active directory domain controller could not be contacted fix

Fix: Active Directory Domain Controller Could Not Be Contacted


In this article, we’ll take a look on why it’s not possible to join a new computer to the Active Directory domain with an error Active Directory Domain Controller could not be contacted.

What does Active Directory Domain Controller Could Not be Contacted Error Looks Like?

A user or an administrator tries to join a new Windows workstation to the domain. To do this, on the workstation open the System Properties, press Change settings -> Change. Enter a new computer name and select that this computer should be a member of a specified domain. Enter your AD domain name. After clicking on the OK button, you may receive an error:

An Active Directory Domain Controller (AD DC) for the domain “theitbros.com” could not be contacted.
Ensure that the domain name is typed correctly.

If the name is correct, click Details for troubleshooting information.

active directory domain controller could not be contacted

Сlick the Details button for more information about the error. In most cases, there you will see an error “DNS name does not exist” (error code 0x0000232B RCODE_NAME_ERROR).

First of all, check if your computer has the correct IP address of the network interface. The IP address can be obtained from a DHCP server or manually specified in the network adapter settings. The current network settings of the computer can be obtained using the command:

ipconfig /all

active directory domain controller could not be contacted ipconfig

Next, check if the domain controller is accessible from the client. Open a command prompt and run the following commands:

ping your_domain_name.com

And

tracert your_domain_name.com

Make sure that your domain controller is responding and reachable.

active directory domain controller could not be contacted tracert

Note. In addition, it is desirable to check the availability of the domain controller from other workstations on the same subnet.

If the DC is reachable, try to add the received IP address as a DNS server in the Advanced TCP/IP settings of your network connection.

  1. Open Control Panel -> Network and Internet -> Network and Sharing Center -> Change adapter settings;
  2. Select network adapter that is connected to your corporate network, right click on it and select Properties;
    ad domain controller could not be contacted
  3. Select Internet Protocol Version 4 (TCP/IPv4) and click Properties;
  4. Press Advanced button and go to the DNS tab;
  5. On the DNS tab press Add and enter the IP address of your DNS server (domain controller);
    active directory domain controller could not be contacted
  6. Click OK (if several IP addresses are listed in the DNS server list, move the IP address of your DC to the top of the list);
    active directory domain controller could not be contacted tcp ip
  7. Save the changes and restart the workstation;
  8. Try to join your workstation to the AD domain.

Check if in the DNS Zone of Domain Controller Has a SRV Record

If the above method didn’t help, check that in the DNS zone of your domain controller there is a SRV record of the location of the DC.

Open an elevated Command prompt and run the following commands:

nslookup

set type=all

ldap._tcp.dc.msdcs.your_domain_name.com

Verify that the specified DNS server has SRV record in the following form:

ldap._tcp.dc._msdcs.your_domain_name.com SRV service location:

active directory domain controller could not be contacted nslookup

In the event that the specified SRV record is missing, your computer is configured to use a DNS server that does not have an SRV record of the location of the domain controller.

Verify that the domain controller is configured to use the same DNS server, or check if the replication to the DNS server that the client using is successful. Also, make sure that the DNS server allows dynamic updates.

Restart the Netlogon service on the domain controller, it will register the necessary SRV records on the DNS server.

You may also like:

Installing Active Directory Users and Computers MM... One of the main Active Directory domain management tools is the MMC snap-in Active Directory Users and Computers (ADUC). The ADUC snap-in is used to p...
FSMO Role: Infrastructure Master We continue the series of articles about FSMO roles in the Active Directory domain. This time, we will take a closer look at the FSMO role — Infrastru...
Change Default OU permissions in Active Directory By default, each newly created organizational unit (OU) in the access list includes read permission for the group Authenticated Users (built-in group)...
How to transfer FSMO Roles From a Failed Domain Co... In case domain controller, which owns FSMO (Flexible Single Master Operation) roles, is fail (virus attack, fatal software problems or catastrophic ha...
How to hide specific OU in Active Directory The first thing you see while opening Active Directory Users and Computers (ADUC) snap-in is AD containers (Organization Unit, OU), in which user acco...

Add Your Comment