Windows Server Summit 2024
Mar 26 2024 08:00 AM - Mar 28 2024 04:30 PM (PDT)
Microsoft Tech Community
LIVE

Problem to setup DNS server on Windows Server 2016

Copper Contributor

Hello,

I have problem to setup my DNS server on Windows Server 2016 Standard.

But from beginning.

I have installed Hyper-V 2016, on this I create Virtual Machine, and setup there Windows Server 2016.
My ActiveDirectory works fine, and I want to add DNS server.

I follow many tutorials on YouTube, and everyone have more folders/files in DNS Manager, on forward zone to be exactly.

I have attached 2 screens:

  • One is from YouTube where files and folders are visible.
  • Second is from my server where I dont see this files/folders.

Can I ask for help? Because I can't figure it out. I dont have ideas.

I was reinstalling AD, DNS and nothing.

 

Thank You in advance,

Greetings.
Jacob.

42 Replies

The order isn't critical, just remove the 192.168.88.211 from DC and problem client. If no joy, then put up a new set of files.

 

 

I have delete 192.168.88.211 from secondary dns, and I have now only 192.168.88.201 (IP of DC - Windows Server)

 

Here are new files:

https://ufile.io/yvcqh

Hello,

 

So it seems some DNS records and zones are missing.

 

"No host records (A or AAAA) were found for this DC
The SOA record for the Active Directory zone was found
The Active Directory zone on this DC/DNS server was found primary
Root zone on this DC/DNS server was not found"

 

I have also noticed that you are using a .local in your Domain. This is not best practice and can cause you some issues down the line.

 

Have a look at my blog post on Active Directory naming best practices https://pixelrobots.co.uk/2016/07/active-directory-naming-best-practice/

 

I also have a guide on how to set up AD using PowerShell. https://pixelrobots.co.uk/2016/11/step-by-step-guide-to-setting-up-an-active-directory-forest-and-ad...

 

They may help you.

 

But for now, as you are still learning. I would remove AD, DNS etc and start again, Following the AD naming best practices.

 

When you have installed the roles. On the DC change the DNS primary to 127.0.0.1 and the secondary to the IP address of the DC.

 

On the client, as you are not using DHCP, set the static IP address and set the primary DNS to the IP address of the new DC.

 

I hope that helps.

 

If you need any more help just ask.

 

Richard

Thank You for answer.

I have stuck on add a subnet to site.

My site name is: komplex-info

And what should I set on subnet ?

I was writting subnet format: 255.255.255.0/24 and 255.255.255.0 in description.

I will attach screenshot.

 

Thank You in advance for help.

Hello,

 

Thanks for the screenshot.

 

I can see that when asked "Enter subnet in format 10.10.10.0/24" you entered 255.255.255.0

 

You will need to enter 192.168.88.0/24 if you are still using that IP range.

 

Hope that helps

Hello,

I have written this adress but dont work.

I write subnet: 192.168.88.0/24  and description: 192.168.88.0/255.255.255.0

I will attach again my screenshot.


Thank You.

Are you able to copy the code you are using to here? the screenshot is missing some bits.

Sure.

Here you have:

# Add subnet to sites and service
Write-Host "Add Subnet to Site"
$Subnet = read-host "Enter subnet in format 10.10.10.0/24"
$desc = read-host "Enter description eg: 10.10.10.0/255.255.255.0"
New-ADObject -Name:$subnet -Type subnet -Description:$desc -OtherAttributes @{location="komplex-info";siteObject="CN=komplex-info,CN=Sites,CN=Configuration,DC=ad,DC=komplex,DC=co,DC=pl"} -Path "CN=Subnets,CN=Sites,CN=Configuration,DC=ad,DC=komplex,DC=co,DC=pl" 

My Active Directory Domain is called:  ad.komplex.info.pl

NETBiosName: komplex

Default-First-Site: komplex-info

I have found error.
Now everything go :)

I try to add domain on client.

The code looks good to me.

 

The error seems to say the server refused the task.

 

I think just to get you past this step, just ad the subnet to your site under Active Directory Sites and services.

 

Right click on subnets and add your subnet.

 

Hopefully, that will get you pass this step.

Okay, I have add subnet. 

I will attach 4 screenshots.

server1.png - contain IP configuration of DC (Windows Server).

client1.png - contain IP configuration of Client (Windows 10)

ad1.png - contain error while I want to join domain.

1.png - I add reverse DNS lookup zone.

 

Domain name: ad.komplex.info.pl

 

Thank You in advance

Can you do a DCdiag again and upload the log files.

I have noticed an error in the code you were using. you had co instead of info.  I have updated it below. Try running it again. 

 

# Add subnet to sites and service
Write-Host "Add Subnet to Site"
$Subnet = read-host "Enter subnet in format 10.10.10.0/24"
$desc = read-host "Enter description eg: 10.10.10.0/255.255.255.0"
New-ADObject -Name:$subnet -Type subnet -Description:$desc -OtherAttributes @{location="komplex-info";siteObject="CN=komplex-info,CN=Sites,CN=Configuration,DC=ad,DC=komplex,DC=info,DC=pl"} -Path "CN=Subnets,CN=Sites,CN=Configuration,DC=ad,DC=komplex,DC=info,DC=pl" 

 

Sure thing

I will attach it.

Try disabling the firewall and then try again.

I have disable it on DC, restart machine but no results

When I want to join domain, I see error "DNS Name does not exist"

This is a very strange problem you are having.

 

think you will need to check the SRV Record. You can follow the details @ https://support.microsoft.com/en-gb/help/816587/how-to-verify-that-srv-dns-records-have-been-created...

 

Then if the SRV record is missing follow the instructions @  https://support.microsoft.com/en-gb/help/241505/srv-records-missing-after-implementing-active-direct...

 

Hopefully one of them will help fix your issue.

 

Thanks

 

Richard

Well, I dont have:

 

Forward Lookup Zones/ad.komplex.info.pl/_msdcs/dc/_sites/Default-First-Site-Name/_tcp
Forward Lookup Zones/ad.komplex.info.pl/_msdcs/dc/_tcp

 

_kerberos and _ldap I have here:

Forward Lookup Zones/ad.komplex.info.pl/_sites/komplex-info/_tcp

 

In "%systemroot%\System32\Config" I don't have "_ldap._tcp.Domain_Name"

 

Nslookup

 

> _ldap._tcp.dc._msdcs.ad.komplex.info.pl
Server: ad.komplex.info.pl
Address: 192.168.88.201

*** ad.komplex.info.pl can't find _ldap._tcp.dc._msdcs.ad.komplex.info.pl: Non-existent domain

 

 

Configure your DNS server to use a static Internet Protocol (IP) address. - Yes, 192.168.88.201
Create a forward lookup zone named after your Active Directory. - I have attach it.
Enable your domain zone to allow dynamic updates. - I have attach it too.

netdiag /fix - doesn't work. I have attach it.

 

I used "dcdiag /fix" and here what I have:

C:\Users\Administrator.SERVER2016AD.004>dcdiag /fix

Directory Server Diagnosis

Performing initial setup:
   Trying to find home server...
   Home Server = Server2016AD
   * Identified AD Forest.
   Done gathering initial info.

Doing initial required tests

   Testing server: komplex-info\SERVER2016AD
      Starting test: Connectivity
         The host 76a7d524-7979-40d8-ba37-c21ef98d201b._msdcs.ad.komplex.info.pl could not be resolved to an IP
         address. Check the DNS server, DHCP, server name, etc.
         Got error while checking LDAP and RPC connectivity. Please check your firewall settings.
         ......................... SERVER2016AD failed test Connectivity

Doing primary tests

   Testing server: komplex-info\SERVER2016AD
      Skipping all tests, because server SERVER2016AD is not responding to directory service requests.


   Running partition tests on : ForestDnsZones
      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test CrossRefValidation

   Running partition tests on : DomainDnsZones
      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test CrossRefValidation

   Running partition tests on : Schema
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation

   Running partition tests on : Configuration
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation

   Running partition tests on : ad
      Starting test: CheckSDRefDom
         ......................... ad passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... ad passed test CrossRefValidation

   Running enterprise tests on : ad.komplex.info.pl
      Starting test: LocatorCheck
         ......................... ad.komplex.info.pl passed test LocatorCheck
      Starting test: Intersite
         ......................... ad.komplex.info.pl passed test Intersite