We help IT Professionals succeed at work.
Troubleshooting Question

Domain Controller and Desktop DNS

80 Views
Last Modified: 2020-10-04
I have setup my first Windows Server 2019 with AD and DNS and DHCP.  Everything works fine.  My question is why do I need to enter DC's DNS IP in every workstations to join the domain.  Without DNS entry, workstation is unable to connect/join domain controller.  Did I miss a configuration somewhere?
Comment
Watch Question

Hello ThereSystem Administrator
CERTIFIED EXPERT
Distinguished Expert 2018

Commented:
Did I miss a configuration somewhere?                         
A DNS server is needed. Maybe you didn't specify it in DHCP options.
Open DHCP console -> Scope -> Scope Options -> add the option "006 DNS Servers" and specify your DNS servers
* Do the same for Server Options as noted below.
Ian PattisonIndependent IT Consultant
CERTIFIED EXPERT

Commented:
Yes it sounds like you’ve missed the server options or scope options in your DHCP configuration where you set the gateway, DNS servers etc for your DHCP clients.
Ian PattisonIndependent IT Consultant
CERTIFIED EXPERT

Commented:
In Hello There’s answer you need to open the DHCP console not DNS
Hello ThereSystem Administrator
CERTIFIED EXPERT
Distinguished Expert 2018

Commented:
A typo. Corrected...
Kaushal SinhaHelpdesk

Author

Commented:
Kaushal SinhaHelpdesk

Author

Commented:
This is my current settings
Ian PattisonIndependent IT Consultant
CERTIFIED EXPERT

Commented:
Is that what you’ve just configured, or is that what was existing?

Is 192.168.1.90 your dns server?

Do your workstations have static IPs or are they getting an address from dhcp?

If those IPs are correct in your scope, and if your workstations are getting a dhcp address correctly, and if IPCONFIG / ALL shows the settings are working then you should be good to go.
Kaushal SinhaHelpdesk

Author

Commented:
that is my existing settings. nothing has been added or modified. yes 192.....90 is my dns server. workstations have dhcp enabled but will not connect to dc unless I specifically enter server's dns ip in workstations.
Ian PattisonIndependent IT Consultant
CERTIFIED EXPERT

Commented:
What does ipconfig /all give on a workstation? Please post results.
Kaushal SinhaHelpdesk

Author

Commented:
Kaushal SinhaHelpdesk

Author

Commented:
192.....90 is my DNS server which is manually entered on the workstation for workstation to join the domain
Independent IT Consultant
CERTIFIED EXPERT
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION
Hello ThereSystem Administrator
CERTIFIED EXPERT
Distinguished Expert 2018

Commented:
I agree. Your Windows DHCP server has to be listed in the ipconfig output because after that the computer will load the correct DNS configuration from the DHCP server.

I suggest disabling DHCP on the router or excluding these addresses from being assigned by the router. Then it will work.
CERTIFIED EXPERT

Commented:
Excellent advice above about your router/firewall at 192.168.1.1 being another DHCP server and should be disabled.  I wanted to add something, though.

I try to avoid common local subnets (192.168.0.x, 192.168.0.x, 10.0.x.x, 10.1.x.x., 10.10.x.x, etc.) when setting up a new network.  If you ever want to VPN into this network from elsewhere, that could seriously complicate matters.  Better to pick some different subnet (such as 192.168.165.x) and avoid the issue.  If this is a new network, it will never be easier to change.
Kaushal SinhaHelpdesk

Author

Commented:
I did disable router DHCP.  I still have issues connecting workstations to join domain.  However, in my address leases, I see all wireless devices there but workstations won't join the domain

Hello ThereSystem Administrator
CERTIFIED EXPERT
Distinguished Expert 2018

Commented:
Run ipconfig /release && ipconfig /renew.
If this won't help, reboot the computer.
Kaushal SinhaHelpdesk

Author

Commented:
Have rebooted multiple times

Upon release and renew, now i get a different error when i try to join

Hello ThereSystem Administrator
CERTIFIED EXPERT
Distinguished Expert 2018

Commented:
Does it happen just to this computer now or all?

If just this one, reboot again. Then provide the output of ipconfig /all
Ian PattisonIndependent IT Consultant
CERTIFIED EXPERT

Commented:
Have you authorised your DHCP server?

Have you set up an address scope?

I wonder if you’re now getting an auto-provisioned address beginning 169.
CERTIFIED EXPERT

Commented:
As Hello There suggested, the output of ipconfig /all from a computer that is having the issue would be useful.

Have you reconfigured the workstation to get all IP info (address and DNS) automatically?
Kaushal SinhaHelpdesk

Author

Commented:
dhcp server is authorized. scope is setup. workstations are setup to get all ip info from dhcp. my users are mobile and I don't have access to another workstation at the moment. but I hope to have one soon to see if the issue is with desktop or all workstations.
CERTIFIED EXPERT
Top Expert 2014

Commented:
I suggest when trying to join to the domain that you enter the full DNS name of the domain (romy.local) instead of just the NetBIOS name.

Even though your previous ipconfig /all output showed getting DHCP info from the wrong source, the DNS IP it was issuing was correct.  It really doesn't matter where DHCP info is issued from as long as it's accurate.  With that said, however, if you want your Windows server to be the DHCP (there's good reason to do so) then it's a good idea to sort out, just know that it's probably not the cause of your problem.
Kaushal SinhaHelpdesk

Author

Commented:
Without making any changes to the server, I was able to join the domain on a laptop of a user.  
This is what I get when I do ipconfig/all

Gateway:  192.168.1.1
DHCP IP:  192.168.1.90
DNS IP:  192.168.1.90
Kaushal SinhaHelpdesk

Author

Commented:
Apparently the problem seems to be on the desktop
CERTIFIED EXPERT

Commented:
It does.  It would be good to confirm that both settings for the NIC are set to grab the IP info automatically as well as looking at ipconfig /all.

You may also want to disable IPv6 on the workstation, at least as a test.
Hello ThereSystem Administrator
CERTIFIED EXPERT
Distinguished Expert 2018

Commented:
Gateway:  192.168.1.1

DHCP IP:  192.168.1.90
DNS IP:  192.168.1.90                                   
This is what you should get on the computer as well.
Now I would reset the network. Open Settings -> Network & Internet -> Status -> scrol down and click on Network Reset, then reboot.

CERTIFIED EXPERT

Commented:
whatever dns server you use or aquire through dhcp, you need that server to contain the dns entries required for services discovery or domain operations will not work.

you can use a forwarder. either create said entries ( not recommended ), or forward queries for the internal domain to the dc.

Gain unlimited access to on-demand training courses with an Experts Exchange subscription.

Get Access
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Empower Your Career
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE

Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.