Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Monday, May 7, 2018 11:13 PM
Hi guys,
We have replicated our AD to Azure and I have recently set up Azure AD Domain Services. I was trying to get an existing VM onto the domain, so I created a peering between the Azure AD domain services vnet and the VM's vnet.
Last night I was able to run "ping MyDomainName" no problem, but this morning when I run the command MyDomainName is not found.. I have not changed any settings between then and now. The DNS settings on the VM's vnet are the same as the domain services vnet.
The only thing I can think of is that something changes when the server reboots that is preventing this from working today? I was hoping to login and just do the domain join this morning but I have this headache instead!
Any help appreciated!
Thanks
MAJ
All replies (6)
Monday, May 7, 2018 11:39 PM
Is it just ping that is not working or are you still able to RDP? Generally ping is disabled by default in Azure VMs so want to clarify.
Monday, May 7, 2018 11:41 PM
Hi,
Thanks for replying!
I am able to remote into the VM fine and I am trying to send the ping from there which was working previously. I am unable to remote into the AD Domain Services as its not a VM (sorry a little unclear on what you are asking here)
Tuesday, May 8, 2018 12:00 AM
If you attempt to join the VM to the domain do you also get the cannot find the domain error?
Here are steps for joining the domain:
/en-us/azure/active-directory-domain-services/active-directory-ds-admin-guide-join-windows-vm-portal
Here are some starting steps you can take to get it working again:
Connectivity issues
If the virtual machine is unable to find the domain, try one or more of the following:
Ensure that the virtual machine is connected to the same virtual network as the one that you've enabled Azure AD DS in. If it is not connected, the virtual machine is unable to connect to the domain and therefore is unable to join the domain.
Ensure that the virtual machine is on a virtual network that is in turn connected to the virtual network in which you've enabled Azure AD DS.
Try to ping the domain by using the domain name of the managed domain (for example, ping contoso100.com). If you're unable to do so, try to ping the IP addresses for the domain that's displayed on the page where you enabled Azure AD DS (for example, ping 10.0.0.4). If you're able to ping the IP address but not the domain, DNS might be incorrectly configured. Check to see whether the IP addresses of the domain are configured as DNS servers for the virtual network.
Try flushing the DNS resolver cache on the virtual machine (ipconfig /flushdns).
If a window is displayed that asks for credentials to join the domain, you do not have connectivity issues.
Tuesday, May 8, 2018 1:09 AM
Hi,
When trying to join the domain I get an error that reads "MyDomainName could not be contacted".
Thank you for the troubleshooting tips:
- The virtual machine is peered to the virtual network of the Azure AD DS, which based on my research should be sufficient. Please let me know if I am wrong here, also the status of the peering is 'Connected'.
- Still unable to ping
- Have flushed the DNS to no avail.
Tuesday, May 8, 2018 4:43 PM
Can you try the following:
1) Create a new VM inside the same VNET as the ADDS. Attempt to ping the domain. If you can, then the issue is likely related to the peering. If you cannot ping then it would be an issue with the ADDS.
2) If the above is true, can you remove the peering and re-add it? This might fix any nuances that might have occurred from the time it was working to the time it stopped working.
Tuesday, May 15, 2018 2:57 AM
Any update on this?