Can't find Domain Controller

Well. Your nslookup is using a 2001: IPv6 address for DNS.  Which is not lo k-local and may not be your DC.

So the first thing I'd be checking is that you listed the appropriate DNS servers on NIC of the machine failing to look up.

AD rule of thumb. Only use DCs for DNS.

Does the TS server have DNS configured to the DC server's address (Since it has a fixed IP addr. it doesn't get the DNS server IP address from DHCP ) ? If not, which I'm guessing I'm right about since it says so in the NSLOOKUP prompt - it doesn't know to send it's NSLOOKUP requests to W2016DC but it can find the other server using WINS.

 Configure the W2016TS's network settings to use W2016DC's IP as the Prefered DNS server (you can still use your ISP's DNS as secondary) and use NSLOOKUP again to query - it should work.

 While you'r at it - configure DHCP IP range to include that server as main DNS for that range

Here is TCPIP info on both servers.

"(you can still use your ISP's DNS as secondary)"

I'm going to disagree with that suggestion. In an AD environment, only DNS servers that have the AD zones should ever be used. Primary. Secondary. Other.  Full stop.

Use ipconfig /all

Cleaner to read. Easier to cut and paste. Shows information that screengrabs don't.

I'll reiterate that you had at least one nslookup usongng a public 2001 IPv6 address which points to some (mis) configuration there.

From DC:
Windows IP Configuration

   Host Name . . . . . . . . . . . . : W2016DC
   Primary Dns Suffix  . . . . . . . : kn.local
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : kn.local

Ethernet adapter Ethernet:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Hyper-V Network Adapter
   Physical Address. . . . . . . . . : 00-15-5D-01-8B-04
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2607:fcc8:d642:fbe1:59c1:55c6:5bc1:fbfe(Preferred)
   Link-local IPv6 Address . . . . . : fe80::59c1:55c6:5bc1:fbfe%2(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.0.10(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : fe80::5ed9:98ff:fe5c:75b8%2
                                       192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 50337117
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-23-7E-06-C4-00-15-5D-01-8B-04
   DNS Servers . . . . . . . . . . . : ::1
                                       127.0.0.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

From TS:
C:\Users\Administrator>ipconfig /all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : W2016TS
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Ethernet:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Hyper-V Network Adapter
   Physical Address. . . . . . . . . : 00-15-5D-01-8B-05
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2607:fcc8:d642:fbe1:b176:9319:ff1c:f0de(Preferred)
   Link-local IPv6 Address . . . . . : fe80::b176:9319:ff1c:f0de%5(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.0.11(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : fe80::5ed9:98ff:fe5c:75b8%5
                                       192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 50337117
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-23-7E-1F-96-00-15-5D-01-8B-05
   DNS Servers . . . . . . . . . . . : 2001:1998:f00:1::1
                                       2001:1998:f00:2::1
                                       192.168.0.10
   NetBIOS over Tcpip. . . . . . . . : Enabled

my router used to perform DHCP server function.
However, as I set up this W2016DC VM & enabled DHCP server in it , I disabled DHCP server from the Internet router.

A. Cliff is right - you should NEVER use ISP's DNS in a production server, I just wrote that since it's clear that this is a test environment.

B. I'd suggest disabling IPv6 for now so you can easily connect that server to the domain and re-enable it after. Also - Why is your IPv6 a manual configuration ? or is it the Hyper-V network thats sending DHCP answers ?

Either your router is still doing DHCP 6 (which you'll need to disable) or is offering other IPv6 auto-discovery services, which you'll need to disable. Or you have manually configured IPv6 settings which you'll want to clear.  Could be any of the above.

@Cliff
After disabled IPv6 on both W2016DC and W2016TS, I was able to join W2016TS to the DC.
Question:
When I setup these VMs, I did not enable it manually. This setting was by default.
That said, should I disabled IPv6 from TCP/IP properties in current/future installations of any Windows server?
Should I enable it now? if the network works find with IPv4 alone, why should i enable IPv6?

First, let me note that I was not the one that recommended disabling IPv6.   I was the one that pointed out your Ipconfig had 2001: addresses, and therefore concluded that IPv6 was the culprit, but I did not (and do not) recommend disabling IPv6.  

Microsoft has clearly stated on multiple occasions that they don't test their systems without IPv6, and that disabling it is against best practices. Since Vista, Microsoft has been building their servers and services with IPv6 in mind, and it should always (Even in a lab) be enabled.

EVEN IF YOU AREN'T USING IPv6!!!!

IPv6 will still self-configure (via SLAAC) and set itself up with fe80:: addresses.  That is by design, normal, and does *NOT* interfere with Active Directory.

What *will* interfere with Active Directory is another device (router, etc) deploying IP settings (IPv4 or IPv6) that are not AD-Aware.

You'd have hit this problem if the router was giving out public DNS settings for IPv4 via DHCP with IPv6 disabled.  Which just goes to prove that this is *NOT* an IPv6 problem.  IPv6 is just a symptom of a bigger problem: a device is advertising information of some sort on yhour network and is handing out settings you aren't controlling.  Most IT folks would say that is bad.

Maybe it is a DHCPv6 rogue server somewhere.  a DHCPv4 rogue server would be as destructive.

Maybe it is a NDP server somewhere.  

Either/or both of these could be the router.  So the problem isn't IPv6.   IT is that (likely) something is broadcasting random configuration information. That device should be reigned in.  Then IPv6 would work as designed, even in a non-public configuration.

My first guess is that the router is doing router advertisements via the NPD protocol.  In an AD network, that should either be disabled or configured to hand out AD-aware DNS information.  Regardless, no network admin would want devices just randomly handing out network data.  Track down the offending device and close the loop.

I want to jump in for a sec to say that I've seen this behavior on routers provided by certain ISPs. Comcast in particular is rather notorious for this, but other ISP routers may do the same: they assign their own IPv6 DNS servers to everything on the LAN, and there's no way within the router's management interface to disable this behavior (or at least there wasn't the last time I ran into this issue). Disabling IPv6 on an affected system will obviously get around it, but that's not a best practice, as Cliff said.

I hate those routers.

Fyi, I have a very old D-LINK DIR-655 internet router. Like I mentioned, I had DHCP server active in the router for several days. However today as I began to set up Domain Controller, I activated DHCP server in W2016DC and disabled DHCP server in D-Link router.
Until I assigned static IP information on both W2016DC and W2016TS, both VMs would have received IP addresses from D-Link Router and I am not sure whether that had anything to do with the problem in joining W2016TS to the domain.
Anyway  I will now enable IP v6  on both VMs and create a new VM to see if I can join that to the domain.
I will report back.

I saw that with a few Comcast devices years ago. Now they almost universally provide just a generic CPE on business accounts and let the business provide the NAT device, as many businesses also had issues with doibel-NAT and other things when ISP's provided "routers.". I haven't seen a business class service do IPv6 routers in several years now. Time Warner, Comcast, charter. All seem to have cleaned up their act. And a good business firewall, even in the SMB category like a SonicWall TZ-300, won't do NDP by default.  It is such an edge case that I rarely even think to mention it.

Update: I had set up another VM and it also fails to find the DC when I tried to join that VM to the domain although it received IP address from the DHCP server running on DC.
I am going to disjoin all test VMs from the DC, delete W2016DC from Hyper-V and start from the scratch. I think something went wrong during the role installation. I never had to mess with IPv6 status to join VM to the domain controller before.
In this particular VM, I could not join it to the domain regardless of IPv6 enabled or disabled.
I will report back.

Update:
I created a brand new W2016DC VM, added DHCP, DNS ... etc.  On W2016DC VM, both IPv4 and IPv6 are enabled by default. Then I proceeded to create a couple of virtual machines - one with Windows 10 Pro and another one with Windows Server 2012R2 where both IPv4 and IPv6 are also enabled by default . I already have Windwos 2016 VM in place.
Then I started joining VMs to W2016DC one at a time and learned the following:
(1) Both W2012R2 and W2016TS VMs did not have a problem joining the domain with both IPv4 and IPv6 enabled.
(2) However Windows 10 Pro VM, I had to uncheck IPv6 in order to join the domain.

The above findings are quite different from my experience yesterday.

One of the reasons that I wanted to start everything from scratch was:
- I thought, while creating W2016DC VM, I may have restarted the computer prematurely, by mistake. So if W2016DC  is missing something, then it would create problems.
- secondly I discovered that I assigned 192.168.1.2 IP address to Hyper-V network adapter instead of 192.168.0.2. not knowing what kind of impact that would have on virtual machines, I wanted to rebuild VMs from the scratch.

Conclusion:
In Windows 2016 environment, if joining Desktop or Server OS computers to  domain becomes an issue, I can simply uncheck "IPv6".

Thanks you all for your help!!!

As I said earlier, Microsoft does not test OS behavior with IPv6 disabled and has been consistently clear that disabling it is actively against best practice.


You should troubleshoot and solve the problem.  I still stand by my previous assessments.  I saw IPv6 info that is not mere random stuff from a bad previous build. I still suspect a roge DHCPv6 or NPD device on your network, and that will continue to have undesired effects. Especially on devices where IPv6 potentially cannot be disabled such as many modern IoT devices.

It is best to future-proof your network and track down then eliminate the root cause of your problems.

"track down then eliminate the root cause of your problems. " --> I agree. But this is one test environment using one server box running 2016 Hyper-V with a few VMs. I don't know where I need to track down the problem.I rebuilt all the VMs except W2016TS VM (which I disjoined from old DC and joined the new DC today). At least I know what to look for when facing domain joining problems down the road.
The only other hardware device is D-Link Internet Router...

Thank you again.

Isolating the network (internal switch in Hyper-v), Wireshark, isolating per-port externally..... Identifying the source of the IPv6 settings by logging and asset isolation.  That's what I'd be doing if it were my network.

I will remember that. Thank you.