Not able to join computer in AADDS in an specific onprem network

Jose Gregorio Diaz Vasquez 1 Reputation point
2022-08-31T13:22:53.953+00:00

Dear all,

I had setup AADDS in order to join computers on the onprem network, I had setup the S2S VPN using network gateway and can ping with no problem the DNS in AADDS from all onmprem networks. So far I had test in two onprem networks and I can join PCs with no problem, but I am having issues in one particular network that I am getting the error below:

236585-image.png
"

Note: This information is intended for a network administrator. If you are not your network's administrator, notify the administrator that you received this information, which has been recorded in the file C:\WINDOWS\debug\dcdiag.txt.

The following error occurred when DNS was queried for the service location (SRV) resource record used to locate an Active Directory Domain Controller (AD DC) for domain "local.alpinecc.us":

The error was: "DNS name does not exist."
(error code 0x0000232B RCODE_NAME_ERROR)

The query was for the SRV record for _ldap._tcp.dc._msdcs.local.alpinecc.us

Common causes of this error include the following:

  • The DNS SRV records required to locate a AD DC for the domain are not registered in DNS. These records are registered with a DNS server automatically when a AD DC is added to a domain. They are updated by the AD DC at set intervals. This computer is configured to use DNS servers with the following IP addresses:

10.0.2.4
10.0.2.5

  • One or more of the following zones do not include delegation to its child zone:

local.alpinecc.us
alpinecc.us
us
. (the root zone)

"

Ping answer:
236445-image.png

236631-image.png

IP config:
236586-image.png

One thing that I noted is that is not resolving the name on that network:

236596-image.png

Also I check to see if there is someone with the firewall blocking the ports, but all seems good, except for the name that is not resolving.

236621-image.png

I wonder is there is an additional entrance that needs to be add in the DNS server in order to resolve the name, but my reasoning is why then it works with no problem from a VM in the VNET and the others onprem networks.

Thank you in advance for the advice,

Jose G Diaz

Azure DNS
Azure DNS
An Azure service that enables hosting Domain Name System (DNS) domains in Azure.
600 questions
Azure VPN Gateway
Azure VPN Gateway
An Azure service that enables the connection of on-premises networks to Azure through site-to-site virtual private networks.
1,394 questions
Windows DHCP
Windows DHCP
Windows: A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.DHCP: Dynamic Host Configuration Protocol (DHCP). A communications protocol that lets network administrators manage centrally and automate the assignment of Internet Protocol (IP) addresses in an organization's network.
1,023 questions
Microsoft Entra
0 comments

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Carlos Solís Salazar 16,696 Reputation points MVP
    2022-08-31T21:39:04.767+00:00

    Hi @Jose Gregorio Diaz Vasquez

    Thank you for asking this question on the **Microsoft Q&A Platform. **

    Did you add your DNS to your Virtual Network?

    236705-image.png

    Hope this helps,

    ----------

    Accept Answer and Upvote, if any of the above helped, this thread can help others in the community looking for remediation for similar issues.
    NOTE: To answer you as quickly as possible, please mention me in your reply.

    0 comments
  2. Jose Gregorio Diaz Vasquez 1 Reputation point
    2022-09-01T12:39:49.837+00:00

    Hi @Carlos Solís Salazar ,

    Yes that is right one of the first things I checked:

    236937-image.png

    Also from the VNET with a VM,I have no issue joining PC to the domain, it seems that is on that particular network. But not sure if maybe a DNS issue.

    Thank you,

    Jose G Diaz

  3. Limitless Technology 39,391 Reputation points
    2022-09-09T07:35:44.353+00:00

    Hi Jose,

    Thank you for posting your query.

    To resolve your query kindly do the steps below.

    1. Change to HTTPS
      Several users reported that changing “HTTP” to “HTTPS” solves the issue.
    2. Use Google’s DNS server
      Your ISP’s DNS server might cause this problem. Therefore, you might want to use Google’s public DNS instead. To do that follow the steps below.

    Open Network Connections, locate your connection, right-click on it and select Properties.
    Here, select Internet Protocol Version 4 (TCP/IPv4), and then open Properties.

    Select Use the following DNS server addresses and set 8.8.8.8 as Preferred DNS server and 8.8.4.4 as Alternate DNS server.

    Once you’re done, click on OK.

    Alternatively, some users are suggesting to use 208.67.222.222 as Preferred DNS server and 208.67.222.220 as Alternate DNS server.

    1. Use another browser
      As we said at the beginning of this article, this error appears only on Microsoft Edge. So, to make this issue a thing of the past, surf the internet through another browser.

    You can choose Google Chrome, Firefox, or another browser. We recommend Opera Browser for enhanced privacy protection and top-notch reliability.

    Opera is a modern browser with a straightforward user interface and great security and privacy. It has a built-in VPN that allows you to access geo-restricted content.

    On top of that, Opera has good speed rates and many add-ons. You can easily access your social media accounts or your email in just a few clicks if you decide to connect them through the addons.

    Do not hesitate to message us if you need further assistance.

    -----------------------------------------------------------------------------------------------------------------------------------------

    If the answer is helpful kindly click "Accept as Answer" and upvote it. Thanks.