Lỗi the active directory domain services is currently unavailable

     

In this article, we’ll take a look at why it’s not possible khổng lồ join a new computer to the Active Directory domain name with an error Active Directory domain name Controller could not be contacted.

Bạn đang xem: Lỗi the active directory domain services is currently unavailable


Active Directory domain Controller Could Not Be Contacted Error: What Does It Looks Like?

A user or an administrator tries lớn join a new Windows workstation or hệ thống to the domain. To do this, mở cửa the System Properties on the workstation, and press Change settings > Change. Enter a new computer name, và select that this computer should be a thành viên of a specified domain. Enter your AD domain name FQDN name. After clicking on the OK button, you may receive an error:

An Active Directory tên miền Controller (AD DC) for the tên miền “jdomain.vn” could not be contacted.

Ensure that the domain name is typed correctly.

If the name is correct, click Details for troubleshooting information.

*

How khổng lồ Fix AD domain name Controller Could Not Be Connected Error?

Here are some basic steps that should help you fix the tên miền controller connection error:


ADVERTISEMENT
Check your IP address và DNS settings;Check the Active Directory domain controller connectivity;Check DC Health (SRV DNS records, Netlogon, & Sysvol folders).

Let’s look at each of these steps in more detail.

Check the IP Settings và DNS Settings on Your Computer

Most often, this problem is related khổng lồ the wrong IP or DNS settings on your computer.


Check IP Address

First, check if your computer has the correct IP address on the primary network interface. The IP address can be obtained from a DHCP server, or manually specified in the network adapter settings. You can view the current network settings of the computer using the command:

ipconfig /all

*

Make sure your computer’s IP address matches the network it’s on. Try to lớn manually mix a static IP address, or vice versa, get the correct address from the DHCP hệ thống (select Obtain IP address automatically in the properties of your network adapter).

If the DNS server address is incorrect, change it manually or get settings from DHCP.

Make sure the DNS Client service is running using Get-Service cmdlet:

Get-Service dnscache

Then clear the DNS cache, and restart the service from the elevated command prompt:


ipconfig /flushdnsnet stop dnscache && net start dnscacheCheck if your computer can resolve the domain name to the correct IP address of the domain controller. Use the Resolve-DNSName cmdlet with the FQDN of your domain name to which you are trying to join your workstation:

Resolve-DNSName jdomain.vn

*

The command should return one or more records of DNS servers.


ADVERTISEMENT

Verify the domain Controller Connectivity

Next, check if the domain controller is accessible from the client. Xuất hiện a command prompt, & run the following commands:

ping your_domain_name.comAnd:

tracert your_domain_name.comMake sure your tên miền controller is responding and reachable.

Xem thêm: Cách Đăng Ký Internet Banking Vpbank Online, Cách Đăng Ký Và Sử Dụng Internet Baking Vpbank

Select mạng internet Protocol Version 4 (TCP/IPv4), và click Properties;Press the Advanced button, & go to the DNS tab;On the DNS tab press Add, and enter the IP address of your DNS vps (domain controller). Don’t use Public DNS IPs in preferred và alternative fields, lượt thích 8.8.8.8 (google) or 1.1.1.1 (cloudflare);

*
Click OK (if several IP addresses are listed in the DNS vps list, move the IP address of your DC khổng lồ the đứng đầu of the list);


ADVERTISEMENT

Also, make sure the computer can liên hệ the DNS vps that hosts the DNS zone or can resolve DNS names in that domain. Make sure the correct DNS server is configured on this client as preferred và the client is connected lớn this server. Confirm you can find a domain và access the domain name controller from the computer using the command:

nltest /dsgetdc:jdomain.vn

*

If your computer successfully discovered the domain and domain controller, the command should return information about the domain, AD site, & services running on the DC:

DC: \DC01.jdomain.vnAddress: \192.168.1.15Dom Guid: 4216f343-2949-21c3-8caa-6d7cbcdb1690Dom Name: jdomain.vnForest Name: jdomain.vnDc Site Name: NYOur Site Name: NYFlags: PDC GC DS LDAP KDC TIMESERV GTIMESERV WRITABLE DNS_DC DNS_DOMAIN DNS_FOREST CLOSE_SITE FULL_SECRET WSThe command completed successfully.Hint. Another helpful guide that can help you troubleshoot DC connectivity over RPC is “The RPC vps is Unavailable”.

Also, try lớn temporarily disable the built-in Windows Firewall, and all third-party applications with antivirus/firewalls modules (Symantec, MacAfee, Windows Defender, etc.), that can block network ports khổng lồ access the tên miền controller. After disabling the firewalls, try khổng lồ join the computer to lớn the domain.

Here is the minimum các mục of network protocols, ports, and services that must not be blocked in firewalls between a client và a domain name controller to lớn successfully join a device lớn the Active Directory domain:


UDP 53 — DNS traffic;TCP and UDP 88 — Kerberos authentication;TCP 135 — Remote Procedure gọi RPC Locator;TCP và UDP 139 — NetBIOS Session Service;TCP & UDP 389 (LDAP, DC Locator, Net Logon) or TCP 636 (LDAP over SSL);TCP 445 (SMB/CIFS, Net Logon);TCP 49152-65535 — RPC ports, randomly allocated high TCP ports.

Check the DNS SRV Records on the domain name Controller

Check DNS Records on your DC

If the above method didn’t help, check if in the DNS zone of your domain name controller there is an SRV record of the location of the DC.

Open an elevated Command prompt, và run the following commands:

nslookupset type=all_ldap._tcp.dc.msdcs.your_domain_name.comVerify if the specified DNS vps has an SRV record in the following form:

_ldap._tcp.dc._msdcs.your_domain_name.com SRV service location:

If the SYSVOL & NETLOGON directories are missing in the shares list:

Check the IP và DNS settings on your DC (the domain name controller shouldn’t receive an IP address from a DHCP server, use only a static IP address);Verify if the C:WindowsSYSVOL domain directory contains Policies và Scripts folders;

For example:

The tên miền name “DOMAIN_NAME” might be a NetBIOS domain name. If this is the case, verify that the tên miền name is properly registered with WINS.

If you are certain that the name is not a NetBIOS domain name, then the following information can help you troubleshoot your DNS configuration.

The following error occurred when DNS was queried for the service location (SRV) resource record used to locate an Active Directory domain Controller (AD DC) for domain name “DOMAIN_NAME”:

The error was: “DNS name does not exist.”

(error code 0x0000232B RCODE_NAME_ERROR)

The query was for the SRV record for _ldap._tcp.dc._msdcs.DOMAIN_NAME

Common causes of this error include the following:

– The DNS SRV records required to locate a AD DC for the domain are not registered in DNS. These records are registered with a DNS server automatically when a AD DC is added khổng lồ a domain. They are updated by the AD DC at mix intervals. This computer is configured lớn use DNS servers with the following IP addresses:

xx.xx.xx.xx

xx.xx.xx.xx

– One or more of the following zones vì not include delegation to lớn its childzone:

Domain_namelocal.. (the root zone)

Open the text tệp tin C:windowsdebugdcdiag.txt on the user’s computer. Carefully study the latest errors in this file. Perhaps they will point you in the right direction.

*

Most often, you can face such errors in the dcdiag.txt file:

0x0000232B — RCODE_NAME_ERROR (“DNS name does not exist”) – your computer cannot find the SRV record on the DNS server. Make sure your computer’s DNS settings are set to the IP address of your domain controller. Kiểm tra SRV records on DC;0x0000267C — DNS_ERROR_NO_DNS_SERVER (“No DNS Servers configured for local system”). In this case, it is recommended to kiểm tra your IP and DNS settings, và network connectivity;0x00002746 — WSAECONNRESET (“An existing connection was forcibly closed by the remote host”) — kiểm tra the network connectivity & firewall rules. Try to lớn restart the DNS service on the DC, or reboot the host completely.

Sometimes, in the Netsetup.log file, you can find useful information about errors in joining a computer khổng lồ an Active Directory domain. It is Windows clients log the details of the tên miền join operation. This log can be found here %windir%debugNetsetup.log. Carefully examine the errors in the Netsetup.log file, they may help you in finding the problem of not being able lớn connect to the Active Directory domain.

The most typical errors are:

An attempt khổng lồ resolve the DNS name of a DC in the domain being joined has failed. Please verify this client is configured to reach a DNS vps that can resolve DNS names in the target domain;An operation was attempted on a nonexistent network connection — restart the computer, make sure that you type the DNS name & not the NetBIOS name;Multiple connections to a hệ thống or shared resource by the same user, using more than one user name, are not allowed. Disconnect all previous connections lớn the hệ thống or shared resource và try again — reboot your device;Network name cannot be found — make sure your computer can access the DNS hệ thống hosting the domain’s DNS zone;No more connections can be made khổng lồ this remote computer at this time because there are already as many connections as the computer can accept — remove all mapped drives và reboot the computer.

Chuyên mục: Domain Hosting