Adding a machine to a domain, but having issues with a DNS server

All our machines are connected to a VPN if they aren't on our local network, we've had no issues over the domain before.

So I get a laptop and try to connect it to the domain, do the same thing I do on all other machines (for laptops we set it as Local Network > VPN > Google DNS):

1- Configure the DNS:

It was a laptop, so I added the following, Local network (192.168.123.321), the VPN (10.1.2.3) and then the google DNS server (8.8.8.8).

2- Head over to the advanced settings and open Network ID:

"bar-technology.local":

The error was: "DNS name does not exist."
(error code 0x0000232B RCODE_NAME_ERROR)

The query was for the SRV record for _ldap._tcp.dc._msdcs.bar-technology.local

Common causes of this error include the following:

- The DNS SRV records required to locate an AD DC for the domain are not registered in DNS. These records are registered with a DNS server automatically when an AD DC is added to a domain. They are updated by the AD DC at set intervals. This computer is configured to use DNS servers with the following IP addresses:

8.8.8.8
10.1.2.3
192.168.123.321

- One or more of the following zones do not include delegation to its child zone:

bar-technology.local
local
. (the root zone)

I have never had the issue on a device with the domain before, and I cant figure out what's wrong? Its currently on the local network, so I tried running it like its on the local network, nothing.

So what do I do from here?

(

192.168.123.321 is the domain and DNS server

10.1.2.3 is the domain and DNS server on the VPN

8.8.8.8 is the google DNS server

bar-technology.local is the domain (I also tried the NetBIOS name BAR-TECHLOCAL)

)

Make sure that the first server in your list knows about your AD domain. Since Windows supports per-interface DNS servers, make sure the VPN interface has higher priority than the LAN interface, and that bar-technology.local is among the configured per-interface domain suffixes.

When you configure multiple DNS resolver addresses on a single interface, they're only tried in case of temporary failure – either if a request timed out and failed to produce a reply at all, or if the reply was along the lines of "server failure".

"No such domain", however, is a permanent error and does not cause a retry. In fact the negative reply even gets cached by the OS.

In other words: If the system starts with your LAN server (192.168.x) and receives a reply "bar-technology.local doesn't exist", that's it – it will not keep trying other DNS servers; it will just accept that the domain doesn't exist.

(Using *.local for anything but mDNS is also a bad idea, but probably too late to rename…)