Active Directory does not allow dns queries from computers on lan network

I’m a bit confused…

The DNS settings of the clients where point? 10.0.0.1 or 8.8.8.8?

1 Like

Please try a

nslookup
at the client. Is your Server resolved

8.8.8.8 is the setting at the Server for external DNS.

1 Like

To clarify any confusion, there are two ways of setting the DNS:

  • Through the Network page, I believe this is for the Nethserver it’s external network requests (this one is set to 8.8.8.8);
  • Through the DHCP page, I believe this is for the LAN network it’s internal network requests(this one is set to 10.0.0.3, and I have tried 10.0.0.1 as well)
C:\Windows\System32>nslookup
DNS request timed out.
    timeout was 2 seconds.
Default Server: UnKnown
Address: 10.0.0.3

Now I’m confused too, how do you reach your server webinterface?

10.0.0.1 or 10.0.0.3?

2 Likes

https://10.0.0.1:980, or https://{host}.{domain}.{tld}:980

10.0.0.3 is ad.{domain}.{tld}, the host that is running as container for AD

Ok, DNS at your clients has to be

10.0.0.1

Please change it and try nslookup again.

1 Like

Try leaving the “DNS Servers” empty in “DHCP” -> “DHCP Server” -> “Advanced Options”

Then on one of your client give the commands (In a CMD Window with elevated privileges)

ipconfig /release
ipconfig /renew
2 Likes

So I pointed dns to 10.0.0.1 through Network -> Dns servers. Also left dns servers at DHCP -> Advanced empty. Released and renew through CMD. These are the results of the nslookup afterwards:

C:\Windows\System32>nslookup
DNS request timed out.
    timeout was 2 seconds.
Default Server: UnKnown
Address: 10.0.0.1

In “Network” -> “DNS Servers” put 8.8.8.8 and 8.8.4.4 it the 2 fields

1 Like

Did that, release, renew, nslookup and still get the same timeout

You have a problem to reach your internal DNS. Is the gateway address pointed to your server?

this works?

1 Like

According to ipconfig /all it does point to 10.0.0.1

It does yes, never had any problems with using the hostname of Nethserver itself.

The gateway is correct.

So I think it is resolved by DNS. Can you try to ping your nethserver by hostname (host) and by FQDN (host.domain.tld)

1 Like

Both of the pings are able to reach the server and {host}.{domain}.{tld} resolves correctly to 10.0.0.1

So it resolves internal addresses, but not external.
Only for trying, please set DNS at a client manually to 8.8.8.8. and try if you reach external addresses like nethserver.org after it?

I think external addresses are your problem, or not?

1 Like

Not quite, I just noticed that I am using Google Chrome to access the webinterface, which uses 8.8.8.8 and 8.8.4.4 before using the local network it’s DNS. So I then tried it with Firefox, and I can’t access {host}.{domain}.{tld}:980

Pardon me for the confusion, I did not notice any sooner.

Is your domain only internal or external too? If it is an external domain have a look here:

And for others who read this and try to help, here a link to your other thread:

1 Like

I kind of went another way and re-installed Nethserver, checking the clients ability to request dns queries allong every part of the initial configuration, active directory implementation etc. Apparently there was never a problem… It was a custom firewall on the device itself that did not autostart when Windows did. If I knew sooner that this was the problem, I would not have posted, sorry for this.

Anyway, thanks for the help and again sorry for taking up precious time.

Hi,
nice to hear that you have solved your problem.

It is good that you have posted it, because if others have the same problem it can help them.

1 Like