<div>
What DNS servers have you configured the server to use?<br />
<br />
What DNS servers have you configured the Domain Controller to use?<br />
<br />
What are these servers in the context of your network? 10.1.100.21 and 10.1.100.11?<br />
<br />
Chris
</div>


<div>
Sorry, scratch the first question, it's Friday and it's late :) The others apply as it suggests either:<br />
<br />
1. Your DNS servers are just wrong<br />
2. The DNS servers are right, but something is preventing the DCs registering records. The most likely is that the DCs don't have the right DNS servers configured.<br />
<br />
Chris
</div>


<div>
I would suggest inspecting DNS as suggested.<br />
<br />
Then check your DCs event logs and ensure you don't have any unexplained errors there <br />
<br />
Then, run DCDIAG /C /E /V on the DC. &nbsp;resolve any unexplained errors.
</div>


<div>
Chris,<br />
<br />
In answer to your questions:<br />
<br />
What DNS servers have you configured the Domain Controller to use?<br />
&nbsp; My primary and secondary Domain Controllers are using each other for DNS<br />
<br />
What are these servers in the context of your network? 10.1.100.21 and 10.1.100.11?<br />
&nbsp; These are my primary and secondary Domain Controllers
</div>


<div>
Excellent.<br />
<br />
Did you manage to run DCDiag as Lee advised?<br />
<br />
You can test a few basic things as well, but perhaps it's simpler to open the DNS console and say what you see. I'd expect you to have a Forward Lookup Zone for your internal domain name, and another for _msdsc.&lt;internal.domain.na<wbr />me&gt;. Do you see those?<br />
<br />
Chris
</div>


<div>
Lee W,<br />
<br />
I inspected event logs and no related errors existed. &nbsp;DCDIAG /C /E /V passed all tests.<br />
<br />
Scott
</div>


<div>
Chris,<br />
<br />
Yes, I have inspected event logs and no related errors existed. &nbsp;DCDIAG /C /E /V passed all tests.<br />
<br />
I have both forward lookup zones as you described.<br />
<br />
Scott
</div>


<div>
All,<br />
<br />
On a whim, I disabled the IPV6 protocol and was able to successfully join the domain.<br />
Any thoughts?<br />
<br />
Scott
</div>


<div>
It probably ended up trying to look-up the AAAA record for the server. If there's a firewall / router between the client and server and you don't really support IPv6 that might be problematic.<br />
<br />
Chris
</div>


<div>
I believe that am going to need IPV6 as this server is being set up to be an access server. &nbsp;Any further thoughts on how to resolve the IPV6 contentions?
</div>


<div>
Sorry, bit of a late reply.<br />
<br />
I'd say, either:<br />
<br />
1. Fully embrace IPv6, support it all the way across the network. To be honest that statement makes me chuckle a bit, it's hard to get traction on something like that unless you're in charge of every intermediate networking device.<br />
<br />
Or:<br />
<br />
2. Disable IPv6 on the client-side. That should prevent it looking for AAAA records in the first place and preferring IPv6 as a means of connecting.<br />
<br />
Finally, access server as in acting as a terminal server? Hosting that on a Domain Controller is far from advisable.<br />
<br />
Chris
</div>


<div>
Chris,<br />
<br />
I do have control of the entire network and had enabled IPv6 based on Microsoft's pre-configuration requirements for DirectAccess. &nbsp;I would prefer not to use it. &nbsp;Are you saying that's possible. &nbsp;This server will be in a role of a DirectAccess server only and will not be a DC.<br />
<br />
Thanks,<br />
<br />
Scott
</div>


<div>
Ahh I'm with you, this thing you're trying to join must support IPv6. How about the Domain Controllers? Are they on the same network segment or do you have to traverse firewalls / routers to get to them?<br />
<br />
Chris
</div>


<div>
The IPv6 address returned by nslookup responded to a ping. for my domaoin. &nbsp;The ping to my DC at my domain returns a can't find message.
</div>


<div>
<div class="content wysiwyg-content">
When I try to join newly built Windows Server 2012 R2 to a domain I get the following message:<br />
<br />
The following error occurred when DNS was queried for the service location (SRV) resource record used to locate an Active Directory Domain Controller (AD DC) for domain &quot;tlith.com&quot;: The error was: &quot;DNS name does not exist.&quot; (error code 0x0000232B RCODE_NAME_ERROR) &nbsp;The query was for the SRV record for _ldap._tcp.dc._msdcs.tlith<wbr />.com <br />
Common causes of this error include the following:<br />
- The DNS SRV records required to locate a AD DC for the domain are not registered in DNS. These records are registered with a DNS server automatically when a AD DC is added to a domain. They are updated by the AD DC at set intervals. This computer is configured to use DNS servers with the following IP addresses:<br />
10.1.100.21<br />
10.1.100.11<br />
- One or more of the following zones do not include delegation to its child zone:<br />
tlith.com<br />
com<br />
. (the root zone)<br />
<br />
<br />
How do I troubleshoot this?<br />
<br />
Thanks,<br />
<br />
Scott
</div>
</div>


When I try to join newly built Windows Server 2012 R2 to a domain I get the following message:

The following error occurred when DNS was queried for the service location (SRV) resource record used to locate an Active Directory Domain Controller (AD DC) for domain "tlith.com": The error was: "DNS name does not exist." (error code 0x0000232B RCODE_NAME_ERROR)  The query was for the SRV record for _ldap._tcp.dc._msdcs.tlith.com 
Common causes of this error include the following:
- The DNS SRV records required to locate a AD DC for the domain are not registered in DNS. These records are registered with a DNS server automatically when a AD DC is added to a domain. They are updated by the AD DC at set intervals. This computer is configured to use DNS servers with the following IP addresses:
10.1.100.21
10.1.100.11
- One or more of the following zones do not include delegation to its child zone:
tlith.com
com
. (the root zone)


How do I troubleshoot this?

Thanks,

Scott

Need help joining a domain

The Domain Name System (DNS) is a hierarchical, globally distributed system responsible for associating the name of a computer, service or other resource into an IP address for connecting to the Internet or a private network. Most prominently, it translates domain names to the numerical IP addresses needed for the purpose of computer services and devices worldwide.

Active Directory (AD) is a Microsoft brand for identity-related capabilities. In the on-premises world, Windows Server AD provides a set of identity capabilities and services, and is hugely popular (88% of Fortune 1000 and 95% of enterprises use AD). This topic includes all things Active Directory including DNS, Group Policy, DFS, troubleshooting, ADFS, and all other topics under the Microsoft AD and identity umbrella.