Why can't I add a server as a child domain to an existing forest?

I'm trying to add a server (Server B) as a child domain to an existing forest.  The server was originally setup as a domain controller to replace the on prem domain controller, but was later decided to make is a child of the forest since the NAS on site can communicate with multiple domains of the same forest. I have removed the ADDS role and demoted the server. The old domain controller has a functional level of Windows Server 2012 R2 and the domain is called XYZ.com. This server was originally setup on a 192.168.60.0/24 network. IT Management has setup the new server (Server B) on a 10.10.16.0/22 network and want to make it a child so that it's domain would be abc.xyz.com. Management has also added a 10.10.16.x IP address on XYZ. On XYZ, I have setup a new site in AD Sites and Services with the 10 subnet and have renamed the original Site for clarity and have set it up with it's 192 subnet. Both servers are manually configured with IP/Subnet Mask/Default Gateway/DNS. Both servers have 2 IPs, one on the 10 network and one on the 192 network. From Server B, I can ping xyz.com by IP but not by name. When I try by name, the replys come from the hosted website. Each network has it's own default gateway. I then go to server B and add the AD DS role and then proceed to Promote the server. I choose the option to "Add a new domain to an existing forest". The "Select domain type" is set to Child Domain. I click on the Select button next to parent domain name where it asks me for credentials. I enter xyz\admin for the user name and enter the password. It performs a search for a domain on the forest and finds xyz.com. I choose the domain and for the next line that says "New domain name:" I enter ABC and hit the next button at which point I get a Pop up that says Could not log onto the domain with the specified credential. Supply a valid credential and try again." I verified that xyz\admin is an Enterprise Administrator. I have also tried removing the .com on the parent domain since maybe it's going to the hosted site instead of the domain, but I get the same message. Not understanding why it was able to find the domain in the first place if the credentials weren't valid and not sure where to go from here. This procedure had no issues in my lab environment, but my lab did not have a publicly hosted site nor did it have more than one gateway.