因此,我在 Windows Server 2008 Amazon EC2 服务器上设置了 Active Directory。我认为它的设置是正确的,我从未遇到过任何错误。为了测试我是否已正确设置,我在我的网络上设置了 Windows 7 Professional 虚拟机以加入 AD。我将 VM 设置为使用 Active Directory 框作为其 DNS 服务器。我输入我的域以加入它,但我收到以下错误:
DNS was successfully queried for the service location (SRV) resource record used to locate a domain controller for domain "ad.win.chigs.me":
The query was for the SRV record for _ldap._tcp.dc._msdcs.ad.win.chigs.me
The following domain controllers were identified by the query:
ip-0af92ac4.ad.win.chigs.me
However no domain controllers could be contacted.
Common causes of this error include:
- Host (A) or (AAAA) records that map the names of the domain controllers to their IP addresses are missing or contain incorrect addresses.
- Domain controllers registered in DNS are not connected to the network or are not running.
看起来我可以与 Active Directory 通信,但是当我尝试联系域控制器时,它会提供一个私有 IP 来连接,至少这是我能理解的。以下是一些 nslookup 结果。
> win.chigs.me
Server: ec2-184-73-35-150.compute-1.amazonaws.com
Address: 184.73.35.150
Non-authoritative answer:
Name: ec2-184-73-35-150.compute-1.amazonaws.com
Address: 10.249.42.196
Aliases: win.chigs.me
> ad.win.chigs.me
Server: ec2-184-73-35-150.compute-1.amazonaws.com
Address: 184.73.35.150
Name: ad.win.chigs.me
Address: 10.249.42.196
win.chigs.me 和 ad.win.chigs.me 是指向我的 EC2 盒的 CNAME。知道我需要做什么才能将我的虚拟机加入到我设置的 EC2 Active Directory 中吗?
谢谢!
答案1
您是否启用了安全组中所有必要的端口?请参阅这邮政...
答案2
如果没有 VPN,您无法做到这一点。您的 EC2 实例正在使用 EC2 内的私有 IP 地址。当您尝试从外部机器连接到 LAN 时。因此,工作站会尝试 ping 无法到达的 EC2 DC 的 LAN IP。
您需要工作站/服务器都位于公共 IP 上,或都在同一个 LAN 中,或者工作站 LAN/WAN 和服务器 LAN 之间有 VPN。