DNS on Windows Server 2012 R2

I'm new to Servers and am using Windows Server 2012 R2, after trying to create a AD DC and connect a machine to it, I get the following errors when connecting:

"An Active Directory Domain Controller (AD DC) for the domain "wolf01" could not be contacted.

Ensure that the domain name is typed corectly.

If the name is correct, click Details for troubleshooting information."

after clicking on "Details" I get this:

"Note: This information is intended for a network administrator. If you are not your network's administrator, notify the administrator that you received this information, which has been recorded in the file C:\Windows\debug\dcdiag.txt.

The domain name "wolf01" might be a NetBIOS domain name. If this is the case, verify that the domain name is properly registered with WINS.

If you are certain that the name is not a NetBIOS domain name, then the following information can help you troubleshoot your DNS configuration.

The following error occurred when DNS was queried for the service location (SRV) resource record used to locate an Active Directory Domain Controller (AD DC) for domain "wolf01":

The error was: "DNS name does not exist." (error code 0x0000232B RCODE_NAME_ERROR)

The query was for the SRV record for _ldap._tcp.dc._msdcs.wolf01

Common causes of this error include the following:

  • The DNS SRV records required to locate a AD DC for the domain are not registered in DNS. These records are registered with a DNS server automatically when a AD DC is added to a domain. They are updated by the AD DC at set intervals. This computer is configured to use DNS servers with the following IP addresses:

10.8.1.11

  • One or more of the following zones do not include delegation to its child zone:

wolf01 . (the root zone)"

Inside C:\Windows\debug\dcdiag.txt is:

"The domain name "wolf01" might be a NetBIOS domain name. If this is the case, verify that the domain name is properly registered with WINS.

If you are certain that the name is not a NetBIOS domain name, then the following information can help you troubleshoot your DNS configuration.

The following error occurred when DNS was queried for the service location (SRV) resource record used to locate an Active Directory Domain Controller (AD DC) for domain "wolf01":

The error was: "DNS name does not exist." (error code 0x0000232B RCODE_NAME_ERROR)

The query was for the SRV record for _ldap._tcp.dc._msdcs.wolf01

Common causes of this error include the following:

  • The DNS SRV records required to locate a AD DC for the domain are not registered in DNS. These records are registered with a DNS server automatically when a AD DC is added to a domain. They are updated by the AD DC at set intervals. This computer is configured to use DNS servers with the following IP addresses:

10.8.1.11

  • One or more of the following zones do not include delegation to its child zone:

wolf01 . (the root zone)".

I've been looking on forums for the past few days. I have checked my DNS settings on both the PC and Server, they are both set correctly. The name is correct as well, my DNS is running on the server - and I don't have any kind of errors showing. I've turned off both firewalls on the Server and my Router that it is running through, still no luck. There are multiple other things forums have had me check that I can't think of off the top of my head.

Any is appreciated!

Edit:

Here is my dcdiag/DNS Test

Windows PowerShell
Copyright (C) 2013 Microsoft Corporation. All rights reserved.

PS C:\Users\Administrator> dcdiag

Directory Server Diagnosis

Performing initial setup:
   Trying to find home server...
   Home Server = WOLF
   * Identified AD Forest.
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\WOLF
      Starting test: Connectivity
         ......................... WOLF passed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\WOLF
      Starting test: Advertising
         ......................... WOLF passed test Advertising
      Starting test: FrsEvent
         ......................... WOLF passed test FrsEvent
      Starting test: DFSREvent
         ......................... WOLF passed test DFSREvent
      Starting test: SysVolCheck
         ......................... WOLF passed test SysVolCheck
      Starting test: KccEvent
         ......................... WOLF passed test KccEvent
      Starting test: KnowsOfRoleHolders
         ......................... WOLF passed test KnowsOfRoleHolders
      Starting test: MachineAccount
         ......................... WOLF passed test MachineAccount
      Starting test: NCSecDesc
         ......................... WOLF passed test NCSecDesc
      Starting test: NetLogons
         ......................... WOLF passed test NetLogons
      Starting test: ObjectsReplicated
         ......................... WOLF passed test ObjectsReplicated
      Starting test: Replications
         ......................... WOLF passed test Replications
      Starting test: RidManager
         ......................... WOLF passed test RidManager
      Starting test: Services
         ......................... WOLF passed test Services
      Starting test: SystemLog
         ......................... WOLF passed test SystemLog
      Starting test: VerifyReferences
         ......................... WOLF passed test VerifyReferences


   Running partition tests on : ForestDnsZones
      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test CrossRefValidation

   Running partition tests on : DomainDnsZones
      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test CrossRefValidation

   Running partition tests on : Schema
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation

   Running partition tests on : Configuration
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation

   Running partition tests on : wolf
      Starting test: CheckSDRefDom
         ......................... wolf passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... wolf passed test CrossRefValidation

   Running enterprise tests on : wolf.local
      Starting test: LocatorCheck
         ......................... wolf.local passed test LocatorCheck
      Starting test: Intersite
         ......................... wolf.local passed test Intersite
PS C:\Users\Administrator> dcdiag /test:DNS

Directory Server Diagnosis

Performing initial setup:
   Trying to find home server...
   Home Server = WOLF
   * Identified AD Forest.
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\WOLF
      Starting test: Connectivity
         ......................... WOLF passed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\WOLF

      Starting test: DNS

         DNS Tests are running and not hung. Please wait a few minutes...
         ......................... WOLF passed test DNS

   Running partition tests on : ForestDnsZones

   Running partition tests on : DomainDnsZones

   Running partition tests on : Schema

   Running partition tests on : Configuration

   Running partition tests on : wolf

   Running enterprise tests on : wolf.local
      Starting test: DNS
         Test results for domain controllers:

            DC: WOLF.wolf.local
            Domain: wolf.local


               TEST: Basic (Basc)
                  Warning: Adapter 78:45:C4:2B:B3:65 has dynamic IP address (can be a misconfiguration)

               WOLF                         PASS WARN PASS PASS PASS PASS n/a
         ......................... wolf.local passed test DNS

C:\Users\Administrator>nslookup

Default Server:  localhost

Address:  ::1

> set type=all
> _ldap._tcp.dc._msdcs.wolf.local
Server:  localhost
Address:  ::1

_ldap._tcp.dc._msdcs.wolf.local SRV service location:
          priority       = 0
          weight         = 100
          port           = 389
          svr hostname   = wolf.wolf.local
wolf.wolf.local internet address = 10.8.1.11
wolf.wolf.local AAAA IPv6 address = 2601:a:1d00:719:5ce9:8e23:bf6c:3db9

>


Solution 1:

OK; few things. Some relevant to the question, others are just good advice:

  1. You seem to be trying to use the domain controllers name to connect to the domain. You do not do this. If your domain controller is wolf01.wolf.local then the domain you want to join is just wolf.local (or just wolf if that's your NetBIOS alias for the domain)

Onto other issues:

  1. Don't use .local as your domain's TLD. Microsoft are their own worst enemy on this after setting .local as their SBS domain. See Windows Active Directory naming best practices?
  2. In a simple setup like this, your domain controller should be your DNS Server
  3. Your domain controller should have a static IP address (see the warning in your dcdiag about this)
  4. Your domain controller should only have a single network card - otherwise you end up with multiple entries for the DC, some could be on subnets that are not routable
  5. All of your clients should have your domain controller as their primary DNS server. You say that they are "set correctly", but not what "correctly" actually is.

Solution 2:

After you add the DC role, which also adds the DNS role you should verify that your DNS entries on the server are correct under Adapter Settings > YOUR NIC CARD > Properties > Select IPV4 > Properties button > Your DNS server should be set to 127.0.0.1.

Also check under the Advanced button > DNS tab > Make sure 127.0.0.1 is listed.

If you are using IPV6 you should do the same, it should be ::1

Then go into DNS on the DC and configure some forwarders there like Google (8.8.8.8 and 8.8.4.4). I would restart DNS after making the changes.

Anyway, then go to the client you want to add to the domain and make sure the DNS settings under the IPv4 settings are set to "Use the following DNS servers" and make sure it is pointing at your DC server IP address. You can configure this manually on the clients you want to use your DNS server, or on your router if you want all PCs on the network to run through your local DNS server.

Then on the client verify the DNS is working correctly by opening the CMD prompt, as an admin, and issue the following commands.

ipconfig /flushdns
ping YOUR DOMAIN NAME (ex. ping wolf)

If that does not work try pinging the FQDN (ping wolf.local). If that does not work, your DNS is not working correctly. If you set it up on your router, then manually configure it on the client in the IPv4 settings to see if the router is the issue.

Also after flushing the DNS you can reboot, but it should not be necessary.

If the ping works then add the machine to the domain.