|
| 1 | +--- |
| 2 | +title: Cluster creation fails with DomainNotFound error in Azure HDInsight |
| 3 | +description: Troubleshooting steps and possible resolutions for issues when interacting with Azure HDInsight clusters |
| 4 | +author: hrasheed-msft |
| 5 | +ms.author: hrasheed |
| 6 | +ms.reviewer: jasonh |
| 7 | +ms.service: hdinsight |
| 8 | +ms.topic: troubleshooting |
| 9 | +ms.date: 01/23/2020 |
| 10 | +--- |
| 11 | + |
| 12 | +# Scenario: Cluster creation fails with DomainNotFound error in Azure HDInsight |
| 13 | + |
| 14 | +This article describes troubleshooting steps and possible resolutions for issues when interacting with Azure HDInsight clusters. |
| 15 | + |
| 16 | +## Issue |
| 17 | + |
| 18 | +HDI Secure (Enterprise Security Package) cluster creation fails with `DomainNotFound` error message. |
| 19 | + |
| 20 | +## Cause |
| 21 | + |
| 22 | +Incorrect DNS settings. |
| 23 | + |
| 24 | +## Resolution |
| 25 | + |
| 26 | +When the domain joined clusters are deployed, HDI creates an internal user name and password in AAD DS (for each cluster) and joins all the cluster nodes to this domain. The domain join is accomplished using Samba tools. Ensure the following prerequisites are met: |
| 27 | + |
| 28 | +* The domain name should resolve through DNS. |
| 29 | +* The IP address of the domain controllers should be set in the DNS settings for the virtual network where the cluster is being deployed. |
| 30 | +* If the virtual network is peered with the virtual network of AAD DS, then it has to be done manually. |
| 31 | +* If you're using DNS forwarders, the domain name must resolve correctly within the virtual network. |
| 32 | +* Security policies (NSGs) shouldn't block the domain join. |
| 33 | + |
| 34 | +### Additional debugging steps |
| 35 | + |
| 36 | +* Deploy a windows VM in the same subnet, domain join the machine using a username and password (this can be done through the control panel UI), or |
| 37 | + |
| 38 | +* Deploy a ubuntu VM in the same subnet and domain join the machine |
| 39 | + * SSH into the machine |
| 40 | + * sudo su |
| 41 | + * Run the script with username and password |
| 42 | + * The script will ping, create the required configuration files and then domain. If it succeeds, your DNS settings are good. |
| 43 | + |
| 44 | +## Next steps |
| 45 | + |
| 46 | +If you didn't see your problem or are unable to solve your issue, visit one of the following channels for more support: |
| 47 | + |
| 48 | +* Get answers from Azure experts through [Azure Community Support](https://azure.microsoft.com/support/community/). |
| 49 | + |
| 50 | +* Connect with [@AzureSupport](https://twitter.com/azuresupport) - the official Microsoft Azure account for improving customer experience. Connecting the Azure community to the right resources: answers, support, and experts. |
| 51 | + |
| 52 | +* If you need more help, you can submit a support request from the [Azure portal](https://portal.azure.com/?#blade/Microsoft_Azure_Support/HelpAndSupportBlade/). Select **Support** from the menu bar or open the **Help + support** hub. For more detailed information, review [How to create an Azure support request](https://docs.microsoft.com/azure/azure-supportability/how-to-create-azure-support-request). Access to Subscription Management and billing support is included with your Microsoft Azure subscription, and Technical Support is provided through one of the [Azure Support Plans](https://azure.microsoft.com/support/plans/). |
0 commit comments