Amazon Web Services - AD Connector (Directory Services)

Hi,
I'm trying to run a Hybrid Infrastructure with the combination of On premise and AWS Cloud. So far I have successfully created the VPC and establish VPN connection with my local infrastructure. My next task is to deploy desktops on AWS WorkSpaces for which I would like those desktops to join the local AD, as a result I need to configure AWS "Directory Service"

During the process of creating the AWS AD Connector I get the error below.

The Status transition reason is as follow:
Configuration issues detected: SRV record for LDAP does not exist for IP: 192.168.x.x, SRV record for Kerberos does not exist for IP: 192.168.x.x, SRV record for LDAP does not exist for IP: 192.168.x.x, SRV record for Kerberos does not exist for IP: 192.168.x.x. Please verify existing configuration and retry the operation.

Please help me...

Thanks
BaaziAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Zephyr ICTCloud ArchitectCommented:
This means that the AD connector can't reach the DNS servers that you specified when connecting to your directory.

You need make sure you have at least following ports open in the firewall if you're using an on-premises directory:
TCP/UDP 53 - DNS
TCP/UDP 88 - Kerberos authentication
TCP/UDP 389 - LDAP
BaaziAuthor Commented:
Hi,
Ports are open and Also ran a test that Amazon provides. So thats not the issue. I know you pull that out from their pre req. if you search further on their site you will find a link pointing to Microsoft. It isn't help full.
Zephyr ICTCloud ArchitectCommented:
Ok, but still, these errors point to the fact that communication with DNS doesn't seem to be working. Did you verify all DNS settings?

Can you reach your DNS server from the workspace PC if and when VPN is connected for example?
Can you perform nslookup of your domain?
Defend Against the Q2 Top Security Threats

Were you aware that overall malware worldwide was down a surprising 42% from Q1'18? Every quarter, the WatchGuard Threat Lab releases an Internet Security Report that analyzes the top threat trends impacting companies worldwide. Learn more by viewing our on-demand webinar today!

BaaziAuthor Commented:
Hey Bud thanks for trying but DNS isn't an issue - I spun up an instance on Amazon VPC and used a troubleshooting tool that Amazon provides for  DNS testing- it pass the test. I'm stuck with SRV record error.
BaaziAuthor Commented:
Yes I can do nslook up from an Amazon server

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Zephyr ICTCloud ArchitectCommented:
Weird, didn't have that issue with my setup ... Let me test a few things.
BaaziAuthor Commented:
because no one else could answer my question.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
AWS

From novice to tech pro — start learning today.