Can't join machines to domain

by Danny Beckett   Last Updated June 12, 2017 01:00 AM

I've installed Windows Server 2016 Datacenter on a physical machine called LOKI. It is allocated the static IP by the router. It is also set manually in TCP/IPv4 on the NIC. The gateway is set to (the router). The Primary DNS Server is set to The Secondary DNS Server is blank. When adding the Active Directory Domain Services, and DNS roles - I chose to create a new forest: (I'm using this as the example, but it is actually set to a valid domain that I own). The NetBIOS domain name was set to ACME.

I've tried joining a physical server (BALDER) to the domain, as well as VM's running on BALDER. I have BALDER's Primary DNS Server in TCP/IPv4 set to It has a static IP assigned by the router of I've also tried setting it manually in TCP/IPv4 with a gateway of

When joining the domain, I'm using the full domain, with the TLD:

Occasionally I'm prompted for credentials. Upon entering them, I get:

Computer Name/Domain Changes
The following error occurred attempting to join the domain "":

The specified domain either does not exist or could not be contacted.

I've tried the following users:

  • acme\administrator
  • acme\db

(where db is an Enterprise Admin)

...but most of the time I immediately get this error message, before being prompted for credentials:

Note: This information is intended for a network administrator.  If you are not your network's administrator, notify the administrator that you received this information, which has been recorded in the file C:\Windows\debug\dcdiag.txt.

The following error occurred when DNS was queried for the service location (SRV) resource record used to locate an Active Directory Domain Controller (AD DC) for domain "":

The error was: "DNS name does not exist."
(error code 0x0000232B RCODE_NAME_ERROR)

The query was for the SRV record for

Common causes of this error include the following:

- The DNS SRV records required to locate a AD DC for the domain are not registered in DNS. These records are registered with a DNS server automatically when a AD DC is added to a domain. They are updated by the AD DC at set intervals. This computer is configured to use DNS servers with the following IP addresses:

- One or more of the following zones do not include delegation to its child zone:
. (the root zone)

I've ran dcdiag /fix on LOKI. All tests pass.

I've ran the following:

set type=all

On LOKI I get:

Server:  UnKnown
Address:  ::1   SRV service location:
          priority       = 0
          weight         = 100
          port           = 389
          svr hostname   =   internet address =   AAAA IPv6 address = 2a02:c7d:894d:6d00:8dce:ebee:6510:b61c   AAAA IPv6 address = fdc6:f573:1ff9:0:8dce:ebee:6510:b61c

On BALDER I get:

Server:  UnKnown
Address:  fdc6:f573:1ff9:0:7250:afff:fe35:beec

*** UnKnown can't find Non-existent domain

I've tried running this on LOKI, which completes succesfully:

dcdiag /test:registerindns / /v

I've also restarted the DNS server, and restarted the NetLogon service.

I've tried running ipconfig /flushdns on both LOKI and BALDER.

What is preventing me from joining any machines to the domain?

Related Questions

Connecting to a DC with duplicate IP addresses

Updated March 06, 2018 16:00 PM