I am trying to move a Windows SBS2011 user into the IaaS model. The customer’s current infrastructure is quite modest at about 20 Win10 clients and one SBS2011 server.
I have built a couple of Windows clients and a CentOS server with Nethserver using AWS EC2 Instances. They all exist within one VPC and subnet. There is just one Security Group (which, in AWS land, defines which TCP/UDP etc ports are open/closed both internally and to the outside World). My build of CentOS does not seem to have Firewalld installed. Nethserver has had only minimal configurations per the attached screenshots. My AD Domain name is h-s-m.local (I don’t have an external domain name reg’d at present).
Although my Windows clients can do a successful nslookup for my Nethserver DC they cannot join the domain? The failure message generated when I try to move them from Workgroup to h-s-m.local is as follows:-
DNS was successfully queried for the service location (SRV) resource record used to locate a domain controller for domain “h-s-m.local”:
The query was for the SRV record for _ldap._tcp.dc._msdcs.h-s-m.local
The following domain controllers were identified by the query:
However no domain controllers could be contacted.
Common causes of this error include:
- Host (A) or (AAAA) records that map the names of the domain controllers to their IP addresses are missing or contain incorrect addresses.
- Domain controllers registered in DNS are not connected to the network or are not running.
I have the following ports open in my Security Group
All ICMP - IPv4|ICMP|
TCP|135 - 139|
TCP|3268 - 3269|
UDP|135 - 139|
UDP|3268 - 3269|
Can anyone point me in the right direction as to why my Windows clients will not join the domain please?