Solved

Settng up Windows 2000 with Active Directory, DNS, DHCP, and Revers DNS look up.

Posted on 2004-08-03
17
4,233 Views
Last Modified: 2008-05-30
Hello,

I’m new to the networking game.  I have been teaching my self as much as I can.

I have a small network I wish to setup using windows 2000 server.  I have used the Configure My Server and run through the wizard.  I believe it set up my domain controller, DNS, and DHCP.

I basically followed the steps outlined here:

http://www.microsoft.com/technet/prodtechnol/windows2000serv/howto/depprof1.mspx

I am concerned over default settings as I would like to us an IP on the server of 192.168.1.200  and subnet mask of 225.255.255.0  

I also reviewed a site that showed a manual installation :

http://www.serverwatch.com/tutorials/article.php/1474461

I did go in to the DNS and delete the “.” From the forward dns as it recommended.
I also went into my TCP/IP and set up:

Ip  192.168.1.200
Subnet  225.255.225.0
Gate way is  192.168.1.2  (this is my router for our broadband)

DNS is 192.168.1.200  ( the 2nd sight said it needed to point to it’s self)

Went into DNS properties and  put the ISP  DNS servers there as recommended by the 2nd web site.

Now my problem is,  When I go to MY COMPUTER on my client, I try to get it to find the domain  ALTEK  or  ALTEK.LOCAL and it tells me it cannot find the DOMAIN or it is invalid.  I am assuming that I have DNS forward or reveres look up set up wrong?

Under my server, under forward is a folder   altek.local.
Under my server, under reveres is  192.168.1.xsubnet.

Here is the DNS.LOG file from the server:

DNS Server boot at 8/4/2004.
      66 seconds since system boot.
Message logging key:
      Field #  Information         Values
      -------  -----------         ------
        1      Send\Receive
        2      Protocol            T == TCP message
                                   empty == UDP
        3      Remote IP
        4      Xid (hex)
        5      Query\Response      R == Response
                                   empty == Query
        6      Opcode              Q == Standard Query
                                   N == Notify
                                   U == Update
                                   ? == Unknown
        7      [Flags (hex)
        8      Flags (char codes)  A == Authoritative Answer
                                   T == Truncated Response
                                   D == Recursion Desired
                                   R == Recursion Available
        9      ResponseCode]
       10      Question Name

PnP Event:  rechecking server bindings.
ERROR:  GQCS failure on dead socket. status=995, socket=384, pcon=004B4ECC, state=-1, IP=192.168.1.200
PnP Event:  rechecking server bindings.
PnP Event:  rechecking server bindings.
PnP Event:  rechecking server bindings.
PnP Event:  rechecking server bindings.
PnP Event:  rechecking server bindings.
PnP Event:  rechecking server bindings.
PnP Event:  rechecking server bindings.
PnP Event:  rechecking server bindings.
PnP Event:  rechecking server bindings.
PnP Event:  rechecking server bindings.
ERROR:  GQCS failure on dead socket. status=995, socket=444, pcon=004C299C, state=-1, IP=10.10.0.1
PnP Event:  rechecking server bindings.
PnP Event:  rechecking server bindings.
PnP Event:  rechecking server bindings.
PnP Event:  rechecking server bindings.
PnP Event:  rechecking server bindings.
PnP Event:  rechecking server bindings.
PnP Event:  rechecking server bindings.
PnP Event:  rechecking server bindings.
ERROR:  GQCS failure on dead socket. status=995, socket=444, pcon=004BB74C, state=-1, IP=192.168.1.100
PnP Event:  rechecking server bindings.
PnP Event:  rechecking server bindings.
PnP Event:  rechecking server bindings.
PnP Event:  rechecking server bindings.
PnP Event:  rechecking server bindings.
PnP Event:  rechecking server bindings.
PnP Event:  rechecking server bindings.
Snd   192.168.1.200   0001  R Q [8385 A DR NXDOMAIN] (3)200(1)1(3)168(3)192(7)in-addr(4)arpa(0)
UDP response info at 004C1C9C
  Socket = 384
  Remote addr 192.168.1.200, port 1460
  Time Query=2144, Queued=0, Expire=0
  Buf length = 0x0200 (512)
  Msg length = 0x0082 (130)
  Message:
    XID       0x0001
    Flags     0x8583
        QR        1 (response)
        OPCODE    0 (QUERY)
        AA        1
        TC        0
        RD        1
        RA        1
        Z         0
        RCODE     3 (NXDOMAIN)
    QCOUNT    0x1
    ACOUNT    0x0
    NSCOUNT   0x1
    ARCOUNT   0x0
    Offset = 0x000c, RR count = 0
    Name      "(3)200(1)1(3)168(3)192(7)in-addr(4)arpa(0)"
      QTYPE   PTR (12)
      QCLASS  1
    ANSWER SECTION:
    AUTHORITY SECTION:
    Offset = 0x002c, RR count = 0
    Name      "(1)1(3)168(3)192(7)in-addr(4)arpa(0)"
      TYPE   SOA  (6)
      CLASS  1
      TTL    3600
      DLEN   52
      DATA  
            PrimaryServer: (10)server2000(5)altek(5)local(0)
            Administrator: (5)admin[C059](5)altek(5)local(0)
            SerialNo     = 1
            Refresh      = 900
            Retry        = 600
            Expire       = 86400
            MinimumTTL   = 3600
    ADDITIONAL SECTION:


Please help me.  Tell me what I need to change and how to do it.  I really want to get this set up where the client will ask for user name and password after booting and LOG into the domain.
0
Comment
Question by:mrchaos101
  • 9
  • 6
  • 2
17 Comments
 
LVL 1

Author Comment

by:mrchaos101
ID: 11708428
Also  if i run NSLOOKUP on the server I get:

C:\Documents and Settings\Administrator.SERVER2000.001>nslookup
*** Can't find server name for address 192.168.1.200: Non-existent domain
*** Default servers are not available
Default Server:  UnKnown
Address:  192.168.1.200
0
 
LVL 13

Expert Comment

by:ocon827679
ID: 11708513
On your client, do you have the TCP/IP properties set to use the DNS at 192.168.1.200?  What is the IP address of the client?  You want it to be in the same segment if you are not connecting the client and server by way of a router.  

Noticed in your log a reference to IP address 10.10.0.1.  Did you configure something with this address?  If so, what?  
0
 
LVL 1

Author Comment

by:mrchaos101
ID: 11708603
Yes on my client the ip DNS is set to 192.168.1.200  I can get on the the net on the server and the client.  If I turn the server OFF then I loose net access on the client.

The reason for my post on the  10.10.0.1  is because :

Your Server Wizard installs DNS and DHCP and configures DNS, DHCP, and Active Directory. The default values set by the wizard are:

DHCP Scope:
 10.0.0.3-10.0.0.254
 
Preferred DNS Server:
 127.0.0.1
 
IP address:
 10.10.1.1
 
Subnet mask:
 255.0.0.0
 

Im not sure if those default settings will affect me or not:

NSLOOKUP On client is as follows:

*** Can't find server name for address 192.168.1.200: Non-existent domain
*** Default servers are not available
Default Server:  UnKnown
Address:  192.168.1.200

0
 
LVL 13

Expert Comment

by:ocon827679
ID: 11708726
After seeing your added post, yeah the 10.x isn't your problem.  In your DNS Forward Lookup zone do you have a host record for the server and another for your client workstation?  Do you have the service records - these start with an underscore character, ie _msdcs.  I believe that there are 4.  

If you don't have the service records, ensure that you have added the server's IP address to point to itself for DNS.  I know you said that you did, but it's always wise to check.  Then reboot and see if the service records get created.  You need to get nslookup to work, that tell you that name resolution is OK.
0
 
LVL 20

Expert Comment

by:Debsyl99
ID: 11708788
Hi
First have you enabled dynamic updates in dns on the server? In admin tools/dns right click your zone under forwarders, then on general tab, make sure dynamic updates are accepted.

 On your client pc open up a command prompt ie click start run, type in cmd and then ok

then at the C: prompt type ipconfig /all and post what it says.

If your client is using dhcp from the server, then it's picking up an address (according to your default settings above) of probably 10.0.0.3, which will not enable it to connect to your server or the net or anything else for that matter and would account for your problem.

To fix this for now, manually change your settings on the client tcp/ip to ip address to 192.168.1.3, primary dns server 192.168.200 (your server ip which should be correct, and default gateway the same as your router's ip.

Then you will need to change the dhcop scope on the server, but post your ipconfig/all results for the client to make sure that's what's going on,

Deb :))



0
 
LVL 1

Author Comment

by:mrchaos101
ID: 11708797
Under Forward Look up zones is a single folder named altek.local. That altek folder, has folders for _msdcs, _sites, _tcp, _udp.
0
 
LVL 20

Expert Comment

by:Debsyl99
ID: 11708861
Hi - right click on the folder in dns - altec.local - click properties and check dynamic updates are enabled on the general tab - there are two types - secure only and yes (the other setting is no) click yes for now.

Also post your ipconfig /all results from your client,

Deb :))
0
 
LVL 1

Author Comment

by:mrchaos101
ID: 11708872
Ipconfig /all from client:

Windows IP Configuration

        Host Name . . . . . . . . . . . . : it
        Primary Dns Suffix  . . . . . . . :
        Node Type . . . . . . . . . . . . : Unknown
        IP Routing Enabled. . . . . . . . : No
        WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : NVIDIA nForce MCP Networking Control
ler
        Physical Address. . . . . . . . . : 00-0C-76-90-B3-30
        Dhcp Enabled. . . . . . . . . . . : No
        IP Address. . . . . . . . . . . . : 192.168.1.106
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 192.168.1.2
        DNS Servers . . . . . . . . . . . : 192.168.1.200

I have the IP SETTINGS on the clint set up STATIC

"First have you enabled dynamic updates in dns on the server? In admin tools/dns right click your zone under forwarders, then on general tab, make sure dynamic updates are accepted."

The value was set to Only secure  I changed it to YES.
0
 
LVL 20

Expert Comment

by:Debsyl99
ID: 11708936
Hmm - have you actually joined it to the domain yet?

Right click on my computer on the client, click on properties, then click on network identification tab, under full computer name it should be something like

computername.altec.local, also do the same for the server and let us know what both full computer names are,

Deb :))
0
 
LVL 1

Author Comment

by:mrchaos101
ID: 11709104
Windows could not find an account for your computer?
0
 
LVL 1

Author Comment

by:mrchaos101
ID: 11709116
Also the WORKGROUP for the CLINTE is ALTEK
0
 
LVL 1

Author Comment

by:mrchaos101
ID: 11709152
K under the Server  the full name show s Server2000.altek.local
and the domain shows   altek.local

Under the CLIENT it shows:

Full name of computer    it
and
Work Group:  ALTEK
0
 
LVL 20

Accepted Solution

by:
Debsyl99 earned 500 total points
ID: 11709444
Ok - we need to joing the client to the domain so you can log on. On the client, keep your static ip settings for now, right click on my computer again, click properties, then click network identification tab, then click network id to start the wizard.

Click next - check this computer is part of a business network, next, my company uses a network with a domain, next, next, then enter your name and password for a user account on the client -  use your administrator account on the server ie, name Administrator, password:whatever you've set, and the domain should be
altek    .
Click next - it should say that there's either an account setup do you want to use it, or it will set up an account for you. Click yes,

Then add a user ie Administrator again for now, domain is  altek, click next and define the user type. For now click administrator as it's a home network and you maybe would like to be able to access everything for now. Click next and then finish. Reboot the computer when it asks, and for the first time you should be able to log into the domain altek,

Deb :))

0
 
LVL 1

Author Comment

by:mrchaos101
ID: 11709601
I got an error message saying someting about the computer was not found in the domain.

I went to Active Directory and Users and found the folder on the left that had COMPUTER.  There are 0 objects in that folder.. I clicked NEW  COMPUTER and left all default settings and then told it the NAME of my client PC.

I then did the steps you recomened above again.
It found the DOMAIN at this point.. but it will only take the ADMINISTRATOR and pass of the SEVER to log in.

I did create a USER and PASS in the active directory on the server,  but when I try to use the USER and PASS in the DOMAIN on the client PC it will not go.  IF I use "Administrator" and the pass for the SERVER it will log in.

Im getting closer I think.
0
 
LVL 20

Expert Comment

by:Debsyl99
ID: 11709918
Yes you are - you need to create the user and the password in active directory users and computers on the server :- start - programs - admin tools - ad users and computers as you've done. Expand the treee, right click the folder called users and choose new -> user. You will then need to complete your details for the new user but be careful to fill in and note the logon name, and the password that you set - for now check "password never expires".  Once created you should then be able to logon at the client with the user logon name and password that you set but you'll need to logon to the altek domain. This should work ok, hopefully,

Deb :))

0
 
LVL 1

Author Comment

by:mrchaos101
ID: 11709973
Deb,

You have helped me A LOT.  I will award you the points with just a few more questions to understand what I have learned today.

I can log in the users.. the problem was a misspelling in the password on the server vs what I was using on the client....

The only way I could get in was to go to Active Directgory and Users and under COMPUTERS add an object  NEW COMPUTER and give it the NAME of the client computer.  

A.) is it safe to assume I will have to ad the name of EVERY client PC on the network the same way.

B.) It should not matter client PC the user logs on under as long as the use a valid user name and pass that is made in the Active Directory.

C.).... I have many many other questions comming up about other UNRELATED issues to this topic. They shale have points of their own. I would like you to consider helping... is there a way to get you a message to ask you to come look at the topic?
0
 
LVL 20

Expert Comment

by:Debsyl99
ID: 11710044
A: - Yes you do, but once added you can rename them from the network id wizard if you need to.

B: - That's correct - It doesn't matter where a user logs on - if the client pc is a member of the domain they can log on (so long as you have no specific policies set that means they can't) - as a default setting, yes.

C: That's nice - My email address is in my profile, but it's not for use to answer any EE questions directly - they always need to be posted here - plus there are a lot of people in EE just as good as me and many much better, so you needn't worry about not having enough help on here,

Best wishes,

Deb :))
0

Join & Write a Comment

ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now