source port
Sending LDAP query to UDP port 389...

LDAP query to port 389 failed
Server did not respond to LDAP query

portqry.exe -n 192.168.12.5 -e 389 -p BOTH exits with return code 0x00000001.
=============================================

 Starting portqry.exe -n 192.168.12.5 -e 53 -p BOTH ...


Querying target system called:

 192.168.12.5

Attempting to resolve IP address to a name...


IP address resolved to DR-DCDNS01-vm.domain.com

querying...

TCP port 53 (domain service): LISTENING

UDP port 53 (domain service): LISTENING or FILTERED

Sending DNS query to UDP port 53...

DNS query timed out
portqry.exe -n 192.168.12.5 -e 53 -p BOTH exits with return code 0x00000002.
=============================================

 Starting portqry.exe -n 192.168.12.5 -e 88 -p BOTH ...


Querying target system called:

 192.168.12.5

Attempting to resolve IP address to a name...


IP address resolved to DR-DCDNS01-vm.domain.com

querying...

TCP port 88 (kerberos service): LISTENING

UDP port 88 (kerberos service): LISTENING or FILTERED
portqry.exe -n 192.168.12.5 -e 88 -p BOTH exits with return code 0x00000002.
=============================================

 Starting portqry.exe -n 192.168.12.5 -e 138 -p UDP ...


Querying target system called:

 192.168.12.5

Attempting to resolve IP address to a name...


IP address resolved to DR-DCDNS01-vm.domain.com

querying...

UDP port 138 (netbios-dgm service): LISTENING or FILTERED
portqry.exe -n 192.168.12.5 -e 138 -p UDP exits with return code 0x00000002.
=============================================

 Starting portqry.exe -n 192.168.12.5 -e 42 -p TCP ...


Querying target system called:

 192.168.12.5

Attempting to resolve IP address to a name...


IP address resolved to DR-DCDNS01-vm.domain.com

querying...

TCP port 42 (nameserver service): FILTERED
portqry.exe -n 192.168.12.5 -e 42 -p TCP exits with return code 0x00000002.

任何形式的帮助将不胜感激。

答案1

如果主机服务器和域控制器之间有防火墙,则需要确保防火墙配置为允许适用的流量在它们之间通过。Microsoft 有一个关于所需内容的知识库:

http://support.microsoft.com/kb/179442

相关内容