The reason for Microsoft recommending that
you use use ISA to publish OWA to the Internet is to overcome the
"counterintuituve" feeling you're having re: exposing a server on the
LAN directly to the Internet (at least, at layer 3).
I wouldn't put my backend server hosting the other Exchange roles
into the DMZ, if for no other reason than I don't think I'd want to
expose my firewall device to all the Outlook client traffic from
computers on the LAN.
If you're not comfortable with exposing the server hosting OWA and
ActiveSync at layer 3, grab some open source HTTP proxy and put it in
place between the Internet and the LAN to proxy HTTP into OWA.
Starwind Software Developer
What have this to do with my question?:)
Can you ping the domain controllers using their FQDN? If so, can you telnet to the DC on some of the AD ports such as 53 (DNS) 389 (LDAP) and 445 (SMB)?
The above tests should rule out network connectivity and firewall issues. Next step is to check the account you're using to join the domain. If that's fine then I'd re-sid the machine and try again
Thanks for the answers:)
When I deploy the server I know it have network connection.
I also know that the user I use in the customization is OK (because I use this on other templates windows 2003 server and it works), and I can join the server to the domain with the same user, after the deploying is finished.
I can ping DC with FQDN and telnet to all the ports you say.
In the Customization wizard it is an option that says "Generate New Security ID (SID)" that I have marked on. So I guess that is OK?
Some other suggestions?:)
what error message do you get?
Only other suggestion without an error message is to check in AD for an already existing computer account with the same name as the VM you are trying to join to the domain. If it exists remove it & try again.
Is no similar name in AD.
I don't get any error messages, so I'm stuck:(
The only thing is that it wil not join the domain when the customization is going on. Maybe the hole customization is f....? I have tried to make you aswell, but no changes.
It seems that it can't activate windows ether. Although I have license. I use a MAK license.
Maybe it's something new you have to do in VC to customize Windows Server 2008 R2?
oh okay. What happens if you manually try to join it to the domain after you deploy the template?
I've had a similar activation issue before with a MAK key. I resolved it by re-entering the license key, so I'd try that. As a side note, I've also had issues in Vista where when I was behind a proxy ser ver (Bluecoat in this instance) I couldn't activate and I had to get on the phone to get it activated.
I can join the domain after deployment without any problems:)
And if I re-entering the same MAK key, I can activate without any problems.
The only problem is that this should have been done in the customization/deployment of the server:)
One last thing I'd suggest, if you're customizing using an existing template, is to try stepping through the customization wizard manually and see if it makes a difference. A possible workaround for the activation issue could be to create a script to use in the "Run Once" step of the wizard which activates windows online (e.g. http://www.activexperts.com/activmonitor/windowsmanagement/scripts/desktop/windowsactivation/#AWOnline.htm) however it's not an ideal solution.
Alternatively try copying the CAB for 2008 r2 sysprep to your vCenter server again and see if it makes a difference.
Sorry I can't be of more help, hopefully someone else can.
Has anyone come up with an answer as to why the 2008 R2 server will not join the domain during the customization process? There is nothing stating errors in the c:\windows\temp\vmware-imc folder. It appears that everything runs successfully. I wonder if there is somehting with the 64 bit R2 that causes the issue? I am going to keep digging, if anyone has come across this and has solved or opened a case please post. Thanks!
I know this isn't of much help, but Rod, I'm having the exact same issue with a Server 2008 R2 x64 template and a guest customization. If I use the exact credentials as specified in the customization, I can join the domain, no problems. Obviously, that's a solution, but I'd much rather this work from beginning to end rather than require manual intervention post deployment.
I have yet to try with a Server 2008 x64 template (building as we speak) but I'll reply to myself when I determine if that works or not.
Have you guys tried to enter the Domain not using the NetBIOS name? In other words ... please try entering the FQDN for the domain.
Also make sure that the login is entered with the UPN and not the pre-Windows 2000 format , in other words: username@FQDN instead of DOMAIN\User
i had the same problem with Windows Server 2008 64Bit.
With FQDN for the domain and UPN for User (username@FQDN) it works fine.
Thank you lanalyzer.