Hello All, We have configured active directory on one machine. Configured DNS server on ip 10.34.23.166 with domain test-success.com Tried adding one more machine 10.24.10.178 to the above created domain. it was throwing the below error: This information is intended for a network administrator. If you are not your network's administrator, notify the administrator that you received this information, which has been recorded in the file C:\Windows\debug\dcdiag.txt. The following error occurred when DNS was queried for the service location (SRV) resource record used to locate an Active Directory Domain Controller for domain test-success.com: The error was: "DNS name does not exist." (error code 0x0000232B RCODE_NAME_ERROR) The query was for the SRV record for _ldap._tcp.dc._msdcs.test-success.com Common causes of this error include the following: - The DNS SRV records required to locate a AD DC for the domain are not registered in DNS. These records are registered with a DNS server automatically when a AD DC is added to a domain. They are updated by the AD DC at set intervals. This computer is configured to use DNS servers with the following IP addresses: 10.34.23.166 - One or more of the following zones do not include delegation to its child zone: test-success.com com . (the root zone) For information about correcting this problem, click Help However we can able to access the two machines using UNC paths and via ping. Can someone check this and help us with any suggestions. Thank you in advance. Regards, Esther Francis.

As I see, you have missing SRV record (_ldap._tcp.dc._msdcs.apps-access.com). Please proceed like that: Make sure that your DCs are using the correct DNS server as primary DNS server Run ipconfig /registerdns and nltest /dsderegdns on your DCs or reboot them Make sure that your client computers are using the DNS server as primary DNS server By proceeding like that, your problem should be solved. Also, check that you don't have missing DNS records in your zones. You can use nslookup to perform that. This posting is provided "AS IS" with no warranties or guarantees , and confers no rights. Microsoft Student Partner Microsoft Certified Professional Microsoft Certified Systems Administrator: Security Microsoft Certified Systems Engineer: Security Microsoft Certified Technology Specialist: Windows Server 2008 Active Directory, Configuration Microsoft Certified Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration

Hi Esther, What is exactly your domain name, is it test-success.com or is it apps-access.com? Your problem is certainly a name resolution problem, but it looks like you are trying to join to a domain with a different name? can you please confirm the domain name and post back.MCDST, MCSAS, MCSES, MCDBA, MCITP, MCTS, MCT

Salam Zied, looks like that the user wanted to hide the domain name and wrote test-success.com and after he forgot to hide it again. This posting is provided "AS IS" with no warranties or guarantees , and confers no rights. Microsoft Student Partner Microsoft Certified Professional Microsoft Certified Systems Administrator: Security Microsoft Certified Systems Engineer: Security Microsoft Certified Technology Specialist: Windows Server 2008 Active Directory, Configuration Microsoft Certified Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration

thank you so much Mr X. Our servers are in cloud and we tried installing AD and configure DNS on one machine. And trying to add the another machine in the same cloud to the domain created so ...! The Ip range of the two machines are different: AD/DNS: 10.34.23.166 Othermachine:10.24.10.178. However we are able to contact both servers using UNC and via ping.. Is there any other thing blocking the machine from adding to domain?

Ok, are you able to ping the domain name? like ping test-success.com, does it resolve the name? if not, Mr X's steps should help you reregister the SRV records for your DCs to solve thisMCDST, MCSAS, MCSES, MCDBA, MCITP, MCTS, MCT

thanks Ziad, we are not able to resolve the domain name when trying to ping the domain... we are following Mr X steps and update here.

We tried the above steps Mr.X and Ziad but its still not fixed, unable to join the server 10.24.10.178 to the AD.

Please make sure that you don't have missing DNS records (The missing DNS records are mentioned in the error messages). Also, make sure that you don't have a firewall / router that is blocking traffic between the two entities. I reccomand to you to disable all security softwares and internal firewalls. Once solved, enable them again. This posting is provided "AS IS" with no warranties or guarantees , and confers no rights. Microsoft Student Partner Microsoft Certified Professional Microsoft Certified Systems Administrator: Security Microsoft Certified Systems Engineer: Security Microsoft Certified Technology Specialist: Windows Server 2008 Active Directory, Configuration Microsoft Certified Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration

Thank you so much. We will follow these steps and update to you !

Hi, You can use the nslookup command to test the SRV records, please refer to the following steps: 1. Open Command Prompt. 2. Type: nslookup 3. After the previous command completes, at the nslookup (">") prompt type: set q=srv 4. After the previous command completes, type: _ldap._tcp.dc._msdcs.Active_Directory_domain_name 5. Review the output of the previous SRV query and determine if further action is needed based on whether the previous query succeeded or failed. For more information, please refer to the following link: Verify DNS registration for domain controllers using the nslookup command http://technet.microsoft.com/en-us/library/cc738991(WS.10).aspx Please update us the result. Thanks. NinaPlease remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.