Can't join Azure DC VM

Taieb Y 41 Reputation points
2021-03-23T19:56:30.237+00:00

Hi, I have my on-premise computer which is connected to an Azure Virtual Network with a VPN Gateway.

I can ping with the private IP an Azure VM which is a Domain Controller, and even access to its file share.

But I can't join my W10 to the domain.(DNS Name doesn't exist).

The DNS IP of my W10 : 8.8.8.8 10.0.1.5 (Azure VM DC) Regards.

Azure Virtual Machines
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
7,122 questions
Azure Virtual Network
Azure Virtual Network
An Azure networking service that is used to provision private networks and optionally to connect to on-premises datacenters.
2,139 questions
Microsoft Entra
0 comments
Accepted answer
  1. Andreas Baumgarten 96,266 Reputation points MVP
    2021-03-24T09:31:47.057+00:00

    Hi @Taieb Y ,

    which DNS Server is configured in the DC VM? It should be itself. In the DNS Server console of the DC VM you can see the records of the domain?

    If the ping on IP is working it's half way done. But you need a proper DNS name resolution or it won't work.

    Here the setup in my environment is:

    • DNS Server installed on DC VM
    • Forwarder to 8.8.8.8 in the DNS Server of DC VM
    • On the Virtual Network the DNS server is Custom -> IP of DC VM (if you change the setting all VMs in Azure needs to be restarted to get this setting affected)

    Make sure the DNS Server on DC VM is configured as the primary DNS Server in the computer network settings. For Azure VMs it's done automatically depending on the DNS settings of the related vNet. But on all "other computers" you have to verify the primary DNS is point to the IP of the DC VM.

    From there all computers using the DC VM as a DNS server are able to resolve the computer names and the domain name.

    ----------

    (If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)

    Regards
    Andreas Baumgarten

    0 comments

4 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Andreas Baumgarten 96,266 Reputation points MVP
    2021-03-23T20:30:21.403+00:00

    Hi @Taieb Y ,

    you could try this:

    • Add a DNS forwarder to 8.8.8.8 in the DNS server on your Azure VM DC.
    • Change the order of the DNS servers in your Win10 client: Primary DNS = Azure VM DC, secondary DNS server 8.8.8.8)
    • When done, try to ping the domain name of your AD from your Win10 client. For instance ping mydomain.local

    If it's working the domain name will be resolved with the IP of the AD VM DC.
    As long as the domain name can't be resolved on your W10 client it's not possible to join the AD domain.

    ----------

    (If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)

    Regards
    Andreas Baumgarten

    1 person found this answer helpful.
    0 comments
  2. Taieb Y 41 Reputation points
    2021-03-24T09:09:19.673+00:00

    Hi @Andreas Baumgarten ,

    Everything is done but I can't ping the domain name. But I can ping the DC private IP (10.0.1.5)

    The W10 Network configuration :

    81113-01.png

    An Google NSLOOKUP : (the DC is responding)

    81067-02.png

    A DC NSLookup :

    81123-03.png

    But a ping :

    81124-04.png

    My on premise routeur is in NAT

    0 comments
  3. Taieb Y 41 Reputation points
    2021-03-26T15:46:19.977+00:00

    Hi @Andreas Baumgarten

    I don't understand, it doesn't work but eveything seems ok. Maybe my routeur (very cheap).

    I think I'll try with an on-premise DC.

    Thank you for your answer. It's supposed to work everywhere.

    Regards.

    0 comments
  4. Taieb Yassa 1 Reputation point
    2021-04-03T17:45:54.17+00:00

    Hi @Andreas Baumgarten ,

    I found the problem. In fact, even if the DNS server on the Win 10 was the private IP of the DC, I had to modify the DNS server in the Virtual Network (where the VPN GW is).

    Everything works fine now.

    Regards.