Adding a second tree domain to AD forest (2012 R2)

active-directory windows-server-2012-r2 domain-controller
7,242

So, it turns out that my domain controller was using itself as the DNS. The domain controller was a DNS for the local network, which is why the second server was able to access it using the forest domain. The domain controller was trying to resolve the requesting host using a its own table, which didn't contain the host for the second server. Changing the DNS back to our network DNS was all I had to do.

Share:
7,242

Related videos on Youtube

AaronF
Author by

AaronF

Updated on September 18, 2022

Comments

  • AaronF
    AaronF over 1 year

    I set up an AD forest with a DNS server. I tried adding a second server as a second tree domain to the forest.

    First, the error I'm getting is "Could not log onto the domain with the specified credential. Supply a valid credential and try again.

    The second server can ping the forest's domain without a problem. The first server can ping the second server's IP. So, it doesn't appear to be a DNS issue. I've tried every permutation of the following configuration setting when setting up the second server:

    Domain type: Tree Domain

    Forest Name: Fully qualified (domain.com) and root (domain)

    New Domain name: domain2.com

    Credential: domain\Administrator and domain.com\Administrator and firstMachineName\Administrator

    (There is only one account on the first machine, which is the administrator account I used in creating the forest.)

    I'm wondering if anyone has experienced similar issues and what they did to overcome them? Or any links to other places where the question has been answered.

    I've seen a number of suggestions on the matter, none of which seem to work.

    • Greg Askew
      Greg Askew almost 8 years
      The first server can ping the second server's IP. So, it doesn't appear to be a DNS issue. How does pinging an IP address validate DNS? You may want to try a simpler test, such as joining the second computer to the existing domain to see if that works.
    • AaronF
      AaronF over 7 years
      So, the second machine can ping the active directory domain, but can't join the domain. It says the domain controller could not be contacted. It also says the DNS was successfully queried for the service resource record, and lists the domain controller as one of those identified. How can it see the domain controller, ping it, and not be able to contact it? It suggests looking into A or AAAA records...
    • Greg Askew
      Greg Askew over 7 years
      Ping doesn't validate much. You need to use PortQueryUI to determine what network issues may exist. microsoft.com/en-us/download/details.aspx?id=24009

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

All options greyed out when trying to configure Active Directory Domain Services Windows Server 2012 R2
Cannot start workstation service on DC
dcpromo prerequisites for Active Directory preparation failed
Cannot promote Windows Server 2012 R2 to Domain Controller at a new site. "The wizard cannot gain access to the list of domains in the forest."
Is it possible to change the NetBIOS Uppercase and Lowercase letters?
Adding client computers to an active directory domain controller
One domain controller configured in a failover cluster? Or two DCs, one on each cluster node?
No domain controller can be contacted when domain joining a server
Must the root domain name be registered when creating a new forest in Active Directory?
The requested operation requires elevation