No domain controller can be contacted when domain joining a server

6.7k views Asked by At

I know there are several posts regarding the following issue but non of them have solved the issue for me.

Let me explain the situation:

We have a customer that want's to migrate from an old datacenter to ours. So we created a site to site connection between them and i tried to dcpromo a server on our side today. The domain functional level is Windows server 2012 and the domain controller is a Windows server 2012 datacenter server on the old side. The servers on our side are Windows server 2012 R2 servers.

So i preformed the dcpromo without any problems, everything (DNS, users and computers, etc) was replicated to the new domain controller. Now I try to domain join one of our new servers (also Windows 2012 R2) but I receive the following error:

DNS was successfully queried for the service location (SRV) resource record used to locate a domain controller for domain "domain.X":

The query was for the SRV record for _ldap._tcp.dc._msdcs.domain.X

The following domain controllers were identified by the query: ad.domain.X dc01.domain.X dc02.domain.X

However no domain controllers could be contacted.

Common causes of this error include:

  • Host (A) or (AAAA) records that map the names of the domain controllers to their IP addresses are missing or contain incorrect addresses.

  • Domain controllers registered in DNS are not connected to the network or are not running.

ad.domain.X is the domain controller in the old datacenter, dc01 and dc02 are new and in the new datacenter.

In the netSetup logfile on the server that needs to be domain joined, I find the following error when I try to domain join.

NetpValidateName: checking to see if 'domain.X' is valid as type 3 name
NetpCheckDomainNameIsValid for domain.X returned 0x54b, last error is 0x0
NetpCheckDomainNameIsValid [ Exists ] for 'domain.X' returned 0x54b

On the domain controller I also cannot find any odd events in the eventviewer and all the DNS records seem to be there (A records, SRV, ldap).

The server i'm trying to join to the domain is also in the same subnet as the new domain controllers so there is no firewall betweem them. Regarding the Site to site connection between the datacenters. We created an (temporary) any any rule between in both ways the domain controllers to rule out port blocking issues.

Ping to the domain controllers and nslookup is also not a problem. Telnet to port 389 is also possible. So the domain controllers are fully reachable for the other servers.

These are some ipconfig /all results

One of the problematic domain controllers in the new datacenter. 172.70.0.20 is the domain controller in the old datacenter.

Windows IP Configuration

Host Name . . . . . . . . . . . . : dc01    
Primary Dns Suffix  . . . . . . . : domain.X    
Node Type . . . . . . . . . . . . : Hybrid   
IP Routing Enabled. . . . . . . . : No    
WINS Proxy Enabled. . . . . . . . : No    
DNS Suffix Search List. . . . . . : domain.X

Ethernet adapter Ethernet:

Connection-specific DNS Suffix  . :    
DHCP Enabled. . . . . . . . . . . : No 
Autoconfiguration Enabled . . . . : Yes    
IPv4 Address. . . . . . . . . . . : 10.4.88.1(Preferred)    
Subnet Mask . . . . . . . . . . . : 255.255.255.224    
Default Gateway . . . . . . . . . : 10.4.88.30    
DNS Servers . . . . . . . . . . . : ::1
                                   172.70.0.20
                                   127.0.0.1    
NetBIOS over Tcpip. . . . . . . . : Enabled

The following IP config is from one of the servers that cannot join to the domain. This server is in the same vlan as the problematic domain controllers so there are no ports blocked betweem them.

Windows IP Configuration

Host Name . . . . . . . . . . . . : server1
Primary Dns Suffix  . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Ethernet:

Connection-specific DNS Suffix  . :
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 10.4.88.3(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.224
Default Gateway . . . . . . . . . : 10.4.88.30
DNS Servers . . . . . . . . . . . : 10.4.88.1
                                      10.4.88.2 
NetBIOS over Tcpip. . . . . . . . : Enabled

Does anyone have an idea what we're doing wrong here?

Kind regards,

Gijs

0

There are 0 answers