Computers can't join domain - probably DNS issue

Question

I installed and configured an Active Directory Controller (Windows Server 2019), and also did a clean install of Windows 10 Enterprise. Both were installed in Hyper-V and both use the same Private switch.

Domain on the Server is successfully created, it is promoted to a domain controller and DNS server is running. I followed this video: https://www.youtube.com/watch?v=aC-KIVYewAM and this video: https://www.youtube.com/watch?v=XzMDb-ZtzRY to set both up.

However, when I try to join domain on the client, I get the following error:

DNS was successfully queried for the service location (SRV) resource record used to locate a domain controller for domain "testdomain.local":

The query was for the SRV record for _ldap._tcp.dc._msdcs.testdomain.local

The following domain controllers were identified by the query: WIN-A9VDVHB8U8M.testdomain.local

However no domain controllers could be contacted.

I am using the IP address of the server as a primary DNS server for the client and I verified that both can ping each other.

I also tried ping testdomain.local on both client and server, and both fail to resolve the domain. I would get the failure on the client, but how can it fail on the server? Am I missing some record on the DNS server?

This is what my DNS server zone looks like at my server:

DNS Manager

Also ipconfig-all outputs from server:

C:\Users\Administrator>ipconfig -all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : WIN-A9VDVHB8U8M
   Primary Dns Suffix  . . . . . . . : testdomain.local
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : testdomain.local

Ethernet adapter Ethernet:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Hyper-V Network Adapter
   Physical Address. . . . . . . . . : 00-15-5D-26-E1-12
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::b8f7:6aea:3eb4:8957%4(Preferred)
   Autoconfiguration IPv4 Address. . : 169.254.137.87(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.0.0
   Default Gateway . . . . . . . . . :
   DHCPv6 IAID . . . . . . . . . . . : 67114333
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-27-7D-9A-F9-00-15-5D-26-E1-12
   DNS Servers . . . . . . . . . . . : ::1
                                       127.0.0.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

and from the client:

C:\Users\User>ipconfig -all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : DESKTOP-BMP0DM7
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Ethernet:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Hyper-V Network Adapter
   Physical Address. . . . . . . . . : 00-15-5D-26-E1-13
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::9c44:a92d:4d65:50bf%6(Preferred)
   Autoconfiguration IPv4 Address. . : 169.254.80.191(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.0.0
   Default Gateway . . . . . . . . . :
   DHCPv6 IAID . . . . . . . . . . . : 100668765
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-27-7D-A1-8F-00-15-5D-26-E1-13
   DNS Servers . . . . . . . . . . . : 169.254.137.87
   NetBIOS over Tcpip. . . . . . . . : Enabled

Could you please help me resolve the issue? I followed the video step-by-step, yet it isn't working.

If you need any additional info, let me know.

Thanks

EDIT:

Per request:

Ipconfig - server:

C:\Users\Administrator>ipconfig -all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : WIN-A9VDVHB8U8M
   Primary Dns Suffix  . . . . . . . : testdomain.local
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : testdomain.local

Ethernet adapter Ethernet:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Hyper-V Network Adapter
   Physical Address. . . . . . . . . : 00-15-5D-26-E1-12
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::b8f7:6aea:3eb4:8957%4(Preferred)
   IPv4 Address. . . . . . . . . . . : 169.254.137.91(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.0.0
   Default Gateway . . . . . . . . . :
   DHCPv6 IAID . . . . . . . . . . . : 67114333
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-27-7D-9A-F9-00-15-5D-26-E1-12
   DNS Servers . . . . . . . . . . . : ::1
                                       169.254.137.91
   NetBIOS over Tcpip. . . . . . . . : Enabled

ipconfig client:

C:\Users\User>ipconfig -all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : DESKTOP-BMP0DM7
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Ethernet:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Hyper-V Network Adapter
   Physical Address. . . . . . . . . : 00-15-5D-26-E1-13
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::9c44:a92d:4d65:50bf%11(Preferred)
   Autoconfiguration IPv4 Address. . : 169.254.80.191(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.0.0
   Default Gateway . . . . . . . . . :
   DHCPv6 IAID . . . . . . . . . . . : 100668765
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-27-7D-A1-8F-00-15-5D-26-E1-13
   DNS Servers . . . . . . . . . . . : 169.254.137.91
   NetBIOS over Tcpip. . . . . . . . : Enabled

DNS A records:

First record

Second record

Nslookup on client:

C:\Users\User>nslookup testdomain.local
DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  169.254.137.91

Name:    testdomain.local
Address:  169.254.137.91

score 1 · Accepted Answer · answered Dec 29 '20 at 19:48

1

APIPA addresses won't be registered in DNS, so although your zone looks OK, my suspicion is that there's no corresponding A record for the Domain Controller. Therefore the client can't resolve the ip address of the Domain Controller.

Assign the server and the client an ip address in the same subnet of one of the RFC1918 address ranges (take your pick). Make sure that the Domain Controller registers an A record in DNS for the new ip address. Make sure that the server is using the Domain network profile and the Domain firewall profile. Then try to join the client to the domain again.

answered Dec 29 '20 at 19:48

joeqwerty

108,377
6
80
171

Thanks, I manually added A records and now nslookup works on my server and client! However, still, when joining domain I get the same error. – Daniel Dec 29 '20 at 20:07
Post the ipconfig from the server and the client and post a picture of your DNS zone showing the A record for the server. – joeqwerty Dec 29 '20 at 20:14
Hi, I edited the post with both my records, both ipconfigs and also nslookup output from client. – Daniel Dec 29 '20 at 20:18
OK. A couple of things: `1.` Assign the server and client a valid RFC1918 address and stop using the APIPA addresses. `2.` Once you've done that show us the ipconfig output from the server and the client and show us the DNS A records. Make sure to show the A record for the server itself. Your pictures are showing the A records for the domain, but I want to see the A record for the server as well. – joeqwerty Dec 29 '20 at 20:30
How do I set/check the A record for the server? – Daniel Dec 29 '20 at 20:46
In the DNS zone you'll see an A record for the name of the server with the ip address. – joeqwerty Dec 29 '20 at 20:47
Using RFC1918 address worked! Thanks. – Daniel Dec 29 '20 at 21:12
Glad to help... – joeqwerty Dec 30 '20 at 02:54

score 0 · Answer 2 · answered Dec 29 '20 at 19:08

You should set a fixed IP on the DC instead of utilising an autogenerated one. The IP needs to meet the IP range you have setup in your vNet on the hypervisor.

Also set the DNS in the DC's IP settings to this address.

When you run nslookup on the DC it must not return any issues and you should be able to resolve your NETBIOS domain name.

Best setup a DHCP on this DC as well and configure a scope matching your hypervisor's vNet - this will issue a lease to your client VMs with the correct IP address and DNS

I set the IP as static, set DNS server as the server's IP and nslookup for the domain on the server is still not working. — Daniel, Dec 29 '20 at 19:30

Computers can't join domain - probably DNS issue

2 Answers2