New
#20
My situation may not be of interest to this audience, but I was able to join my laptop running Windows 8.1 Pro x64 to a domain managed by Synology Directory Server as DC, without disabling IPv6. Since joining the domain, the laptop seems to take longer to boot, but I do not have objective measurements. Some sources say that this could be due to delays caused by attempting to contact the primary DNS (also on the Synology NAS) via IPv6. I haven't been motivated to analyze this more deeply, as I plan to migrate the laptop to WIndows 10 soon. Thanks for your response!
Windows Server has evolved a lot during past years. My tutorial about creating a domain controller in Windows Server 2016 was written in early 2016, and was still completely based on Windows Server 2012.
The DNS system has been evolved maybe even more than Windows Server itself. The current status can be read at Microsoft Docs: https://docs.microsoft.com/en-us/win...-in-dns-server
Back in time, it was recommended that a network DHCP server should be used in Server as primary DNS server, and IPv6 should be disabled. Using localhost 127.0.0.1 as DNS server when IPv6 is disabled gives server or PC no network access.
Today, with Windows Server versions 2016 and 2019, IPv6 does not have to be disabled. However, if using IPv6, the server's primary DNS server should be set to localhost 127.0.0.1 instead of local DHCP server, for instance 192.168.1.1.
I take the full blame on this topic: My domain controller tutorial was based on older recommendations, and this tutorial from Brink was based on my tutorial.
It is totally OK today to use IPv6 in Active Directory domain.
Kari
@Karl, thanks for the clarification. I'm not sure how relevant the reference is, since I am not running a Windows Server.
@Brink, A quick look at the events log showed a couple of timeouts trying to start NordVPN services, even though I had VPN turned off by default. After uninstalling NordVPN, startup is significantly faster, but still not what I would expect from a system running off SSD. OTOH, WIndows is notorious for slowing down over time, so maybe it will run faster after a clean install of Windows 10.
Further examining the Windows events log turns up the following recurring error, which appears to be the cause of the slow startup problem:
Does anyone have a suggestion as to how I can fix this?Error 1055:
The processing of Group Policy failed. Windows could not resolve the computer name. This could be caused by one of more of the following:
a) Name Resolution failure on the current domain controller.
b) Active Directory Replication Latency (an account created on another domain controller has not replicated to the current domain controller).
I have refined my LAN significantly since my last post above, and things are now working smoothly. I suspect that the errors were caused by DNS problems. I want devices which belong to my local domain to use the DC's DNS, but other devices should use my ISP's DNS. My workaround was to use the preferred address assignment of the DHCP on my ASUS router, which also allows me to assign a DNS address to those clients with an assigned IP address.
@Karl, Perhaps I dismissed your statement, prematurely.
Would this also apply to a DC which doesn't run Windows Server? Does this mean that the server DNS resolves *all* names to IPv6 addresses? If not, where / how does it get any IPv4 addresses?