Authentication Server could not be contacted

Our OS X Server machine has had no issue at all with being in the Windows AD domain right up until we updated it to OS X 10.10. Now it behaves bizarrely, refuses to connect to our Exchange mail server, and even rejects the DNS lookup for all of the other servers on the network.

I tried removing and readding the Server to the domain, but I get

"Unable to add server.

Authentication server could not be contacted (5200)"

Is there any way of finding out what the solution may be?


I had the same problem. We have MACs on El Capitan to High Sierra and Win 2012 R2 as Domain controller. After a lot of trial and error, I found out that the AD user has to belong to "Account Operator" security group, even if the user is Domain Admin or Enterprise Admin. We found this out after a lot of struggle.

Hope this solution helps you.


I got the same problem,

I have local AD server on my local network. and I set also a DNS server in the same network. I tried to set the administrator user as domain controller as mentioned in @Shareek answer which did not resolve the problem. besides I set the DNS of my connection the same as DNS of my AD Server and everything worked well