setup DHCP ISP router with windows server 2003

[peacock_81]

I want to do the Microsoft exams, so what i have done is to set up a windows 2003 server. Initially i set it up as a DC & DNS server. Initially everything went well and i was able to join a PC to a domain. I was able to log on with two domain user accounts. Now, something went wrong and i am not sure what went wrong. The upshot of it was, when i log on with existing accounts, there is a long pause, but they do log on. They can then access the shares on the server. But i can't log on with new user accounts. When i try to logon with a new user account, there is a long pause then i get an error "The domain controller cannot be contacted...." I can ping the server by IP and if i request the name of the server from it's ip then it replies correctly.

I was advised to remove the computer from the domain, which i did, delete the computer account, recreate the computer account, which i did. Then rejoin it to the domain, there is the problem, now i can't rejoin it to the domain. The error is "An attempt to resolve the DNS names of a domain controller being joined has failed. Please verify this client is configured to reach a DNS server that can resolve DNS names in the target domain."

So it makes me wonder....just how am i supposed to set up the networking?

current setup

Router (LAN side)
dg 192.168.0.1
dns server 1: public IP1
dns server 2: public IP2

Server
ip 192.168.0.2
sm 255.255.255.0
dg 192.168.0.1

dns1 192.168.0.2
dns2 public IP1
dns3 public IP2

Pinging dc1 [192.168.0.2] with 32 bytes of data:
Ping statistics for 192.168.0.2:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),

C:\>ping -a 192.168.0.2

Pinging dc1 [192.168.0.2] with 32 bytes of data:
Ping statistics for 192.168.0.2:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),

 

[mx_mp210]

Okay the configuration seems right. I assume you are running server on separate computer and connecting it with another. So your computer must send DNS request to router first and then the same request should be forwarded form router to the DNS server.

Your problem is ,your client cannot find the dns server(connection timeout), there might be something wrong with client configuration. Go through Microsoft's guide to setup server.

Here's a checklist for setting up DNS server, you might wanna look at :
For Client:
https://technet.microsoft.com/en-us/library/cc753782.aspx
For whole DNS server:
https://technet.microsoft.com/en-us/library/cc771613.aspx

 

[robwags44]

The issue is DNS. Do yourself a favor and take the public dns addresses out of the equation for now.

 

[mx_mp210]

The issue is DNS. Do yourself a favor and take the public dns addresses out of the equation for now.

If you remove public DNS then you cannot resolve internet address in local network i.e. all DNS requests will go to local DNS server which do not have all internet dns records. If the DNS server can be configured to forward the request to public servers when it fails to resolve then it's okay to make it primary DNS server for all computers in local network.
I know it's not ideal situation but it should work along with other DNS servers.

 

[lyner10]

When you're joining a client to a domain. Make sure those clients have the DNS server address of your server.
In this case you your DCHP server should be set up as 192.168.1.x - x.254 for you range and DNS server is: 192.168.0.2 like what you said....
If you can ping the server from the client side. That only tells you that set up the networking correctly.
If you ping the server by its name domain name from the client side , that tells you set up the server right..Try pinging it by its domain name see what happens....type in ping server.local on cmd and you should get a response...if not, try clearing dns cache....type in ipconfig /flushdns

 

[mx_mp210]

In this case you your DCHP server should be set up as 192.168.1.x - x.254 for you range and DNS server is: 192.168.0.2 like what you said....

Not every network has 192.168.1.x as default config. His setup is right since he can actually ping server. You can setup your local LAN with two IP ranges : 192.168.x.x with 255.255.255.x mask or in the range of 10.x.x.x for larger networks.

The case here has this config :
192.168.0.1 -> router
192.168.0.2 -> windows server
192.168.0.3--x -> any client

The normal commands do not apply to server and this one is different case, he's trying a windows client login to his windows server
it's not same as setting up network, it's about setting up client in order to make server visible to it.

The client cannot find the host name because DNS requests are not made to windows server. But it can ping the server by IP which means the server is on same network as the client is and the host is reachable. The main problem is DNS requests are not made to windows server. SO there might be a problem setting up DNS server on windows machine. I'd suggest to go through Microsoft guide to setup DNS server again. The network config seems fine.

 

[lyner10]

My bad, I meant to type in 192.168.0.x not 192.168.1.x......but why would you login a client user to the windows server? :l

The case here has this config :
192.168.0.1 -> router
192.168.0.2 -> windows server
192.168.0.3--x -> any client

So the dchp server should hand out 192.168.0.3 - 254, 255.255.255.0
router: 192.168.0.1
dns1 :192.168.0.2
dns2: 8.8.8.8.

If the client can't find the host name then why it was able to join the domain to begin with? Isn't AD heavily depends on DNS server? Try clearing DNS cache on both server and workstation then reboot....
Everytime I would put a client to the domain, 2 things I would do...
1st ping the server by its IP
2nd ping the server by its Domain... in your case it should be ping dc1.local or dc1.com

Oh I forgot to mention....make sure the server have static IP.

 

[mx_mp210]

Still waiting for OP to answer tests, we suggested. Can't conclude anything without further reply. On correct configuration it should be able to resolve any local ips assigned by DNS i.e.
192.168.0.4 - printer.local
192.168.0.5 - webserver.local

etc. which are assigned in NS records.

 

[peacock_81]

Thank you mx_mp210
I looked at the threads and i am still going through it. To be honest, it all seems way over my head, far too complicated.
All the material seems to be aimed at people setting up rather complicated networks for internediate orgaanisation. Also,
i cannot see how it is actually helping me to troubleshoot the actual problem. I just set the server up following all the
prompts and everything went well. i was able to join the PC to the domain and then something went wrong and the DC stopped
responding. I have read nothing so far and i have read a lot that is telling me what went wrong or how i might fix it.

Thank you robwags44
I have to agree with mx_mp210, but i still tried. i remove all public ip addresses on the server side LAN connection and the
client side LAN connection. i cleared the DNS cache and waited 15 minutes. The loss of internet was immediate and after 15
minutes, i tried joining the domain and the error is the same.


Thanks lyner10
Maybe we are onto something.... I hope you can help me resolve it.

C:\>ping dc1.local
Ping request could not find host dc1.local. Please check the name and try again.

 

[peacock_81]

C:\>ping dc1
Pinging dc1 [192.168.0.2] with 32 bytes of data:
Ping statistics for 192.168.0.2:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss)
Approximate round trip times in milli-seconds:
Minimum = 2ms, Maximum = 20ms, Average = 10ms

 

[mx_mp210]

So your DNS server is located at "dc1", have you tried to config client use "dc1" as host? It seems to resolve the address itself.

 

[lyner10]

Ping DC1 should work, thats like the computer name. If you trying pinging each computer name on same network you should get a respond.

But since DC1.local doesn't work, it means there something wrong with the dns server or you forgot to put the client computer and set the dns server ip to 192.168.0.2

Check your client ip info....is the DNS server address set to 192.168.0.2?

Ok, how about this....Trying pinging dc1.local on the server side. This should work, assuming you self up the server right.
When you made a domain...did you name it dc1.local or dc1.com? we need more info. We can help but we need more data...

 

[mx_mp210]

okay there's no explanation why you keep calling dc1.local as dns server. DNS server itself is a windows machine and it's registered as "dc1" in the router. "dc1" is the host he needs to connect form client.
From what I get he's trying to setup a domain controller which will handle requests and forward to slaves i.e. clients to resolve addresses. It's an infrastructure for partially distributed DNS system.
Now you can assign any DNS record inside DNS server after setup. For example you have external host 203.245.233.101 then you can create a record pointing your webserver to that host. Our local server will take dns queries and serve the host address to external computer who requested.
The clients will be managed by Domain Controller so we don't have to worry about large number of requests, but that's another topic.

so dc1.local or dc1.com or anything will not work unless he setup server and add corresponding records. which in this case isn't happened yet. First it need to setup infrastructure and then add records to serve. Since router resolves host we are ensured that server is reachable via client machine.
Please configure client to use 192.168.0.2 as host and post the results. The ping results are correct and working, that means there's something wrong with client configuration. Or may be server/client isn't allowed in firewall service.

Please read full article in Microsoft, don't be lazy to skip steps.

 

[lyner10]

dc1.local aka domain controller1.local, when you're doing a study lab for it, this is how they put it is as. So tell me again how you put a client to a domain? When you installed AD, dns server should be automatically be installed and put dc1.local as a record. IDK what kind of book your studying but apparently you don't even know what dc1.local is.

I never said dc1.local is a dns server. When I said if you ping dc1.local on the server side. What im trying to say is that you want to ping yourself by domain name. If you cant even ping yourself that means either you messed up the DNS server configuration or your dns server address is wrong.
Even if you're knowledgeable by the book, that doesn't mean you know ho to set it up, ive seen people like that.

Server isn't reachable via client machine at all. All he did was ping, that doesn't mean anything. For all I care, I could block ping (port23) and get this working. I dont know where you get that idea. You don't even need a router to ping.

 

[peacock_81]

I logged onto the DC and typed the ping commands as before and the results are exactly the same. So there is something wrong server side

dc1:\> ping dc1
Pinging dc1 [192.168.0.2] with 32 bytes of data:
Ping statistics for 192.168.0.2:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss)
Approximate round trip times in milli-seconds:
Minimum = 2ms, Maximum = 20ms, Average = 10ms

dc1:\> ping dc1.local
Ping request could not find host dc1.local. Please check the name and try again.

 

[peacock_81]

In all my life (windows server life), i have never seen this kind of problem before and i think i know why the problem as only just surfaced.

Without exception everytime before, the DC and the client have been connected using a switch. This is the first time ever, that both client and PC are connected via a broadband router.

So when i use the switch, the connection is instant with no issues, but now i am using the router, obviously that default server set up no longer works.

I set up the server using all of the default configs for a first server, so the DNS server is there and it is running.

 

[McHenryB]

Unless I missed it, you don't say which computer is your DHCP server (presuming that you are using DHCP). It should be the Windows server - you should turn off DHCP on the router. This ensures that the clients pick up the correct DNS server details when they get an address from the DHCP server.

 

[peacock_81]

the broadband router is the DHCP server. To be honest, i wanted to turn it off on the router and the DHCP server on the server. But i couldn't get any clients to get an IP address. well thats not quite true, they did, but after a bit of delay, but none of the clients were getting internet access, so i have to keep putting the DHCP server back to the broadband router.

 

[peacock_81]

So just to reiterate, when i turned off DHCP on the BB router and made dc1 the DHCP server, the clients were picking up an IP address (after a one minute delay), but then they were not getting internet access and i still couldn't join the PC to the domain. The error was 'there are no domain controllers available to service your request...' So regretabbly, i had to put everything back to the bb router.

 

[peacock_81]

I am grateful for everyone's assistance in trying to help me out. you can be sure i am making a good note of everything you say and will keep the information with me forever. i am hoping to take the Microsoft exam.

 

[lyner10]

If you turned off the DHCP server on the router and made the dc1 the dhcp server and yet your client isnt getting any internet access could mean that you forgot to hand out the dns server address to clients, or DNS server was off, you forgot to hand out the default gateway.

Try this please, go to the client's computer and make everything STATIC IP, meaning you have to assign the client ip address manually. Put
192.168.0.100 IP
255.255.255.0 for netmask
192.168.0.1 for default gateway
192.168.0.2 for DNS Sever Address

Open command prompt then type in" Ipconfig /flusdns "without the quote
then Ping dc1.local.
Wait just to be sure, did you name the extension ".local" when you made the AD?(I need an answer on this)
if that didn't work. Go back to server and open DNS server, and make sure the DNS server is functioning.

If all things fail. Type in Ipconfig /all on both client and server. We need to see the configuration like DHCP server, DNS server address....

Like you see the text below.

IPv4 Address. . . . . . . . . . . : 192.168.253.82
Subnet Mask . . . . . . . . . . . : 255.255.252.0
Lease Obtained. . . . . . . . . . : Monday, April 2
Lease Expires . . . . . . . . . . : Monday, April 2
Default Gateway . . . . . . . . . : 192.168.252.1
DHCP Server . . . . . . . . . . . : 192.168.252.3
DHCPv6 IAID . . . . . . . . . . . : 242803712
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-

DNS Servers . . . . . . . . . . . : 8.8.8.8
NetBIOS over Tcpip. . . . . . . . : Enabled

 

[McHenryB]

I agree. It sounds as if the clients are getting the wrong DNS server address, probably that of the router. This won't have the correct records to locate a DC. (These are not normal A records; they are SRV records.) For AD to work the client needs to be able to locate a DC; simple pinging is not enough. It's similar to the way that a mail server needs an MX record; more information is needed to locate a server than simply a name to IP address lookup.

It is the recommended setup that DNS and DHCP are both handled by a DC.

 

[peacock_81]

answering lyner10
full computername: dc1.carolina.local
Domain: carolina.local

I fixed the ip address and flushed the DNS cache (on the client)
The ping to dc1.carolina.local was the same as before

On the server this now working



On the server
C:\>IPCONFIG /ALL

Windows IP Configuration

Host Name . . . . . . . . . . . . : dc1
Primary Dns Suffix . . . . . . . : carolina.local
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : carolina.local

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : ADMtek AN983 based ethernet adapter
Physical Address. . . . . . . . . : 00-30-05-2F-1A-55
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.0.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.0.1
DNS Servers . . . . . . . . . . . : 192.168.0.2

C:\>

 

[peacock_81]

The funny thing is, when you attempt to join the server to the domain, the pop up box enter username and password is immediate. It just won't join the domain, error given at the top of this post.

 

[lyner10]

Go back to the client and ping dc1.carolina.local
and post the ipconfig /all here.