DNS Help... newbie here 2

[cranebill]

I believe i am having DNS issues but am not for sure about this. So i tried to gather all the info i could to post this question.
I have a 2000 Advanced Server as a domain controller. This is set up as a new domain. I have 2 nic's installed. One for Interent... one for lan. ICS is enabled. I have set up OU's in the Active Directory and when i try to apply Group Policy settings to the OU i get this error:

Domain Controller not Found for Sample.com

The Domain Controller for Group Policy Operation is not available. You May cancel this operation for this session or retry using one of the following:

1. The one with the operations Master Token for the PDC emulator.

2. The one used by the active directory snap-ins

3. Use and available Domain Controller

(none of these work)

I have asked around these forums and everything seems to check out although it has been said i may have a DNS issue.

Right now i have one WorkStation (XP Pro) connected to the Domain . I have run nslookup and this WorkStation and this is what i recieve:


*** Can't find server name for address 192.168.0.1: Non-existent domain
*** Default servers are not available
Default Server: UnKnown
Address: 192.168.0.1

This really doesnt make alot of sense to me since i am connected to the domain.

I also ran ipconfig on the server to determine ip configuration and this is what i have:
Windows 2000 IP Configuration

Host Name . . . . . . . . . . . . : server
Primary DNS Suffix . . . . . . . : Sample.COM
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Sample.COM

Ethernet adapter Internet:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : D-Link DFE-530TX+ PCI Adapter
Physical Address. . . . . . . . . : 00-50-BA-B5-99-71
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : X.X.X.X(These Values Provided by Internet Provider)
Subnet Mask . . . . . . . . . . . : X.X.X.X
Default Gateway . . . . . . . . . : X.X.X.X
DNS Servers . . . . . . . . . . . : X.X.X.X
X.X.X.X

Ethernet adapter Local Area Network:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : HP NetServer 10/100TX PCI LAN Adapte
r
Physical Address. . . . . . . . . : 00-90-27-C3-F3-11
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.0.1
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : Same as DNS Above

Does this all seem right... or no?

Bill

 

[cranebill]

Well it didnt have a scope.... but it did however have a folder server options.. i went to dns... listed lan nic as fist.. then preferred dns from isp, then alternate dns from isp. I went to another machine and tried to ipconfig /renew and it timed out

Bill

 

[cranebill]

I just tried to renew ip on this machine as well.... timed out.. couldnt reach DHCP server... i am going to try and reboot just for giggles... and yes they do let me out for lunch... sometimes lol

Bill

 

[zoeythecat]

I'm not sure that you need Internet Connection Sharing unless you are connecting to the Internet over a modem I believe. Or you can check this article and post back here that you really need ICS configured==>

http://support.microsoft.com/defaul...port/kb/articles/Q234/8/15.ASP&NoWebContent=1

If you don't need this I would recommend removing the Internet Connection Sharing. Then in DNS under Forwarders you want to enter the IP Address of your ISP. If the area you enter the IP address is greyed out you have to delete the "." zone for your root server in DNS you need to delete that zone then go back into forwarders and enter the IP Address of your ISP. Then recheck your DHCP server and check the DNS 006 and 015 entries and make sure they are correct.

If you can post here the following:
(1) informataion on how your DNS server is configured (list all the settings such as the forwarders, etc)
(2) list settings here from your DHCP server. Post the options you have listed.
(3) Also post how your clients are configured. Are they configured to grab an IP Address from a DHCP server (I.E- do you have them configured statically or to get an ip address automatically)

 

[wbg34]

OK it sounds like your server is not serving dhcp. So something else must be unless you manually assigned all the ips for your clients. So you need to find out if or what is (it is most likely the router that you use to connect to the internet). Once the dhcp server is found you can do one of two things. Either configure the dhcp server to give your servers ip as the dns server. Otherwise you can disable it and setup DHCP on your DC. I would go with the first choice because it will be quicker to configure (you can switch things over to your dc later if you desire).

Lets try and find out what is giving the dhcp info. Go to a client and right click on network neighborhood --> select properties --> Right click on local area connections --> select properties. Select internet protocol and click on properties. On the general tab select obtain ip address automatically and obtain dns server
automatically.
Open a command prompt and type in the following.
ipconfig /relese
ipconfig /renew
ipconfig /all
Please post all the results.

 

[cranebill]

Actually on that note... the stinking computer i tried to renew on had manual dns servers applied... it has been changed to automatic now.. and he then hit the server first....

Anyway this was done on my machine:

Microsoft(R) Windows DOS
(C)Copyright Microsoft Corp 1990-2001.

C:\DOCUME~1\BSCHUL~1.CRA>ipconfig /release

Windows IP Configuration


Ethernet adapter Local Area Connection 2:

Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . . : 0.0.0.0
Subnet Mask . . . . . . . . . . . : 0.0.0.0
Default Gateway . . . . . . . . . :

C:\>ipconfig /renew

Windows IP Configuration


Ethernet adapter Local Area Connection 2:

Connection-specific DNS Suffix . : sample.COM
IP Address. . . . . . . . . . . . : 192.168.0.135
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.0.1

C:\DOCUME~1\BSCHUL~1.CRA>ipconfig /all

Windows IP Configuration

Host Name . . . . . . . . . . . . : Computer-14
Primary Dns Suffix . . . . . . . : sample.COM
Node Type . . . . . . . . . . . . : Mixed
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : sample.COM

Ethernet adapter Local Area Connection 2:

Connection-specific DNS Suffix . : Sample.COM
Description . . . . . . . . . . . : Realtek RTL8139 Family PCI Fast Ethe
rnet NIC
Physical Address. . . . . . . . . : 00-E0-18-D0-FE-91
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.0.135
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DNS Servers . . . . . . . . . . . : 192.168.0.1
Lease Obtained. . . . . . . . . . : Wednesday, June 04, 2003 1:03:04 PM
Lease Expires . . . . . . . . . . : Wednesday, June 11, 2003 1:03:04 PM

C:\DOCUME~1\BSCHUL~1.CRA>

 

[cranebill]

hey quick question for you... if i change the dns server of my internet nic to my local ip would that maybe resolve the issue of the computer not finding itself?

Bill

 

[zoeythecat]

Bill,

As mentioned, can you go to your Domain Controller, open up your DNS and list the settings (Please read my post) and then open up your DHCP server and list this settings. Otherwise this will be difficult for this forum to resolve. You are just listing settings from your client which shows us that your DHCP server and DNS server are on the domain controller 192.168.0.1 and again, I think you need to verify if you really need ICS configured or not.

Zoey

 

[cranebill]

is there a way to show the full spectrem for the DNS and DHCP settings you are looking for?

 

[zoeythecat]

How is your internet NIC setup? Is this connected to an ISDN? Where is the patch cable running from your Internet NIC to what device? You need to setup forwarders in your DNS to point to this IP Address. The main thing is to find out what the IP Address is that would allow your clients to connect to the Internet then add this to the forwarders tab of your DNS. But you also need to make sure your DHCP server is setup correctly and the DNS options in DHCP points the client to the IP Address of your ISP

 

[wbg34]

Ok we should have it now. The problem is your ICS or more specifically the dhcp portion of ICS. The fix isn't pretty but shouldn't be to hard.

1st disable ICS.

Second setup your server as a router (see article below)

http://www.microsoft.com/technet/tr...nol/windows2000serv/deploy/depopt/connint.asp

Finally set up dhcp on your server (see article below)

http://www.labmice.net/networking/DHCP.htm

 

[cranebill]

Internet NIC is connected to a cisco router for a t1 connection.... Im pretty sure i understand what your saying zoey... when i disable ics... for now anyway... it kicks all users off the network.. i wonder if it would be just as easy to disable the internet card.... temporarily... demote the DC.. reset the DC up with just the LAN card and without internet connection and then once the LAN is back up and running worry about the internet connection then.

 

[zoeythecat]

Bill,

you should follow the articles that wbg34 lists. Very helpful and user friendly instructions. Seems like his links may resolve or hopefully resolve your problem.

Zoey

 

[MSMVP]

zoey -

Pointing the forwarders to the external NIC are pointless. Forwarders are only for DNS resolution when my DNS can't answer the question. Thus, it needs to point to his IPS's DNS, not his external interface.

He needs ICS, because as unpleasant as it may be, this is the machine that is providing internal to Internet (and back again) communication. ICS needs to be on, and there should only be one default gateway, as one NIC is all that Windows (or any OS) can handle for dfgw - hence persistent routes and routing tables. ICS helps with this as long as it is set up correctly. He needs to be in NAT so that he can use the 192.168.0.0 range internally.

DHCP internally should only point to internal resources. Again, the DNS forwarder on the DNS of the DC should point to his ISP's DNS for external resolution. If it's an internal question, it will be answered on the internal DNS.

Hope this helps.....



Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active Directory
Associate Expert
Expert Zone -

http://www.microsoft.com/windowsxp/expertzone

 

[cranebill]

I really appreciate all the help... i will post results...

Bill

 

[MSMVP]

Bill,

What model Cisco router is this? You should be able to NAT through the router, eliminating the need for the two NICs, ICS, the whole thing.

This is a matter of KISS, if you know what I mean. Let the DC be the DC, DNS, DHCP, and WINS (if necessary) but bag the ICS, routing and NAT.

Let the router do what routers do best!



Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active Directory
Associate Expert
Expert Zone -

http://www.microsoft.com/windowsxp/expertzone

 

[cranebill]

Ok so whats the solution lol From what i am gathering from all this and correct me if im wrong..... when my server tries to find "sample.com" it looks externally instead of internally, hence my problem of not being able to find the Domain Controller. If this is the problem how do i get my server to look internally first?

Bill

 

[cranebill]

The router is Cisco 1720. I dont think though that i am "allowed" to mess with the internals of this though since it is owned by our T1 provider.....i really know nothing about routers at all.

Bill

 

[zoeythecat]

MVP,

So are you stating that the DNS forwarders does not play a role? How should he configure his DNS to resolve client requests trying to get out onto the Internet?

Zoey

 

[wbg34]

Bill,
With any possible restrictions on your ability to configure the router you really want to set up the dc as a router. ICS is more suitable to smaller networks and doesn't play well with AD Domains. Thats why you need to set up RRAS as a router and not ICS. If you can configure the router it will be much easier to connect the router to a switch and forget about your external nic on the server.

 

[MSMVP]

RE: your post

<snip>
>How is your internet NIC setup? Is this connected to an >ISDN? Where is the patch cable running from your >Internet NIC to what device? You need to setup >forwarders in your DNS to point to this IP Address.
</snip>

Yes, he needs forwarders. I'm not arguing that, and mentioned it way early in this thread.

But, please re-read your post: The forwarders MUST be pointed to the DNS at his ISP - that's all I'm saying.

Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active Directory
Associate Expert
Expert Zone -

http://www.microsoft.com/windowsxp/expertzone