[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now


DNS Setup Question on a Windows 2008 Server in a AD environment

Posted on 2011-10-27
Medium Priority
Last Modified: 2012-05-12
I know enough about DNS to get me in trouble and I have an account that is expanding locations in an Active Directory Environment.

They currently have 2 locations and are adding a 3rd....  I have a new Windows 2008 R2 server at the new remote location with router access back to the Main Branch.  The new server has not been added to the existing domain.  It is to become a domain controller and will have DNS installed on it as well....  My problem right now is that I cannot get it to see the domain from the remote location so I can get it added and promoted to a DC.  I can ping the address of the existing domain controller(s) at the Main Branch, using their IP addresses, but I cannot ping them using the server name....  I figure it is a DNS issue.

I have added the new servers host address and the IP address of the new network to the Reverse Lookup Zone  to the DNS server at the main branch.

I have the new server at the remote location DNS entry pointing back to the Main Branch DNS server...
What do I need to do to get the Remote Server to be able to see the domain at the Main Branch?
Question by:dwar08
LVL 13

Expert Comment

ID: 37040102
Hmm you could setup a conditional forwarder at the branch and make it send the dns requests to the main office.  Are you on a hardware VPN or are you just traversing the internet?

If the server is not on the domain yet we usually attach it at the main office then deploy it on site.

Author Comment

ID: 37040216
Cisco 1841's via T1 between the branches...  The branches are talking to each other and I can remote via RDP in either direction....  From the Main Branch I can ping the Remote Device using IP or name...  From the remote location I can ping the Domain/DNS controller using IP but not name....

Since the IP addressing was different I figured I didn't want to get DNS entries on the domain by attaching it at the main branch then moving it to the remote location and having to change the IP address when I moved it down there....  I have had issues in the past (I'm sure only because of my inexperience with DNS) by changing an IP address on a DC/DNS server....  
LVL 14

Expert Comment

ID: 37040844
Well a conditional forwarder only helps you when your routing between different domains. I assume your DNS domain is the same between sites.

Basically you should set the server to use the dns server in the main site, this is needed to contact the DNS servers in the main site.
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.


Author Comment

ID: 37040927
@Radweld... Yes the domain is the same between sites....    I have the remote server set as a static address... The gateway is the Cisco router and the DNS servers' first entry is to the DNS server at the main branch and the second entry is to a DNS server at another remote location....  When I put the new server down there I figured this should work, but it isn't for some reason....
LVL 14

Expert Comment

ID: 37041534
Can you ping the remote dc? Can you launch nskookup does this report an error?

Author Comment

ID: 37042052
Yes... From the main branch I can ping the remote server using the IP or the name... (reminder... The remote server is not yet a DC... It is a standalone server that at this point in time is not even attached to the domain)  nslookup from the remote server shows the default server to be the Primary DNS server at the main branch... It identifies it by name and IP address... No errors...

But if I try to ping from the remote server to the DNS server at the main branch using it's name I get an error.... I can ping from the remote server to the DNS serber at the main branch using it's IP address....

 When I try to bring the remote server into the domain, I get the following error:
An Active Directory Domain Controller (AD DC) for the domain 'xxxx' could not be contacted...

Expert Comment

by:Felicia King
ID: 37043348
Is the primary DNS server in the TCP/IP properties of the LAN adapter on the remote server set to the IP of the DC for the domain you wish to join it to?

Accepted Solution

elawad earned 2000 total points
ID: 37043401
try nslookup yourdcname what does it return ???

after this try the ipconfig /fulshdns the ipconfig /registerdns commands and after that try the nslookup and ping the
dc at the main office using its name. if this was successful try to joing the pc to the domain again.  
LVL 14

Expert Comment

ID: 37043634
I think your DNS at the main site is unhealthy, if you go back to the remote site and launch nskookup again


Set type=srv

Then enter your domain name as domain.local or what ever it is, nskookup will report back with the dc that hosts the service records for the domain. These service records are what are queried when you attempt to join the domain.

Problems with ad are nearly always DNS related.

Author Closing Comment

ID: 37049015
I had ran the flushdns command before on this device, but not the registerdns...  After running the commands I was able to ping the DNS server at the main branch using the name....  It then connected right up to the domain and has since been promoted as a DC and DNS server...
Thanks for your help....

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
It’s time for spooky stories and consuming way too much sugar, including the many treats we’ve whipped for you in the world of tech. Check it out!
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Suggested Courses

873 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question