AD Cmdlets stopped working with -Server my.domain.com

I have a server in AWS not joined to the domain. When I run AD cmdlets like Get-ADUser, I started to get a failure from my scripts that use the me.domain.com as the input for the -Server parameter. I can’t seem to figure out what in my env changed that is causing this to break after working just fine for over a year.

This works:
Get-ADUser -Identity ‘dUser’ -Server ‘dc1.my.domain.com’ -Credential $credential | Select name

This Fails:
Get-ADUser -Identity ‘dUser’ -Server ‘my.domain.com’ -Credential $credential | Select name

Get-ADUser : Either the target name is incorrect or the server has rejected the client credentials.

I have the DNS set to Infoblox.

Set-DnsClientServerAddress ‘Ethernet*’ -ServerAddresses $ipdns

FYI, I had no issues with the command you reference using the NETBIOS name as you are.

I would check DNS. What happens when you try to ping my.domain.com or do an nslookup on my.domain.com? Are the results accurate?

Thanks for the response. That is what I thought originally as well.
But when I do a nslookup, I get a list of the three-domain controllers’ IPs.
This is a strange one. I’m not sure if this is related or not, but if I change the user name from
domain\username to UPN, it starts working as well.

Update on changing the username format, it has stopped working that way as well. Does anyone have a better understanding on the whole authentication process? How are certs involved?

Is infoblox your dcs? Why would you point dns anywhere but your dns servers?

Yes, Infoblox is the DNS. the Set-DnsClientServerAddress is setting the DNS to Infoblox DNS. Not sure what you are asking?

Infoblox handles your internal dns as well?

Yes, Infoblox handles internal and external DNS. Why do you ask?

Because it sounds like a dns issue. I’m not familiar with infoblox, apologies. And in my experience the DNS is handled internally for AD.

I agree, but I need to know where to look.