Unable to join Domain but able to ping server

[Crisp]

Hi, I am a student trying to set up a domain for my project. So I am able to ping my server, and my server is able to ping to the other servers but when i try to join the domain it says that it could not be contacted.

I am using VMWare Pro 14 and for my network adapter setting i am using a bridge connection, and i am trying to connect different workstation into the domain, any advice? Thanks in advance.

 

 

 

[MCManiac52]

Is your domain name actually project.networking.com? I've never seen a domain like that before.

edit: trying running nslookup in cmd and type in the name of the DC, see if you get the IP address back. If that works double check your DNS server on the machine points to the DC.

[Crisp]

3 minutes ago, MCManiac52 said:

Is your domain name actually project.networking.com? I've never seen a domain like that before.

Yea does the domain name affect it? Because i am able to join the domain on the same workstation that the main AD is at but other workstation i am unable to join the domain.

[wfrank]

Do you have your DC set as the primary DNS Server? If so, try setting it as the only DNS Server for joining the Domain. After you joined the Domain enter the DNS from your ISP as secondary DNS.

[MCManiac52]

3 minutes ago, Crisp said:

Yea does the domain name affect it? Because i am able to join the domain on the same workstation that the main AD is at but other workstation i am unable to join the domain.

Okay just checking, I've never seen a domain name with 2 parts that's all. It shouldn't be a problem. What happens with an nslookup on the DC hostname? Do you get the IP address back? Make sure the DNS server is set to the DC.

[yaricks]

Make sure DNS is set correctly. Primary DNS has to be the domain controller for it to work. I would also double check the domain name on the domain controller that it is spelt correctly.

[Guest]

As mentioned, that error is usually a failure to do a DNS lookup of the domain name you're trying to join.

 

For an internal domain like that, you need an internal DNS server of some sort and to have published the appropriate records.

 

https://technet.microsoft.com/en-us/library/cc732284(v=ws.11).aspx

[Thias.TG]

17 minutes ago, Windspeed36 said:

As mentioned, that error is usually a failure to do a DNS lookup of the domain name you're trying to join.

 

For an internal domain like that, you need an internal DNS server of some sort and to have published the appropriate records.

 

https://technet.microsoft.com/en-us/library/cc732284(v=ws.11).aspx

This ^

[Thias.TG]

32 minutes ago, MCManiac52 said:

Okay just checking, I've never seen a domain name with 2 parts that's all. It shouldn't be a problem. What happens with an nslookup on the DC hostname? Do you get the IP address back? Make sure the DNS server is set to the DC.

We run it perfectly on a sub-domain xx.xxx.xx fine

[NelizMastr]

If your server isn't providing your network with DHCP as well, you need to point all clients to the DC's IP address as its primary DNS as mentioned. If DHCP is handled by the router, it'll hand out its own IP for DNS, so clients can't resolve the hostname for your domain.

[Blake]

Assuming DC has DNS role also installed:

 

have the client computer's primary DNS point to the IP address of the DC. then try again.

 

It's looks like your DNS on the client might be pointing at the router. have your DC point to the router/google to forward requests.

[Mikensan]

For the computers you want to join the domain, set their IPv4 to static and for DNS Primary enter your DC IP address, and secondary can be google's DNS server or the like. 

 

 

If you -only- use your DC to resolve DNS names, you will realize that you can no longer browse the internet. With this you either need to configure your DC DNS server to forward unresolveable requests to another DNS server (ie: 8.8.8.8) or enter a secondary DNS server. For quick and dirty testing using a secondary internet based DNS server is ok, but ideally you'd properly configure your DNS server.

[omniomi]

On 1/15/2018 at 3:38 AM, MCManiac52 said:

Okay just checking, I've never seen a domain name with 2 parts that's all. It shouldn't be a problem. What happens with an nslookup on the DC hostname? Do you get the IP address back? Make sure the DNS server is set to the DC.

 

On 1/15/2018 at 4:11 AM, MathiasVN said:

We run it perfectly on a sub-domain xx.xxx.xx fine

Off topic; However,

 

The AD Domain Name and the DNS name of the domain are two separate things. Ie, if you are Company Inc. with the website www.company.com you might call your AD domain "CORP" with the DNS name corp.company.com. Users would have the down-level logon name of CORP\Username and a UPN of username@corp.company.com or similar. Typically when binding to Active Directory you will use the full DNS name of the domain as OP showed in their screenshot.

 

Now, it is possible for your domain to be "Company" with the DNS name of "company.com" but that is considered to be against best practices due to issues such as split brain DNS and administrators who configure their domains that way typically end up regretting it. You can also do things like "company.local," "company.dom," etc but that is less common. A sub-domain of the company's public website domain is the most common and within best practices; It is also cleaner in multi-domain setups where you may have corp.company.com, prod.company.com, dev.company.com, etc.

 

19 hours ago, Mikensan said:

For the computers you want to join the domain, set their IPv4 to static and for DNS Primary enter your DC IP address, and secondary can be google's DNS server or the like. 

As OP is a student and this is for a project he should be following real world configuration. Clients should use the local DNS servers exclusively for DNS they [the DNS servers] should resolve anything for which they're not authoritative. Setting up root hints on the DNS server(s) is ideal but forwarders can be used if absolutely necessary.

 

 

 

[Mikensan]

@omniomi it depends on his end goal, if he just needs AD to facilitate another project, then no need to spend too much time researching and configuring something he would otherwise never have to. Though it does help to understand the infrastructure for future troubleshooting. But I did address it saying it would be better to properly setup DNS rather than my first suggestion.

 

I've had some heartache with root hints (more so in a closed network) and opt to let google DNS server do all the work via forward requests.