Hello All,
The issue is resolved after the network team allowed the required ports in network firewall.
When we had a call discussion with the network team, they claimed nothing is blocked.
But however when we tested the connection of required ports by using PowerShell, we found connectivity is blocked.
UDP Port 88 for Kerberos authentication,
UDP and TCP Port 135 for domain controllers-to-domain controller and client to domain controller operations.
TCP Port 139 and UDP 138 for File Replication Service between domain controllers.
UDP Port 389 for LDAP to handle normal queries from client computers to the domain controllers.
TCP and UDP Port 445 for File Replication Service
TCP and UDP Port 464 for Kerberos Password Change
TCP Port 3268 and 3269 for Global Catalog from client to domain controller.
TCP and UDP Port 53 for DNS from client to domain controller and domain controller to domain controller
TEST from NEW server to domain controller
Test-netconnection 10.10.10.10 -port 445
Test-netconnection 10.10.10.10 -port 88
Test-netconnection 10.10.10.10. -port 138..........etc
After network team allowed those ports in firewall, we are able to create new tree domain and able to join domain.
If its failed, the windows or network firewall is blocking the ports...!!
Regards,
Ram