Scenario: Cluster creation fails with DomainNotFound error in Azure HDInsight

This article describes troubleshooting steps and possible resolutions for issues when interacting with Azure HDInsight clusters.

HDI Secure (Enterprise Security Package) cluster creation fails with DomainNotFound error message.

Incorrect DNS settings.

When the domain joined clusters are deployed, HDI creates an internal user name and password in Azure Active Directory Domain Services (for each cluster) and joins all the cluster nodes to this domain. The domain join is accomplished using Samba tools. Ensure the following prerequisites are met:

• The domain name should resolve through DNS.
• The IP address of the domain controllers should be set in the DNS settings for the virtual network where the cluster is being deployed.
• If the virtual network is peered with the virtual network of Azure Active Directory Domain Services, then it has to be done manually.
• If you're using DNS forwarders, the domain name must resolve correctly within the virtual network.
• Security policies (NSGs) shouldn't block the domain join.

• Deploy a windows VM in the same subnet, domain join the machine using a username and password (which can be done through the control panel UI), or

• Deploy an Ubuntu VM in the same subnet and domain join the machine

  • SSH into the machine
  • sudo su
  • Run the script with username and password
  • The script pings, create the required configuration files and then domain. If it succeeds, your DNS settings are good.

If you didn't see your problem or are unable to solve your issue, visit one of the following channels for more support:

• If you need more help, you can submit a support request from the Azure portal. Select Support from the menu bar or open the Help + support hub.