Issues setting up FSx with self managed active directory

You can create a "DHCP option set" for your VPC containing the IPs for your Domain controllers.

Otherwise provide the IPs in the wizard while creating the FSX

If you are doing this from cloudformation you can also enter your domain controllers IPs in "DnsIps" under "SelfManagedActiveDirectoryConfiguration"

FSx1:
    Type: "AWS::FSx::FileSystem"
    Properties:
      FileSystemType: "WINDOWS"
      StorageCapacity:
        Ref: StorageCapacity
      SubnetIds:
        - Ref: Subnet1
        - Ref: Subnet2
      SecurityGroupIds:
        - yoursecgroup

      WindowsConfiguration:
        WeeklyMaintenanceStartTime:
        DailyAutomaticBackupStartTime: 
        ThroughputCapacity: 
        AutomaticBackupRetentionDays: #
        CopyTagsToBackups: true
        DeploymentType: "MULTI_AZ_1"
        PreferredSubnetId:
        SelfManagedActiveDirectoryConfiguration: 
          DnsIps: 
            - #.#.#.#
            - #.#.#.#
          DomainName: 
          OrganizationalUnitDistinguishedName:
          Password: !Join [ "", ["{{resolve:secretsmanager:",!Ref "SecretObject",":SecretString:password}}"]] # '{{resolve:secretsmanager:<SecretObject>:SecretString:password}}'
          UserName: !Join [ "", ["{{resolve:secretsmanager:",!Ref "SecretObject",":SecretString:username}}"]] # '{{resolve:secretsmanager:<SecretObject>:SecretString:username}}'

Also, see the password and Username parameters consumed from secrets manager (you need to pass that to join nodes to your domain)

For any of those options make sure that those IPs are reachable in UDP/TCP 53 from your VPC