question

PHCAN-9301 avatar image
0 Votes"
PHCAN-9301 asked PHCAN-9301 answered

Error joining Windows 10 via S2S VPN to AD

We have the following Lab scenario.
A Server 2019 VM in Azure with AD and DNS Services. S2S VPN to on-prem. Using WVD in Azure which all works fine. Hosts are joined to the Domain on the Azure VM. No problems! When trying to join a Windows 10 from on-prem to the domain, it joins but after the welcome message to the domain the error message below shows. Windows 10 system has DNS settings from domain and nslookup point to the DC/DNS. We can not login to the domain, the the computer object exists after joining and the DNS name in the AD object is empty.

nltest result from Windows 10
PS C:\Windows\system32> nltest /dsgetdc:xxxxxxxx.local /force
DC: \\DOM001.xxxxxx.local
Address: \\10.0.0.4
Dom Guid: xxxxxx-xxxxx-xxxxx-xxxxxxx
Dom Name: xxxxxxxx.local
Forest Name: xxxxxxxx.local
Dc Site Name: Azure-DC
Our Site Name: Azure-DC
Flags: PDC GC DS LDAP KDC TIMESERV WRITABLE DNS_DC DNS_DOMAIN DNS_FOREST CLOSE_SITE FULL_SECRET WS DS_8 DS_9 DS_10 KEYLIST
The command completed successfully

Does anyone can help. Thanks
46250-errorjointodomain-copy.png


windows-active-directorywindows-server-2019windows-10-networkwindows-dhcp-dns
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

DSPatrick avatar image
0 Votes"
DSPatrick answered
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

PHCAN-9301 avatar image
0 Votes"
PHCAN-9301 answered

Thanks for your answer. I run PortQuery.

Netbios. I checked the DNS on the Azure VM and the name is only dom001 without the domain name.
Very strange.

UDP port 137 (netbios-ns service): LISTENING or FILTERED

Using ephemeral source port
Attempting NETBIOS adapter status query to UDP port 137...

NETBIOS name for 10.0.0.4 not found (timeout)
Adapter status query failed.
UDP port: FILTERED

TCP port 42 (nameserver service): NOT LISTENING
portqry.exe -n 10.0.0.4 -e 42 -p TCP exits with return code 0x00000001.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.