Active Directory does not allow dns queries from computers on lan network


(Hitmoky Hitter) #1

System version: NethServer release 7.4.1708 (Final)
Kernel release: 3.10.0-693.21.1.el7.x86_64

Module: Active Directory

Hey support! ^^

The situation is as follow: After the Nethserver installation I have configured two NICs, one red that gets it’s IP from DHCP and one green that hands our IP addresses through it’s own DHCP. I’ve activated the Active Directory module on an IP within that local network with a result being that all computers (Windows) on that green network do not get their dns requests resolved.

What are the steps to get dns on the AD working? I already tried setting dns server manually as the Nethserver host and the AD host that was made by enabled the AD module.

(Michael Träumner) #2

Your configured DNS Server only resolves your internal names. For an external Name I think you have to put in a DNS-Server like google ( at the network menu at DNS-Server tab.

(Hitmoky Hitter) #3

I never changed that, so it is still on the default No internal neither external domain names are being resolved.

(Michael Träumner) #4

What DNS-Settings does your clients get from DHCP?

(Hitmoky Hitter) #5

As of default I believe it was the Nethserver host at but I changed it to, which is the AD host. Both did not change a thing, although the Windows clients are pointing correctly to the dns that I configure.

(Saito Benkei) #6

I’m a bit confused…

The DNS settings of the clients where point? or

(Michael Träumner) #7

Please try a

at the client. Is your Server resolved is the setting at the Server for external DNS.

(Hitmoky Hitter) #8

To clarify any confusion, there are two ways of setting the DNS:

  • Through the Network page, I believe this is for the Nethserver it’s external network requests (this one is set to;
  • Through the DHCP page, I believe this is for the LAN network it’s internal network requests(this one is set to, and I have tried as well)

(Hitmoky Hitter) #9
DNS request timed out.
    timeout was 2 seconds.
Default Server: UnKnown

(Michael Träumner) #10

Now I’m confused too, how do you reach your server webinterface? or

(Hitmoky Hitter) #11, or https://{host}.{domain}.{tld}:980 is ad.{domain}.{tld}, the host that is running as container for AD

(Michael Träumner) #12

Ok, DNS at your clients has to be

Please change it and try nslookup again.

(Saito Benkei) #13

Try leaving the “DNS Servers” empty in “DHCP” -> “DHCP Server” -> “Advanced Options”

Then on one of your client give the commands (In a CMD Window with elevated privileges)

ipconfig /release
ipconfig /renew

(Hitmoky Hitter) #14

So I pointed dns to through Network -> Dns servers. Also left dns servers at DHCP -> Advanced empty. Released and renew through CMD. These are the results of the nslookup afterwards:

DNS request timed out.
    timeout was 2 seconds.
Default Server: UnKnown

(Saito Benkei) #15

In “Network” -> “DNS Servers” put and it the 2 fields

(Hitmoky Hitter) #16

Did that, release, renew, nslookup and still get the same timeout

(Michael Träumner) #17

You have a problem to reach your internal DNS. Is the gateway address pointed to your server?

this works?

(Hitmoky Hitter) #18

According to ipconfig /all it does point to

It does yes, never had any problems with using the hostname of Nethserver itself.

(Michael Träumner) #19

The gateway is correct.

So I think it is resolved by DNS. Can you try to ping your nethserver by hostname (host) and by FQDN (host.domain.tld)

(Hitmoky Hitter) #20

Both of the pings are able to reach the server and {host}.{domain}.{tld} resolves correctly to