0

I have set up PfSense as a router and I have linked two Windows Servers to it. I can ping from SERVER01 to SERVER02 and PfSense can also ping to them. The problem is, on SERVER01 I have set up the Active Directory with domain johann.nl, now I want to add SERVER02 to the domain in that forest.

The error given is: "No records found for given DNS query." with error code 0x0000251D. When I execute nslookup it returns pfSense.localdomain with the IP address I set up. Do I have to edit the PfSense domain, or isn't that necessary? How should I tackle this?

user3239713
  • 121
  • 1
  • 3

2 Answers2

2

In addition to mfinni's answer, I would setup Server01 to be a DNS Server for your domain, and point your DHCP server (I'm guessing PFSense) To hand out that address for DNS. Having Windows manage it's own DNS for services such as AD will greatly reduce your headaches in the future.

MDMoore313
  • 5,531
  • 6
  • 34
  • 73
  • 1
    This will come in handy. But in my case scenario I had my DC with DNS & DHCP installed and then pfsense sometime later. So I basically used the DNS on AD to pfsense which indeed reduced the headache. :) – AzkerM Apr 14 '14 at 12:42
  • I currently have set PfSense to be the DHCP and DNS, or at least, the server01 and server02 their DNS server is PfSense. How should I change this then? I am very new in all this. – user3239713 Apr 14 '14 at 12:45
  • 2
    You change it by changing the properties on the NICs on SERVER01 and SERVER02. Change the DNS server on both to be SERVER01. As I said, this is AD 101. Did you read any MS documentation when you started planning this domain? – mfinni Apr 14 '14 at 12:49
  • @mfinni I am a uni student and this is a kind of extra class, so I am a total beginner when it's about networking and all. I'm sorry about that, I just ran into this and I would like to solve it. Anyhow, thank you for helping me out, and I will try your solution. – user3239713 Apr 14 '14 at 12:51
  • OK - also read the "help" link (it's at the top of every single page on this site.) – mfinni Apr 14 '14 at 12:51
  • @user3239713 uh oh. – MDMoore313 Apr 14 '14 at 12:51
  • I have read the article and my setup is working fine now, thank you very much for your patience! – user3239713 Apr 14 '14 at 13:12
  • 1
    OK - don't forget to mark the correct answer. – mfinni Apr 14 '14 at 13:26
1

This is Active Directory 101 - AD clients have to be using a DNS server that has the records for the DNS domain being used by AD. In most scenarios, this/these DNS servers are also domain controllers, but they're not required to be. They simply need to hold the zone that contains the DC-related records. These have SRV records for LDAP and Kerberos, and also point the domain name to the domain controllers.

Sounds like you have Server02 not using a DNS server that has these records. Either use a different DNS server, or put the correct records into the DNS server.

/Edit - read all of this link before doing anything else. What is Active Directory Domain Services and how does it work?

Community
  • 1
mfinni
  • 35,711
  • 3
  • 50
  • 86