3

So I have been trying to bind my desktop (Windows 10) to my virtual server (Server 2016 Datacenter hosted in ESXi 6.0) that is currently running DNS, AD, and file storage (this is a new install about 3 days old). However, when I try to connect to bind to my domain (lets call it domain.com), I receive the following error.

Error:

DNS was successfully queried for the service location (SRV) resource record used to locate a domain controller for domain "domain.com":

The query was for the SRV record for _ldap._tcp.dc._msdcs.domain.com

The following domain controllers were identified by the query:
SERVER.domain.com


However no domain controllers could be contacted.

Common causes of this error include:

- Host (A) or (AAAA) records that map the names of the domain controllers to their IP addresses are missing or contain incorrect addresses.

- Domain controllers registered in DNS are not connected to the network or are not running.

This is confusing to me however because it seems that my DNS is properly configured. I have set the DNS server of my desktop to IPv4 of my server, my server's DNS server is set to 127.0.0.1, I have created an appropriate computer object in AD, and I am able to ping the server by both IP and hostname from the desktop. The devices are on the same subnet, and inherently the same VLAN (configured in my switch). Below is my current DNS configurations.

DNS (Edited for anonymity): _msdcs.domain.com: enter image description here domain.com: enter image description here

I am fairly new to DNS and managing domains in general, but after many google searches I was unable to fins a solution to this issue. Any help would would be appreciated.

SuperAdmin
  • 209
  • 3
  • 10
  • DNS shows the Host (A) record for the DC is 192.168.2.120. Is that the correct ip address of the DC? – joeqwerty Oct 31 '16 at 03:53
  • @joeqwerty That is correct – SuperAdmin Oct 31 '16 at 03:54
  • What is the network profile and firewall profile of the DC? How about the client? The DC should be using the Domain profile for both the network profile and the firewall profile. The client should be using the Private profile for both. – joeqwerty Oct 31 '16 at 03:56
  • @joeqwerty The machines are connected to the same VLAN on a managed switch. There is no firewall in between these devices. – SuperAdmin Oct 31 '16 at 03:59
  • The Windows firewall, not a network firewall. In Network and Sharing center on the DC and the client, what do they show as the Network profile? – joeqwerty Oct 31 '16 at 04:00
  • @joeqwerty If you would like to submit an answer pointing to windows firewall settings, that was the issue. I changed the network profile on the client to "Private" and reset windows firewall settings. – SuperAdmin Oct 31 '16 at 04:07

2 Answers2

4

What is the network profile and firewall profile of the DC? How about the client?

The DC should be using the Domain profile for both the network profile and the firewall profile. The client should be using the Private profile for both.

joeqwerty
  • 109,901
  • 6
  • 81
  • 172
1

Run DCDIAG and it will give you a thorough exam of your DNS configuration. If the DC cannot be found then there is an entry missing somewhere. Try something like: DCDIAG /e /c /y /test:DNS >>c:\results.txt

This will give you a thorough exam and then you can google the tests that fail. -larryc

Larryc
  • 315
  • 1
  • 5
  • 1
    As stated in the question, the DC was located via DNS. The problem is that client can't communicate with the DC that was found. – joeqwerty Oct 31 '16 at 04:03