Link to home
Create AccountLog in
Avatar of qualityip
qualityip

asked on

Add Server to Domain - DNS Error

I have a new client with a decent server running Windows 2008 R2 Standard that seems to have DNS server issues. Here is what is happening...

I am attempting to create an RDS server in Hyper-V and need to add the server to the domain. Every time I try to add the server to the domain, I receive the following error...

 "The following error occurred attempting to join the domain "heritage": An attempt to resolve the DNS name of a domain controller in the domain being joined has failed. Please verify this client is configured to reach a DNS server that can resolve DNS names in the target domain."

I verified the DNS servers are properly set to 192.168.1.200 on both the VM and the DNS server. I've tried several different names for the new server when adding to the domain.

The results of the NSLookup to the server are:

C:\Users\Administrator>nslookup hifsvr.heritage.local
Server: UnKnown
Address: 192.168.1.200

Name: hifsvr.heritage.local
Address 192.168.1.200

Any ideas?
Avatar of McKnife
McKnife
Flag of Germany image

Hi.

> I've tried several different names for the new server when adding to the domain.

We still don't know, what names :)
example: the NetBIOS domain name is test, the FQDN is test.local - you should try both.
Avatar of qualityip
qualityip

ASKER

When I say different names, I mean I've tried several different names of the server I am adding. For example: HIF-RDS, HIFRDS, RDS-HIF, Heritage-RDS, etc.

I just tried the FQDN as HIF-RDS.heritage.local and received an error saying I cannot include periods in the name.
What is strange is that if I intentionally put the wrong domain name in, I receive a DNS error that says the domain cannot be contacted.

If I enter the correct domain name, I am prompted for a username and password but receive a different DNS error. It seems like the problem may be with the DNS server itself.
Ok, so I got you wrong.
Tell us, what domain name are you trying to add the computer to? And did you try both as I recommended, the NetBIOS and the FQDN one?
Yes, I tried both. the domain name is heritage.local but I am only prompted for a username/password if I try to join the heritage domain (without the .local).
Use the .local when adding the computer to the domain.

On server run ipconfig /registerdns and dcdiag /fix

On server run dcdiag post results
C:\Users\Administrator>dcdiag

Directory Server Diagnosis

Performing initial setup:
   Trying to find home server...
   Home Server = hifsvr
   * Identified AD Forest.
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\HIFSVR
      Starting test: Connectivity
         The host 4ae3c0e9-5071-42a7-925d-f6ea5bfa1f5d._msdcs.heritage.local
         could not be resolved to an IP address. Check the DNS server, DHCP,
         server name, etc.
         Got error while checking LDAP and RPC connectivity. Please check your
         firewall settings.
         ......................... HIFSVR failed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\HIFSVR
      Skipping all tests, because server HIFSVR is not responding to directory
      service requests.


   Running partition tests on : ForestDnsZones
      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test
         CrossRefValidation

   Running partition tests on : DomainDnsZones
      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test
         CrossRefValidation

   Running partition tests on : Schema
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation

   Running partition tests on : Configuration
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidatio

   Running partition tests on : heritage
      Starting test: CheckSDRefDom
         ......................... heritage passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... heritage passed test CrossRefValidation

   Running enterprise tests on : heritage.local
      Starting test: LocatorCheck
         ......................... heritage.local passed test LocatorCheck
      Starting test: Intersite
         ......................... heritage.local passed test Intersite

Open in new window

Alright restart your netlogon service on your DC.

Go into your DNS check to see if you have an msdcs folder under your domain and\or if you have a msdcs.domain.com zone
as requested by dariusg please restart the netlogon service and poost the dcdiag /test:dns
Restarted the NETLOGON server but still no joy. Here is what the DNS Server currently looks like...

User generated image

now when I add a PC to the domain, I receive an error saying that several SRV records are missing including LDAP and TCP.
Weird, now when I type DCDIAG, it no longer runs...
run on DC
ipconfig /flushdns & ipconfig /registerdns & net stop netlogon & net start netogon & net stop dns & net start dns 

Open in new window

and wait for 5 mins
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

C:\Users\Administrator>dcdiag

Directory Server Diagnosis

Performing initial setup:
   Trying to find home server...
   Home Server = hifsvr
   * Identified AD Forest.
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\HIFSVR
      Starting test: Connectivity
         The host 4ae3c0e9-5071-42a7-925d-f6ea5bfa1f5d._msdcs.heritage.local
         could not be resolved to an IP address. Check the DNS server, DHCP,
         server name, etc.
         Got error while checking LDAP and RPC connectivity. Please check your
         firewall settings.
         ......................... HIFSVR failed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\HIFSVR
      Skipping all tests, because server HIFSVR is not responding to directory
      service requests.


   Running partition tests on : ForestDnsZones
      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test
         CrossRefValidation

   Running partition tests on : DomainDnsZones
      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test
         CrossRefValidation

   Running partition tests on : Schema
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation

   Running partition tests on : Configuration
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation

   Running partition tests on : heritage
      Starting test: CheckSDRefDom
         ......................... heritage passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... heritage passed test CrossRefValidation

   Running enterprise tests on : heritage.local
      Starting test: LocatorCheck
         ......................... heritage.local passed test LocatorCheck
      Starting test: Intersite
         ......................... heritage.local passed test Intersite

C:\Users\Administrator>

Open in new window

Do all your DNS servers show nothing more but what's in your screenshot below msdcs? Looks broken to me which would explain a lot.
Yes. This is our only DNS server on our only server. Any way to rebuild the MSDCS folders in Server 08R2 STD?
ASKER CERTIFIED SOLUTION
Avatar of Darius Ghassem
Darius Ghassem
Flag of United States of America image

Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
It appears you have a delegation set up for the _msdcs zone but the zone itself is not there.  Right-click on Forward Lookup Zones > New Zone > Select Primary, AD-integrated > replicated to all DNS servers running on domain controllers in the forest > named "_msdcs.heritage.local" > Allow only secure dynamic updates.  After you click finish, restart the netlogon service and the records should autopopulate in that zone.