We help IT Professionals succeed at work.

We've partnered with Certified Experts, Carl Webster and Richard Faulkner, to bring you two Citrix podcasts. Learn about 2020 trends and get answers to your biggest Citrix questions!Listen Now


Connecting to a Domain Controller Failure

ANGELA11 asked
Medium Priority
Last Modified: 2012-08-14
Hello Experts,

Hope you are all  having a good day :-)

I setup a Windows 2003 Standard Edition Server for a test lab.
Machine Name: Corlocqa1
Domain Name: corkloc.nai.org
This is on a private network
I installed Active directory and it all seems to be fine. I then add a machine to active directory.
However from the client machine when i tried to join the domain corkloc.nai.org i got the following error.

The following error occurred when DNS was queried for the service location (SRV) resource record used to locate a domain controller for domain corlocqa1.corloc.nai.org:

The error was: "DNS server failure."
(error code 0x0000232A RCODE_SERVER_FAILURE)

The query was for the SRV record for _ldap._tcp.dc._msdcs.corlocqa1.corloc.nai.org

Common causes of this error include the following:

- The DNS servers used by this computer contain incorrect root hints. This computer is configured to use DNS servers with following IP addresses:

- One or more of the following zones contains incorrect delegation:

. (the root zone)

Can you please advise as to where i have gone wrong. This is my first shot at setting up a Domain Controller.

Many thanks in Advance
Watch Question

run DCPROMO to remove active directory then run it again to add it
DCPROMO will offer to configure DNS for you, say yes and go to lunch
Once you finish lunch the DCPROMO should be done and ready for rebooting, then you'll have a working set of zone files
Active Directory zone file, you'll never get it right making it by hand

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts


Thank you F umar i will try that right away and report back :-)
Another point...  

After you remove active directory, and before you run DCPROMO again....do this

Go into TCP/IP properties on the server.  Make sure that you set DNS to point to (and no other address)

Now run DCPROMO on the server and choose to instal the DNS service locally (this is the default option)

I just reread your post, you say that AD is running fine on the server.  This can only be true if the DC / DNS server is pointed properly. Maybe the only problem is that you client isn't pointed to your Internal Windows 2003 DNS server.

All clients and members of an Active directory domain must use the internal Windows 2003 DNS server.  This is because DNs is required to properly "talk" to the domain.

Therefore, you must point your client to the IP address of the DNS Windows 2003 DNS server.  

Server DC  NAme: Server1
DNS: or

Client NAme:  Client1
DNS:  <-- must be pointed to internal Windows 2003 DNS server and no other DNS servers should be listed.

if u r using dhcp for ip configuration then configure scope options 006 for DNS servers and authorize it for the domain.

i think he has configured correct dns so why he can be able to resolve "corkloc.nai.org"
u should go with dcpromo
Another thing:  When you name your windows 2003 domain name, pick a name that is not registered on the internet...  for example company.local or company-int.local or company.inside or company.int

If you name your Windows 2003 domain that exact same name as your registered internet domain name, you will have problems resolving your internet web pages from inside your network.  (This problem can be resolved by manually creating records for your external web sites on your local DNs servers...but its a pain)


Hi Folks,

While running dcpromo at the DNS Registratio Diagnostics (My DNS on server is
I got the following error:

Diagnostic Results
The registration diagnostic has been run 3 times.

The wizard could not determine the name and address of the DNS server with which this domain controller will be registered.

For more information, including steps to correct this problem, see Help.

The SOA query for _ldap._tcp.dc._msdcs.corkloc.nai.org to find the primary DNS server returned:
 DNS server failure.
(error code 0x0000232A "RCODE_SERVER_FAILURE")

Any ideass ???

it seems your computer is pointing to your isp dns, point your dns to internal ip not but the static ip which u configured like also check the binding order.

When you run dcpromo on the first domain controller in a new domain it gives you the option of making it a DNS server as well, make sure you read through the wizard carefully and look for that option. There has to be atleast one local DNS server in the domain.
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.


Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.