AD Connect The remote name could not be resolved: login.windows.net

In my recent project, I have faced one issue during the AD Connect installation. The issue was “The remote name could not be resolved: login.windows.net” and it was related to External DNS resolution. In my environment, there was not external DNS resolution on the Active Directory DNS server for security reason. When I have started the investigation, I have seen that all Microsoft Azure IPs and URLs were in white list on the proxy device which required for the AD Connect. If you install the AD Connect server and if you don’t have any proxy server in your environment you must have an external DNS resolution. Because during the installation The AD Connect was checking DNS server which is on network card on the machine and it was trying to connect the Azure Tenant to configure synchronisation connectors. However, if you have a proxy device, you do not need any External DNS resolution on the Active Directory DNS server.

Test script: https://gallery.technet.microsoft.com/scriptcenter/Azure-AD-Connect-Network-150c20a3

The AD Connect has two installation method from the network side, one of them with proxy the other is without proxy.

If you are using an outbound proxy device in your environment to the internet access, the following setting in the C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Config\machine.config file must be added for the installation wizard and Azure AD Connect sync to be able to connect to the Internet and Azure AD.

<system.net>

<defaultProxy>

<proxy

usesystemdefault=”true”

proxyaddress=”http://<PROXYADDRESS>:<PROXYPORT>”

bypassonlocal=”true”

/>

</defaultProxy>

</system.net>

Once you configured the machine.config file you should restart the server and start the AD Connect installation, the installation will be completed successfully.