This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(275.2, 15%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJ%3C/text%3E%3C/svg%3E)
Hello everybody,
I am experiencing the following problem:
I have a DC and another Server on different subnets. They can ping each other and the other Server gets prtquery ldap response from the DC. However when I try to join the domain, I get the following error:
DNS was successfully queried for the service location (SRV) resource record used to locate a domain controller for domain "xxxxx.eu":
The query was for the SRV record for _ldap._tcp.dc._msdcs.xxxxx.eu
The following domain controllers were identified by the query:
yyyyyy.xxxxx.eu
However no domain controllers could be contacted.
Common causes of this error include:
In the diag file I get this:
02/20/2021 16:54:20:490 NetpValidateName: checking to see if 'xxxxx.eu' is valid as type 3 name
02/20/2021 16:54:35:506 NetpCheckDomainNameIsValid for xxxxx.eu returned 0x54b, last error is 0x0
02/20/2021 16:54:35:506 NetpCheckDomainNameIsValid [ Exists ] for 'xxxxx.eu' returned 0x54b
I tried the solution with single label dns as well as the NeutralizeNT4Emulator proposal but to no avail.
DNS servers are correctly set and point to the DC. Any ideas?
Many thanks in advance!
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Might check the ports are flowing between networks.
https://learn.microsoft.com/en-us/troubleshoot/windows-server/identity/config-firewall-for-ad-domains-and-trusts
https://www.microsoft.com/en-us/download/details.aspx?id=24009
--please don't forget to Accept as answer if the reply is helpful--
Hello @Anonymous ,
thanks for the answer. Unfortunately this is not the case. I even switched both firewalls off. I checked also every port with PortQryUI, the only not listening port being 1723. I am completely baffled since querying the ldap ports from the client I get every info on the Domain...but cannot join.
Many thanks!
Please run;
Dcdiag /v /c /d /e /s:%computername% >c:\dcdiag.log
repadmin /showrepl >C:\repl.txt
ipconfig /all > C:\dc1.txt
ipconfig /all > C:\dc2.txt
ipconfig /all > C:\problemworkstation.txt
C:\Windows\debug\netsetup.log
then put unzipped text files up on OneDrive and share a link.
Hi Patrick,
many thanks!
DC logs:
https://1drv.ms/u/s!AmgzrhMURD3fghJeaabJn3P6b_pj?e=bXhBlr
Workstation logs:
https://1drv.ms/u/s!AmgzrhMURD3fghf6AcMpu6bbESGk?e=9VGlnK
Multi-homing a domain controller always causes no end to grief for active directory domain DNS so I'd disable the second adapter. The multi-homed desktop could also complicate things. Also check that a route exists between 167.86.110.1 and 161.97.160.1 networks and no firewalls blocking required ports.
--please don't forget to Accept as answer if the reply is helpful--
