0

I installed Windows Server 2016 (server) and Windows 10 (client) on two Hyper-V machines on Windows 10 (host). On Windows Server I have the domain named 'virtualdomain', but the client cannot connect to it: enter image description here

The server local IP address is 172.18.95.85 and the host name is server1. When I ping it from server1 from the client I get:

>ping server1

Pinging server1.mshome.net [172.18.95.85] with 32 bytes of data:
Reply from 172.18.95.85: bytes=32 time<1ms TTL=128

when I ping server1 from the server I get:

>ping server1

Pinging server1.mshome.net [172.18.95.85] with 32 bytes of data:
Reply from 172.18.95.85: bytes=32 time<1ms TTL=128

when I ping server1 from the host I get:

>ping server1 -4

Pinging server1 [172.18.95.85] with 32 bytes of data:
Reply from 172.18.95.85: bytes=32 time<1ms TTL=128

What is the right way to make the domain visible to the client? Should I specify the server IP address as the DNS server? (I tired this, but it breaks the internet connection on the client).

Improve this question

1 Answer 1

Reset to default
2

First, note that Microsoft strongly recommends against using single-component AD domains. (In many cases they can be confused with 'relative' names and have the local LAN subdomain appended when they shouldn't, or they can be confused with NetBIOS domains, which Windows 10 does not support.)

KB 909264 says: "The DNS Server service may not be used to locate domain controllers in domains that have single-label DNS names."

So even if you're using a completely fake domain name, try to have at least two components in it, e.g. virtualdomain.asdf or virtualdomain.home.arpa.

What is the right way to make the domain visible to the client?

Your client must be able to resolve the domain – and subdomains – over DNS.

For example, running nslookup -q=SRV _ldap._tcp.dc._msdcs.yourdomain should return some records. Similarly, you should be able to ping server1.yourdomain, not just bare "server1".

Should I specify the server IP address as the DNS server?

It doesn't technically matter whether you achieve this by having clients directly use the domain controller as their DNS server, or whether you achieve this by using a domain name that has proper delegations from the TLD and root (e.g. ad.example.com) – both allow the clients to resolve the AD domain.

(I tired this, but it breaks the internet connection on the client).

Make sure the server itself has Internet access, and make sure its DNS service is configured to allow the clients to make recursive DNS queries.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .