Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

DHCP and Internet Access 4

Status
Not open for further replies.
Genimuse

Genimuse

Programmer
May 15, 2003
1,797
US
Sorry for the basic question, but no amount of searching here or Googling seems to provide me with what I need to know.

I'm helping manage a small network, a dozen workstations and a server. So far we've just had Win2k Pro on all of the machines and have handled security and logons and such on a machine-by-machine basis (there are also a couple of Win 98 machines running legacy apps). A Linksys DSL router provides DHCP service for every computer.

Now I'm installing Win2k Server on the server. I've spent the week trying to make things work, but have had no real success.

So my basic question (finally!) is this: Does the Win2k server need to be providing DHCP for the workstations now, instead of the router, in order for them to be part of the domain?

Also, the organization has a domain name, with their website hosted on a shared server somewhere else. I have no interest in bringing the website in-house, but am confused about what domain name to use for the internal network? Should I use the same domain name, and somehow set up the DNS so that requests to automatically go outside the network, or should I uses a ficticious domain inside, or... sorry, I just don't understand how this is supposed to work.

(And I'm feeling especially dense as I have two books on Win2k Server and still can't grasp these basics.)

Thanks in advance for any help you can provide.
 
Sort by date Sort by votes
hi, dont worry about it we have all been there.
setting up the basic domain is very simple. You dont need the win2k server to handel DHCP this can still be done with the router. As far as the Domain name its self goes, again if you have no plans to do any hosting call it what ever you like as the outside world will not see it because it is behind your router. On the Manage my server screen just follow the domain wizard, set up users and then tell the client PC's to log on to the doamin. You might want to set the server with a static IP though.

try that any probs post back
 
Upvote 0 Downvote
Static IP on the server is a must. If you can stand the down time to restructure, consider setting up DHCP from the Domain Controller as well as DNS. Setup DNS forwarders to resolve outside DNS requests. Consider naming your domain "mydomain.local", so if you ever do purchase your legal .com / .net /.biz ect name, you will have no issues there. (although it is possible to use "mydomain.com" both inside and out - details). There is lots of info on this site as well as the web to get things rolling. Remember that W2k is completely dependent on DNS.

scottie
 
Upvote 0 Downvote
I'm having the same issues I was having before. When DNS tries to install, and when Active Directory tries to install, it always fails with an error indicating that "The network location cannot be reached."

But I never even specified any network location. I mean, yeah, I gave my domain a name, but what would it be trying to reach?
 
Upvote 0 Downvote
well.. do you have a static IP address??? i got that error once.. and i got fed up and reinstalled..

BTW.. install your DNS before you install your active directory.. i think windows server 2003 does them together now..

also.. if your going to do DHCP, do it now.. i would suggest that you DO DHCP!!! i realy like having a dhcp server.. you can monitor the webpage’s that users go to because of your DNS... you can still do it without the DHCP on the server, but then you must statically assign every DNS address.. "if you want the added functionality"

now about the webpage.. i would have that hosted cheep.. outside your network.. i never like the idea of hosting pages on the same DC..

you would need a firewall, between you an the internet.. then your web server would be on the outside of that firewall.. because you dont want to try and open ports on your DC.. because someone can realy do some damage..

when you install a domain.. also be carful.. because you dont want to call your domain asus.com.. then you wont be able to go to lol..

so.. i suggest you name your domain whatever.local then just have your page hosted.. CHEEP.. ++ dsl aint to fast

i worked with windows 2000 for a while then i switched to 2003..

so if you have any questions, just ask.. if you need help setting up active directory for the first time.. just ask.. lol

i remember when i first tried to do all that.. and i also remember when i first joined my computer to my domain.. i was jumping up and down lol... i could not believe the message.. "welcome to asus.local"

i was expecting things not to work



also keep in mind.. what will your users be doing..

do you need alot of security for sensitive files??

or is it just a setup so users can log on, have there files backed up ect..

also think about this.. will you be using roaming profiles

they can be a pain in 2000

its much better in 2003..
 
Upvote 0 Downvote
Ok, it seems that the problem was related to not getting my LAN card drivers installed before trying to set these things up. Seems to work ok now, though now installation of SP4 keeps crashing. I'm sure I'll get that eventually.

I think I know how to do the DNS forwarding, but... if the workstations are using DHCP from the Linksys, how can I set the server as their source for DNS: isn't it all or nothing? (All automatic or all manual.)
 
Upvote 0 Downvote
sometimes if you have a decent router.. you can set it to hand out your OWN DNS address.. if not.. you will need a dhcp .. "that is VERY VERY EASY" to setup...
 
Upvote 0 Downvote
It may be possible for your router to pass down gateway, dns, wins info, this is really dependent on the device's capabilities.

W2k's DHCP server will do this and more. If I remember correctly, DHCP servers must be authorized in Active Directory for them to work. If this is true, then by design, the Domain Controller should be attempting to shut down this service on your router. (or something along these lines) The point here is that it is best practice (not mandatory) to use the server services (wins, dns, dhcp, ect.) of the windows 2000 server in a 2000 enviroment. This will centralize administration, trouble shooting, hot fixes and will guarantee compatability in the network and future expansion success.

Infrastructure becomes painful to move and change once the network is established and running. Completing as many changes as possible during any scheduled downtime can be a good thing.

good luck
scottie

 
Upvote 0 Downvote
Thanks very much to all. Here's what I think I'm going to do this afternoon, then: please tell me if it makes sense.

0. Give server a static IP address and use the DSL service provider's DNS so it can reach the internet (already done).

1. Set up DNS forwarding for all non-internal addresses to the DNS servers of the DSL service provider.

2. Install DHCP on my server and turn it on.

3. Just about simultaneously with #2, turn off DHCP on the DSL modem (on the LAN side, obviously not on the WAN side).

Then... what, manually tell all the workstations to re-request DHCP info? I'm concerned that their old DHCP info won't expire for a while.

Does that make basic sense, or am I misunderstanding how it should work?
 
Upvote 0 Downvote
from the workstations you can run ipconfig /release
then ipconfig /renew

have the workstations been joined to the domain?

you have to authorize the dhcp server in active directory before it will start accepting requests for addresses. just right click the server name from the dhcp server management console and choose to authorize it. it will take a second but it should go from red to green (arrow that is).
 
Upvote 0 Downvote
Hmm. Well, I've managed to install everything without error now, but I still can't get things to work. Here are the specific problems:

1. After configuring DNS I installed DHCP and configured it (I think correctly, based on two different books I bought). However, after turning off DHCP on the dsl router and running an ipconfig /release and /renew on one of the machines, it's failing to find DHCP info. (Yes, I authorized the DHCP server, fyi.)

2. I can't seem to log into the domain from a workstation. The domain is called Clinic.local, and when I try to change the network info on a workstation (in the System Properties control panel, Network Identification tab, via the "Network ID" button or the "Properties" button), it fails to find the domain.

Of course the two could be related. :)

Sorry again that these are such basic questions. I'm normally a pretty smart guy but I know that I'm just not grasping something basic. Any thoughts?
 
Upvote 0 Downvote
If the DHCP server is online and working, then maybe the client has something hard coded in the TCP/IP config?

try a ipconfig /all from the client. what is the address, the subnet mask , the dns servers listed ? is this old info? especially look at the dns server address. this must be YOUR dns server.

per your 2nd question, i suspect DNS is the issue. (at least from this vantage point)

scottie
 
Upvote 0 Downvote
It's not old DHCP info... at least I don't think so. I did a release and renew while both DHCP servers were running and it (after a moment) picked up DHCP info from the dsl modem. Then I shut off the DSL modem's DHCP server and released and renewed the workstation, and it hung for a very long time, eventually timing out with no DHCP info. I turned the DSL modem's DHCP server back on and renewed and, after a moment, got DHCP info from the modem. (The workstation is set for all dynamic info.)

I suspect that, even though my DHCP server (on the server) is on and authorized, somehow it's not giving out numbers. I gave it a good-sized range and the appropriate subnet mask. Perhaps I misconfigured it somehow.

And I agree on the DNS, that I probably set it up wrong somehow, but I followed the directions from Microsoft's site, all of which semed to make sense, including how to do DNS forwarding.

I'd break down and hire someone, but I'm doing this work gratis for a non-profit medical clinic and while they can't afford to hire someone, neither can I, really.

Thanks much for the suggestions.
 
Upvote 0 Downvote
The DNS setup is as straight forward as it reads. Not too complicated. For starters, you should not be running 2 DHCP servers at the same time. (well not in this enviroment)

Sanity Check:

1. Clients are setup to automatically get IP Address and DNS. NO static information.
2. W2K DHCP is Authorized and running
3. W2K DHCP has a Scope defined and the DNS Scope Option is
set up with the correct DNS (your Domain Controller)
address.
4. Clients are joined to your Domain.
5. Don't worry about the outside internet yet, just shut down
the DSL Modem.
6. Reboot the Server
7. Make sure DNS is running, DHCP is running,
8. Reboot the client machines.

 
Upvote 0 Downvote
Item 4 is no good. It won't join the domain (says it can't find it). I'll do 6, 7, and 8 shortly. And thank you again.
 
Upvote 0 Downvote
Genimuse,

If I might ask, from an IPCONFIG /ALL, what is the

1. IP Address
2. Mask
3. Gateway
4. DNS server

listed for a client machine?

What is the Address and Mask of your Domain Controller (this is also the DNS server, yes?)

scottie
 
Upvote 0 Downvote
On the client, right now via DHCP from the DSL modem, the info is:

IP Address: 192.168.1.110
Subnet Mask: 255.255.255.0
Gateway: 192.168.1.1
DNS Servers: 205.171.2.65 and 205.171.3.65 (Qwest)

On the server, the information is as follows:

IP Address: 192.168.1.202 (manually set to not conflict)
Subnet Mask: 255.255.255.0
Default Gateway: 192.168.1.1
DNS Servers: 192.168.1.202 (itself)

Then in DNS (on the server) I have the 205.171.3.65 and 205.171.2.65 set up as forwarders. For Forward Lookup Zones I have clinic.local, which has name server as alice.clinic.local (alice is the name of the server), and the Host (same as parent and "alice") as 192.168.1.202.

For DHCP, for scope I chose 10.0.0.1 through 10.0.0.100. The router is set to 192.168.1.1 (should that be 10.0.0.1?). The DNS servers is set to 192.168.1.202. The DNS Domain Name is set to Clinic.local.

So... frankly I don't know what's wrong, but then I don't know what I'm doing very well. What seems illogical or outright wrong? What else can I tell you?

Again, thanks so much for your patience. I know that these repeated back-and-forth newbie questions can be frustrating (as someone who's responded to them in the forums where I actually know something). :)
 
Upvote 0 Downvote
Your problem is that your client is asking the outside DNS server for DNS queries. You need to change your DHCP Server to hand out the 192.168.1.202 as the ONLY DNS server. Once you do this, then your workstations will be able to query info about the clinical.local domain, and not any time before that.

You COULD also add 205.171.3.65 and 205.171.2.65 as secondaries incase your server went down, then your users could still play in the internet. But do not let them be primaries!! You have to make the 192.168.1.202 the primary DNS server.

Ken
 
Upvote 0 Downvote
Hmm, I'm confused. I'm not trying to let them be primaries -- on the server they're only set as Forwarders, which as I understand it should only come into play if the local server can't resolve the name.

The reason that the workstation currently shows the outside DNS is because it's getting its DHCP info from the DSL router. When I turn its DHCP off so that only the Win2k server is providing DHCP and then release and renew, the workstation can't get DHCP info (can't find it from the Win2k server, just times out).

So... while I know that I don't want the workstation to have that outside DNS, if the workstation can't get DHCP info from the server, it ends up with nothing and won't work at all.

Which leaves me with trying to understand why the workstation can't seem to get DHCP info from the server. I think.
 
Upvote 0 Downvote
so your scope is 10.0.0.0/24 but your DNS server (and Domain Controller) is in the 192.168.1.0/24 address space?

Those are 2 different network address spaces. If a client requests an address from your DHCP server and is offered a 10.0.0.0/24 address, but the DNS server (and AD DC) is in the "other network" 192.168.1.0/24, then they will never be able to resolve DNS and thus find Service Records for a Domain Controller to attempt Login. You need a Scope with and address range that the DNS server and a Domain Controller resides on.

Yes you can use that address space, but you will need an DC with DNS and GC running in that network, then you can route traffic to the 192.168.0.0/24 network, but that will not be necessary here.

Change the scope to 192.168.1.0 - 192.168.1.200 (or so) and keep the upper addresses .201- .254 for static ip's.

Get the local LAN working first, then work on the outside internet connection.

scottie

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

nukeinfer
  • Locked
  • Question
Internet restrictions for isolated PCs in the Network
Replies
1
Views
194
mangentle
mangentle
tscstl
  • Locked
  • Question
access to local folder
Replies
1
Views
119
hairlessupportmonkey
hairlessupportmonkey
StevenFromSouth
  • Locked
  • Question
VPN Connects but cannot access remote network computers or folders
Replies
1
Views
113
StevenFromSouth
StevenFromSouth
bechna
  • Locked
  • Question
Windows Server and VPN Setup
Replies
1
Views
101
DrB0b
DrB0b
iCDT
  • Locked
  • Question
Remote Desktop Web Access ( No application available)
Replies
2
Views
117
hairlessupportmonkey
hairlessupportmonkey

Part and Inventory Search

Sponsor

Back
Top