Solved

Unable to Join Windows 8 to Windows 2008 2 domain Controller

Posted on 2016-08-02
9
97 Views
Last Modified: 2016-08-28
I am quite a newbie to system admin world but have sorted out random problems in the past.

I had a task to prepare domain controller which i think i did and create a DC with dns on a windows 2008 R2 as DCPROMO ran fine.

Now i am trying to join Windows 8 To this server but getting this error:


DNS was successfully queried for the service location (SRV) resource record used to locate a domain controller for domain "test.tus.com":
The query was for the SRV record for _ldap._tcp.dc._msdcs.test.tus.com

The following domain controllers were identified by the query: win-iokdrl8pn6l.test.tus.com

However no domain controllers could be contacted.

Common causes of this error include:

Host (A) or (AAAA) records that map the names of the domain controllers to their IP addresses are missing or contain incorrect addresses.
Domain controllers registered in DNS are not connected to the network or are not running.

I have given DNS ip address in the windows 8 machine and able to ping both test.tus.com as well as win-iokdrl8pn6l.test.tus.com. Just to let you know these are completely FRESH INSTALLATIONS AND THERE ARE NO SETTINGS AT ALL.

Finally i went to the server and on server manager was seeing few errors. screenshot is attached below.activedirectory-error.png
I have also ran dcdiag command though i hardly know about it (internet research) and here are the results.dcdiag-results.png
Please help me as i have already spent too much time in research.
0
Comment
Question by:TUS11
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
9 Comments
 
LVL 34

Expert Comment

by:Paul MacDonald
ID: 41739586
If the DC has a firewall, it may be blocking traffic used by Active Directory.  I would start there.
0
 
LVL 16

Accepted Solution

by:
FOX earned 500 total points
ID: 41739608
1.  On the nic of the domain controller  IPV4 properties set the preferred DNS to the same Ip that the domain controller has.
2.  If IpV6 is has a check mark, uncheck it.
3.   On your domain controller turn off all windows firewalls.  On your workstations turn off all windows firewalls
4.   After you have set the preferred DNS to point to itself and possibly a reboot, Go in to Administrative Tools> DNS of the domain controller and look in forward lookups verify if you can see the Domain controller servername with the correct IP
0
 
LVL 16

Assisted Solution

by:FOX
FOX earned 500 total points
ID: 41739642
Go to Administrative Tools>Active Directory Sites and Services>Default First Site Name>Servers, expand your domain controller>right-click NTDS settings and click properties>PUT A CHECKMARK IN GLOBAL CATALOG to set it as a Global catalog
1
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 

Author Comment

by:TUS11
ID: 41742788
@Foxluv - This is reply to your 2nd comment. I am trying your first comment now.Got this error when tried to clicked on Active Directory Sites and Services
error3.png
and when clicked ok, got below screenshot.
err4.png
Please help!

@paulmacd

disabled the firewall at the server. Nothing helped.
0
 

Author Comment

by:TUS11
ID: 41742797
just a point @Foxluv - if i point dns on dc to itself then if tomorrow i want to route traffic through this server itself to the clients attached to this then how will it allow? hence dns should point to the router gateway (which i hope have external dns addresses) or external dns. Just a thought as i think our Windows 2003 server has been configured in similar fashion. Though i am trying your first comment now.
0
 

Author Comment

by:TUS11
ID: 41742820
regarding point 1 it is pointing to itself - as it is 127.0.0.1 and gateway is 192.168.1.1 which i believe is our router.

point 2 - unchecked it though again didnt understand why this is required. this should not be a problem.

point 3 - done on both server and client.

point 4 - there is a A record. verified.

your 2nd comment answer i sent you already.

After performing all this, still same error.
0
 
LVL 16

Assisted Solution

by:FOX
FOX earned 500 total points
ID: 41742827
The proper way is to set up DNS is for the workstations to get their DNS from the domain controller.  The domain controller itself resolves names from its ISP (configure forwarders)

ref link: https://support.microsoft.com/en-us/kb/323380   (same for all versions)
0
 

Author Comment

by:TUS11
ID: 41742836
thats what i was saying. Though will follow your microsoft link. But performed all steps and no luck.
0
 

Author Closing Comment

by:TUS11
ID: 41773681
Thanks alot my friend. You have been great help!
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A company’s centralized system that manages user data, security, and distributed resources is often a focus of criminal attention. Active Directory (AD) is no exception. In truth, it’s even more likely to be targeted due to the number of companies …
Resolving an irritating Remote Desktop connection that stops your saved credentials from being used.
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…

695 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question