Domain controller: Domain not found

FabioRocha · April 9, 2019, 6:52pm

Hey guys, Ive been playing around for a week with nethserver and its been an enjoyable ride.
ve been using an hyper v enviroment to build my test lab.
My steps are:

1- Install Nethserver 7 and fully update ( IP: 192.168.1.254)
2 - Edit company info and certificate ← Very important: was stuck here. If you dont edit those fields you will deploy a DC with errors.
3 - Start DHCP server Range: 192.168.1.10 - 192.168.1.20 Def Gat. 192.168.1.254 Dns: 192.168.1.254
4 - Deploy DC using web server manager ( IP: 192.168.1.253) vertigo.local
5 - Edit Domain admins passwords
6 - Try to join Windows 10 client (also virtual machine) to domain: Always get dns error:

Note: This information is intended for a network administrator. If you are not your network’s administrator, notify the administrator that you received this information, which has been recorded in the file C:\Windows\debug\dcdiag.txt.

The following error occurred when DNS was queried for the service location (SRV) resource record used to locate an Active Directory Domain Controller (AD DC) for domain “vertigo.local”:

The error was: “DNS name does not exist.”
(error code 0x0000232B RCODE_NAME_ERROR)

The query was for the SRV record for _ldap._tcp.dc._msdcs.vertigo.local

Common causes of this error include the following:

The DNS SRV records required to locate a AD DC for the domain are not registered in DNS. These records are registered with a DNS server automatically when a AD DC is added to a domain. They are updated by the AD DC at set intervals. This computer is configured to use DNS servers with the following IP addresses:

192.168.1.254

One or more of the following zones do not include delegation to its child zone:

vertigo.local
local
. (the root zone)

My windows 10 clients gets the ip adress from DHCP server: Can ping the hostname (dc.vertigo.local) and when i do a nslookup i get this message:

C:\Users\Sofia Rocha>nslookup vertigo.local
Server: dc.vertigo.local
Address: 192.168.1.254

*** dc.vertigo.local can’t find vertigo.local: Non-existent domain

A ping -a from the client resolves the name:

C:\Users\Sofia Rocha>ping -a 192.168.1.254

Pinging dc.vertigo.local [192.168.1.254] with 32 bytes of data:
Reply from 192.168.1.254: bytes=32 time<1ms TTL=64
Reply from 192.168.1.254: bytes=32 time=1ms TTL=64
Reply from 192.168.1.254: bytes=32 time=2ms TTL=64
Reply from 192.168.1.254: bytes=32 time=8ms TTL=64

Am i missing something?

Appreciate your time,

Fábio Rocha

mrmarkuz · April 9, 2019, 9:16pm

Can you ping 192.168.1.253 from a client?

Maybe you need to configure MAC spoofing in Hyper-V:

http://docs.nethserver.org/en/v7/accounts.html#hyper-v

FabioRocha · April 9, 2019, 9:31pm

Thank you for your answer.

Can ping 192.168.1.253 from client. Spoofing was on.
Ping - a 192.168.1.253 returns the name of the container : NCDS-AD

FabioRocha · April 10, 2019, 6:09pm

Tried a new machine following the same steps and it worked. Cant really tell why it wasnt working yesterday.

I will leave a print screen from the RSAT tool on a windows 10 machine.
What an amazing job guys. So far loving the ride through Nethserver

robb · April 10, 2019, 7:37pm

Is this still a testing environment? I ask because AFAIK best practices for a naming convention for your internal domain, when you also have an external domain is using a subdomain of the external domain you have registered.
example: If you have an external domain registered (for instance for your website) of mycompany.com, then your internal domain should be subdomain.mycompany.com
your NethServer will become servername.subdomain.mycompany.com and the Samba4 Domain controller container will be NSDC-servername.subdomain.mycompany.com
Be aware that due to restrictions in NETBIOS, a servername can’t have more than 15 characters. And since the Samba4 container is always prefixed with NSDC- the NethServer servername can’t have more than 10 characters.

FabioRocha · April 10, 2019, 7:48pm

This is a test environment but your info is very pertinent. If i understand it correctly if i register lets say the domain vertigo.com:

External domain: vertigo.com
Internal domain: dc.vertigo.com

What i would do here is have an internal domain: “vertigo.local”, then create a 2nd dns zone with my external domain: vertigo.com

VERTIGO would be then my netbios = 7 characters

Please correct me here if im wrong,

Fábio

robb · April 10, 2019, 7:54pm

Your approach is an alternative and as you mention, it needs you to add a 2nd dns zone.
btw… NethServer defaults to “ad” as subdomain, but you can choose any name you want.