First, verify that you are entering the fully qualified domain name in the Domain field and that the domain username/password fields are correct.
Next, make sure that your server is connecting to the correct DNS server:
- Open the command console as an administrator (start->run->cmd)
- Type in "ipconfig /all" and press enter
- Find your primary ethernet adapter and look in the "DNS Servers" section. Verify that the DNS server is correct.
If the DNS server is incorrect, then follow these steps to configure the DNS server:
- Open up your control panel (start->Control Panel)
- Click on "Network and Sharing Center"
- Click "Manage Network Connections" on the left
- Right click on your primary network adapter and select "Properties"
- Left click on "Internet Protocol Version 4 (TCP/IPv4)" and click "Properties"
- Select the "Use the following DNS server addresses" radio button
- Put your primary DNS server in the first row
- If you have a secondary DNS server, put it in the second row. However, note that BOTH DNS Servers must contain the SRV record for your domain controller!
Check that your server is retrieving domain controller DC records correctly:
- Open the command console as an administrator (start->run->cmd)
- Type in nslookup and press enter
- Type "set q=srv" and press enter
- Type _ldap._tcp.dc._msdcs.Fully_Qualified_Active_Directory_Domain_Name and press enter.
- If you get a result that looks like:
_ldap._tcp.dc._msdcs.
Fully_Qualified_Active_Directory_Domain_Name SRV service location:
priority = 0
weight = 100
port = 389
svr hostname =
Domain_Controller_Host_Name
Then you are retrieving the DNS record correctly. Otherwise, your DNS records are not correctly configured.
Configure the DNS record on your server:
- If you are NOT using a Windows DNS server, contact your vendor to ask how to add SRV records. You will need to add a SRV record pointing _ldap._tcp.dc._msdcs.Fully_Qualified_Active_Directory_Domain_Name to your primary DNS server
- Connect to your Windows DNS server and open the DNS control panel (start->Administrative Tools->DNS)
- Expand the node corresponding to your server
- Expand the "Forward Lookup Zones" node
- Expand the node corresponding to your domain
- Delete the _msdcs node if it exists
- Right click on the domain node and select "New Domain..."
- Enter "_msdcs" as the name
- Right click on the new "_msdcs" node, select "New Domain...", and choose "dc" as the name
- Right click on the new "dc" node and select "Other New Records..."
- Select "Service Location (SRV)" as the record type and click the "Create Record" button
- Select "_ldap" as the service and "_tcp" as the protocol
- Enter 389 as the port
- Put in the fully qualified host name of your DC, or the IP address, in the "Host offering this service:" text box
- Click "OK" and then "Done"
- Open up the services console (start->run->services.msc)
- Right click on the "DNS Server" service and select "Restart"
- Your domain DNS record should now be set up.
If you continue to have problems, please contact technical support.
Article ID: 231, Created On: 1/4/2012, Modified: 2/22/2012