Domain Joining - DNS errors, Can't seem to figure it out.

We have a client that is we are converting to a domain, from a server/domain controller/workgroup PC's to one domain.

We turned setup the DNS and DHCP servers on the server, and turn that off on the Comcast box and the wireless router.  Internet works, the workstations can ping the server/access shared folders, but we get the attached DNS error when trying to join each station to the domain.
IMG-2821-copy.jpg
DirecttechitAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
Bruno PACIConnect With a Mentor IT ConsultantCommented:
Hi,

It looks like you made a DNS misconfiguration on your clients. IT's a typical error that is usually done.

When a computer is member of an internal domain this computer must NEVER BE configured to interrogate external DNS server. The computer must ONLY interrogate internal DNS servers, thoses that host the Active Directory DNS zone.

If the computer must also be able to resolve external names, then you must configure a DNS forwarder on your internal DNS server, but anyway the internal machines that are domain member (workstations, servers, domain controllers) MUST NEVER be configured with an external DNS server in thier IP settings.

To explain exactly why this configuration can not work I wrote an article that explains some DNS behavior. If you have time you should take a look at it: http://www.experts-exchange.com/Networking/Protocols/DNS/A_11136-Some-important-DNS-concepts-for-good-diagnosis-and-good-configuration.html

Have a good day.
0
 
Cliff GaliherCommented:
Make sure your domain controllers are the ONLY dns servers your clients use. That means making sure your DHCP server is configured properly for dynamic clients and that your static clients are properly configured. If you have ISP or other DNS servers configured, lookups will fail.
0
 
EMJSRCommented:
To clarify, make sure the client's DNS server is your DNS server's IP. So the DNS server address for the clients (obtained by DHCP or static) should be in the LAN range; so if your Windows server is on 192.168.0.10, then your clients need to use that as the DNS server.

Additionally look at the following options within the clients TCP/IP config (Local Area Connection) for IPv4 under Advanced (see attachment). You might want to change the option I have selected and give that a try, especially if your server has a static IP.
example.PNG
0
Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

 
Sajid Shaik MSr. System AdminCommented:
check are you able to ping DNS server with domain name..

check in DNS do you have reverse look up zone created..?

check on the work station ..

go to command prompt

type

nslookup

if it's gives proper information..

then try is there any firewall on the workstation enable if yes disable it...

or the traffice is passing through any devise.. .which is having firewall capabilities... then disable it...

all the best
0
 
EMJSRCommented:
Yep, which is what I stated above. The DNS server IP for client workstations in a domain environment has to correspond to the Windows server's IP address that is running the DNS server service.
0
 
DrDave242Commented:
In addition to what's already been said, you may want to specify the full DNS domain name (e.g., eworks.local rather than simply eworks) when attempting to join it.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.