I have migrated the on-prem domain controller to Azure vm as ADC. after that I converted my Azure ADC to primary DC. then I turn off the on-prem ADC which was DC before the migration. now Client computer(on-prem or Azure) not able to join domain.

svc.admin 0 Reputation points
2024-02-29T11:27:01.9633333+00:00

I have migrated the on-prem domain controller to Azure vm as ADC. after that I converted my Azure ADC to primary DC. then I turn off the on-prem ADC which was DC before the migration. now Client computer(on-prem or Azure) not able to join domain. If I turn on my on prem ADC. then azure and on prem client pc's are able to join domain. I am able to ping my new DC which is on azure from on prem via site to site tunnel. I have checked the replication as well which is working fine and I have checked the FSMO roles as well.

Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
12,169 questions
Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
5,897 questions
Windows DHCP
Windows DHCP
Windows: A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.DHCP: Dynamic Host Configuration Protocol (DHCP). A communications protocol that lets network administrators manage centrally and automate the assignment of Internet Protocol (IP) addresses in an organization's network.
1,023 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Yanhong Liu 2,080 Reputation points Microsoft Vendor
    2024-03-05T06:41:15.46+00:00

    Hello svc.admin,

    Thank you for posting in Q&A forum.

    Based on your description, if you turn on the on-premises ADC, Azure and on-premises client computers are able to join the domain. This suggests that the local ADC is still working to some extent. Confirm that the on-premises ADC is properly shut down so that the primary DC on the Azure VM is the only domain controller.

    In the meantime, you mentioned that client computers can't join domains, make sure that the client computers' DNS settings point to the primary DC on the Azure VM. The primary DNS server should be the primary DC on the Azure VM, and the standby DNS server should point to itself. Also ensure that there is connectivity between the client machines and the Azure VMs. You can use the ping command to test the network connectivity between the client and the primary DC.

    In addition to this, you can use the "netdom query fsmo" command on the command prompt to verify the FSMO role assignment. Check that the primary DC on the Azure VM has successfully taken over the FSMO role.

    I hope the information above is helpful.

    If you have any question or concern, please feel free to let us know.

    Best Regards,

    Yanhong Liu

    ============================================

    If the Answer is helpful, please click "Accept Answer" and upvote it.

    0 comments