Can't connect computer to domain

Question

Can't connect computer to domain

I can not connect a computer to Server 2012 R2. the error message I receive is

Note: This information is intended for a network administrator. If you are not your network's administrator, notify the administrator that you received this information, which has been recorded in the file C:\WINDOWS\debug\dcdiag.txt. The following error occurred when DNS was queried for the service location (SRV) resource record used to locate an Active Directory Domain Controller (AD DC) for domain "sheptock.local":

The error was: "DNS name does not exist." (error code 0x0000232B RCODE_NAME_ERROR) The query was for the SRV record for _ldap._tcp.dc._msdcs.sheptock.local

Common causes of this error include the following:

The DNS SRV records required to locate a AD DC for the domain are not registered in DNS. These records are registered with a DNS server automatically when a AD DC is added to a domain. They are updated by the AD DC at set intervals. This computer is configured to use DNS servers with the following IP addresses: 75.75.76.76

75.75.75.75

One or more of the following zones do not include delegation to its child zone: sheptock.local

local

. (the root zone) From the computer i can not ping or nslookup the server. On the server I am able to ping and do an nslookup. I also have done a DCdiag and that passes all the tests. I have also initiated ipconfig /registerdns. From the server if I run nslookup q=srv to _ldap._tcp.dc._msdcs.sheptock.local that also connects fine. the server is on a comcast Residential Cisco router. Please Help!

I followed the GUI to set up The domain which prompted me to promote the machine. Added the computer I was trying to connect to AD under computer. And added the user I made for the computer under users in AD.

domain-name-system

domain

windows-server-2012-r2

connection

asked on Server Fault Apr 20, 2015 by

Tyler S • edited Apr 20, 2015 by

Tyler S

3 Answers

I thought I recognized those DNS IP numbers.

You have DNS set to use Comcast's DNS, not the DNS that knows anything about sheptock.local. Change the workstation's DNS server to one that knows about steptock.local, including the DC for sheptock.local, and that should help.

You can probably do this in your aforementioned wireless router if you're using it for DHCP.

answered on Server Fault Apr 20, 2015 by

Katherine Villyard

Configure the DNS server on your domain controller to use the public Comcast IP addresses as forwarders only, or allow your DC to use the root hints. All other devices on your network should point to the DNS server on your DC. Your DCs should then point to itself in the network properties.

Once this is all squared, the client that you're trying to add should be able to find your domain controller and join the domain.

answered on Server Fault Apr 20, 2015 by

anuff

You cannot ping Windows 2012 Servers unless you enable it under the Windows Firewall by enabling the File and Printer sharing (Echo request – ICMPv4-In) rule (How to enable Ping in Windows Server 2012 | Thomas Balkeståhl's Blog).

You should also check the firewall rules about Active Directory Domain Services.

answered on Server Fault Apr 20, 2015 by

Dric • edited Mar 4, 2018 by (unknown user)

User contributions licensed under CC BY-SA 3.0