My dc on azure vm with active directory and i have configure point to site vpn . can i join my on-premise laptop in domain RRS feed

  • Question

  • Hello Support,

    My dc on azure vm with active directory and i have configure point to site vpn . can i join my on-premise laptop in domain.

    My laptop is not find domain controller. Please help to join domain  

    Please find the error message when i try to join domain 

    Note: This information is intended for a network administrator.  If you are not your network's administrator, notify the administrator that you received this information, which has been recorded in the file C:\Windows\debug\dcdiag.txt.

    The following error occurred when DNS was queried for the service location (SRV) resource record used to locate an Active Directory Domain Controller (AD DC) for domain "adfstestpk.com":

    The error was: "DNS name does not exist."
    (error code 0x0000232B RCODE_NAME_ERROR)

    The query was for the SRV record for _ldap._tcp.dc._msdcs.adfstestpk.com

    Common causes of this error include the following:

    - The DNS SRV records required to locate a AD DC for the domain are not registered in DNS. These records are registered with a DNS server automatically when a AD DC is added to a domain. They are updated by the AD DC at set intervals. This computer is configured to use DNS servers with the following IP addresses:

    - One or more of the following zones do not include delegation to its child zone:

    . (the root zone)

    • Edited by IT.Pradeep Saturday, October 1, 2016 7:28 PM
    Saturday, October 1, 2016 7:21 PM


  • Hi Pradeep,

    Thank you for posting here! We are happy to assist you.

    1. Please make sure that you don't have missing DNS records (The missing DNS records are mentioned in the error messages). Also, make sure that you don't have a firewall / router that is blocking traffic between the two entities.

    2. I recommend to you to disable all security software’s and internal firewalls. Once solved, enable them again.

    If you get this while trying to join a box to the domain, point the box to the DC’s DNS IP.

     Based on the error code; Refer to the below mentioned link for the suggestion;


    Click here: For more informationon this issue.

    Note: AAD DS is not intended for joining client machines to, its just to bring On-Prem Apps to the cloud which cannot be modified to use Azure AD or other services directly.

    But since it is a generic domain controller (with some limitation) you can technically of course join clients to it, but you need to have an VPN to the virtual network the AAD DS services are assigned to.

    Disclaimer: This response contains a reference to a third party World Wide Web site. Microsoft is providing this information as a convenience to you. Microsoft does not control these sites and has not tested any software or information found on these sites; therefore, Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there.

    There are inherent dangers in the use of any software found on the Internet, and Microsoft cautions you to make sure that you completely understand the risk before retrieving any software from the Internet.

    Sumanth BM

    Sunday, October 2, 2016 5:34 PM