I'm a Computer Science teacher trying to boost my school's computer lab with 29 student PCs. There's no dedicated IT support, so I'm setting up a Windows Server 2016 VM in VirtualBox to serve as a Domain Controller. This will help me manage the PCs via Group Policy for security and updates.
Currently, I can ping the server from the Windows 11 Pro student PCs, but they can't join the domain and show the error: "An Active Directory Domain Controller for the domain lab.local could not be contacted." DNS requests are timing out, and the PCs lose internet connection when I set their DNS to the server's IP.
Here's how everything is set up:
- Host PC: Lenovo running Windows 11, IP 10.1.3.58
- Server VM: Windows Server 2016 with a static IP of 10.1.3.200, DNS set to 127.0.0.1, and Forwarders configured to my ISP's DNS.
- Student PCs are using DHCP on the 10.1.3.x subnet and have their DNS manually set to the server's IP.
I've confirmed that:
1. The PCs can ping the server.
2. SRV records exist in the Server's DNS.
3. The necessary services are running.
4. Firewall settings are temporarily turned off for testing.
5. Clocks are synchronized across the network.
6. IPv6 is disabled.
The issue seems rooted in DNS since 'nslookup' on the student PCs fails and shows a timeout. Any tips on fixing the DNS communication so I can finally get my students connected to the domain would be greatly appreciated!
4 Answers
It sounds like the core issue is DNS. If you can ping the server but can't resolve the domain name, then your DNS setup is probably off. In the command prompt, run `nslookup` and specify your server's IP to see if it responds. If it does, check the DHCP and DNS settings on the student PCs. If there's an issue there, try running a `Test-NetConnection -Port 53`.
Make sure the firewalls on the student PCs are set correctly—switch them to Domain when everything's re-enabled. Also, change the server's DNS setting from 127.0.0.1 to its own IP (10.1.3.200) so it can respond on port 53. After adjusting that, restart the DNS service using `net stop dns` followed by `net start dns`. Then, try `nslookup lab.local` again.
Ensure that your DNS service is running properly on the server. Since they're on the same subnet, you should also check if UDP port 53 is open on the Windows firewall. Check that everything is configured correctly in both DNS and Active Directory for requests to be acknowledged.
You're on the right track with the setup, but remember that if the server isn't handling DHCP yet, the students need to have their DNS address pointed to the domain controller correctly. Also, have you tested DNS functionality from the server side to see if it's truly operational?
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures