Settng up Windows 2000 with Active Directory, DNS, DHCP, and Revers DNS look up.
Hello,
I’m new to the networking game. I have been teaching my self as much as I can.
I have a small network I wish to setup using windows 2000 server. I have used the Configure My Server and run through the wizard. I believe it set up my domain controller, DNS, and DHCP.
I basically followed the steps outlined here:
http://www.microsoft.com/technet/prodtechnol/windows2000serv/howto/depprof1.mspx
I am concerned over default settings as I would like to us an IP on the server of 192.168.1.200 and subnet mask of 225.255.255.0
I also reviewed a site that showed a manual installation :
http://www.serverwatch.com/tutorials/article.php/1474461
I did go in to the DNS and delete the “.” From the forward dns as it recommended.
I also went into my TCP/IP and set up:
Ip 192.168.1.200
Subnet 225.255.225.0
Gate way is 192.168.1.2 (this is my router for our broadband)
DNS is 192.168.1.200 ( the 2nd sight said it needed to point to it’s self)
Went into DNS properties and put the ISP DNS servers there as recommended by the 2nd web site.
Now my problem is, When I go to MY COMPUTER on my client, I try to get it to find the domain ALTEK or ALTEK.LOCAL and it tells me it cannot find the DOMAIN or it is invalid. I am assuming that I have DNS forward or reveres look up set up wrong?
Under my server, under forward is a folder altek.local.
Under my server, under reveres is 192.168.1.xsubnet.
Here is the DNS.LOG file from the server:
DNS Server boot at 8/4/2004.
66 seconds since system boot.
Message logging key:
Field # Information Values
------- ----------- ------
1 Send\Receive
2 Protocol T == TCP message
empty == UDP
3 Remote IP
4 Xid (hex)
5 Query\Response R == Response
empty == Query
6 Opcode Q == Standard Query
N == Notify
U == Update
? == Unknown
7 [Flags (hex)
8 Flags (char codes) A == Authoritative Answer
T == Truncated Response
D == Recursion Desired
R == Recursion Available
9 ResponseCode]
10 Question Name
PnP Event: rechecking server bindings.
ERROR: GQCS failure on dead socket. status=995, socket=384, pcon=004B4ECC, state=-1, IP=192.168.1.200
PnP Event: rechecking server bindings.
PnP Event: rechecking server bindings.
PnP Event: rechecking server bindings.
PnP Event: rechecking server bindings.
PnP Event: rechecking server bindings.
PnP Event: rechecking server bindings.
PnP Event: rechecking server bindings.
PnP Event: rechecking server bindings.
PnP Event: rechecking server bindings.
PnP Event: rechecking server bindings.
ERROR: GQCS failure on dead socket. status=995, socket=444, pcon=004C299C, state=-1, IP=10.10.0.1
PnP Event: rechecking server bindings.
PnP Event: rechecking server bindings.
PnP Event: rechecking server bindings.
PnP Event: rechecking server bindings.
PnP Event: rechecking server bindings.
PnP Event: rechecking server bindings.
PnP Event: rechecking server bindings.
PnP Event: rechecking server bindings.
ERROR: GQCS failure on dead socket. status=995, socket=444, pcon=004BB74C, state=-1, IP=192.168.1.100
PnP Event: rechecking server bindings.
PnP Event: rechecking server bindings.
PnP Event: rechecking server bindings.
PnP Event: rechecking server bindings.
PnP Event: rechecking server bindings.
PnP Event: rechecking server bindings.
PnP Event: rechecking server bindings.
Snd 192.168.1.200 0001 R Q [8385 A DR NXDOMAIN] (3)200(1)1(3)168(3)192(7)i
UDP response info at 004C1C9C
Socket = 384
Remote addr 192.168.1.200, port 1460
Time Query=2144, Queued=0, Expire=0
Buf length = 0x0200 (512)
Msg length = 0x0082 (130)
Message:
XID 0x0001
Flags 0x8583
QR 1 (response)
OPCODE 0 (QUERY)
AA 1
TC 0
RD 1
RA 1
Z 0
RCODE 3 (NXDOMAIN)
QCOUNT 0x1
ACOUNT 0x0
NSCOUNT 0x1
ARCOUNT 0x0
Offset = 0x000c, RR count = 0
Name "(3)200(1)1(3)168(3)192(7)
QTYPE PTR (12)
QCLASS 1
ANSWER SECTION:
AUTHORITY SECTION:
Offset = 0x002c, RR count = 0
Name "(1)1(3)168(3)192(7)in-add
TYPE SOA (6)
CLASS 1
TTL 3600
DLEN 52
DATA
PrimaryServer: (10)server2000(5)altek(5)l
Administrator: (5)admin[C059](5)altek(5)l
SerialNo = 1
Refresh = 900
Retry = 600
Expire = 86400
MinimumTTL = 3600
ADDITIONAL SECTION:
Please help me. Tell me what I need to change and how to do it. I really want to get this set up where the client will ask for user name and password after booting and LOG into the domain.
I’m new to the networking game. I have been teaching my self as much as I can.
I have a small network I wish to setup using windows 2000 server. I have used the Configure My Server and run through the wizard. I believe it set up my domain controller, DNS, and DHCP.
I basically followed the steps outlined here:
http://www.microsoft.com/technet/prodtechnol/windows2000serv/howto/depprof1.mspx
I am concerned over default settings as I would like to us an IP on the server of 192.168.1.200 and subnet mask of 225.255.255.0
I also reviewed a site that showed a manual installation :
http://www.serverwatch.com/tutorials/article.php/1474461
I did go in to the DNS and delete the “.” From the forward dns as it recommended.
I also went into my TCP/IP and set up:
Ip 192.168.1.200
Subnet 225.255.225.0
Gate way is 192.168.1.2 (this is my router for our broadband)
DNS is 192.168.1.200 ( the 2nd sight said it needed to point to it’s self)
Went into DNS properties and put the ISP DNS servers there as recommended by the 2nd web site.
Now my problem is, When I go to MY COMPUTER on my client, I try to get it to find the domain ALTEK or ALTEK.LOCAL and it tells me it cannot find the DOMAIN or it is invalid. I am assuming that I have DNS forward or reveres look up set up wrong?
Under my server, under forward is a folder altek.local.
Under my server, under reveres is 192.168.1.xsubnet.
Here is the DNS.LOG file from the server:
DNS Server boot at 8/4/2004.
66 seconds since system boot.
Message logging key:
Field # Information Values
------- ----------- ------
1 Send\Receive
2 Protocol T == TCP message
empty == UDP
3 Remote IP
4 Xid (hex)
5 Query\Response R == Response
empty == Query
6 Opcode Q == Standard Query
N == Notify
U == Update
? == Unknown
7 [Flags (hex)
8 Flags (char codes) A == Authoritative Answer
T == Truncated Response
D == Recursion Desired
R == Recursion Available
9 ResponseCode]
10 Question Name
PnP Event: rechecking server bindings.
ERROR: GQCS failure on dead socket. status=995, socket=384, pcon=004B4ECC, state=-1, IP=192.168.1.200
PnP Event: rechecking server bindings.
PnP Event: rechecking server bindings.
PnP Event: rechecking server bindings.
PnP Event: rechecking server bindings.
PnP Event: rechecking server bindings.
PnP Event: rechecking server bindings.
PnP Event: rechecking server bindings.
PnP Event: rechecking server bindings.
PnP Event: rechecking server bindings.
PnP Event: rechecking server bindings.
ERROR: GQCS failure on dead socket. status=995, socket=444, pcon=004C299C, state=-1, IP=10.10.0.1
PnP Event: rechecking server bindings.
PnP Event: rechecking server bindings.
PnP Event: rechecking server bindings.
PnP Event: rechecking server bindings.
PnP Event: rechecking server bindings.
PnP Event: rechecking server bindings.
PnP Event: rechecking server bindings.
PnP Event: rechecking server bindings.
ERROR: GQCS failure on dead socket. status=995, socket=444, pcon=004BB74C, state=-1, IP=192.168.1.100
PnP Event: rechecking server bindings.
PnP Event: rechecking server bindings.
PnP Event: rechecking server bindings.
PnP Event: rechecking server bindings.
PnP Event: rechecking server bindings.
PnP Event: rechecking server bindings.
PnP Event: rechecking server bindings.
Snd 192.168.1.200 0001 R Q [8385 A DR NXDOMAIN] (3)200(1)1(3)168(3)192(7)i
UDP response info at 004C1C9C
Socket = 384
Remote addr 192.168.1.200, port 1460
Time Query=2144, Queued=0, Expire=0
Buf length = 0x0200 (512)
Msg length = 0x0082 (130)
Message:
XID 0x0001
Flags 0x8583
QR 1 (response)
OPCODE 0 (QUERY)
AA 1
TC 0
RD 1
RA 1
Z 0
RCODE 3 (NXDOMAIN)
QCOUNT 0x1
ACOUNT 0x0
NSCOUNT 0x1
ARCOUNT 0x0
Offset = 0x000c, RR count = 0
Name "(3)200(1)1(3)168(3)192(7)
QTYPE PTR (12)
QCLASS 1
ANSWER SECTION:
AUTHORITY SECTION:
Offset = 0x002c, RR count = 0
Name "(1)1(3)168(3)192(7)in-add
TYPE SOA (6)
CLASS 1
TTL 3600
DLEN 52
DATA
PrimaryServer: (10)server2000(5)altek(5)l
Administrator: (5)admin[C059](5)altek(5)l
SerialNo = 1
Refresh = 900
Retry = 600
Expire = 86400
MinimumTTL = 3600
ADDITIONAL SECTION:
Please help me. Tell me what I need to change and how to do it. I really want to get this set up where the client will ask for user name and password after booting and LOG into the domain.
On your client, do you have the TCP/IP properties set to use the DNS at 192.168.1.200? What is the IP address of the client? You want it to be in the same segment if you are not connecting the client and server by way of a router.
Noticed in your log a reference to IP address 10.10.0.1. Did you configure something with this address? If so, what?
Noticed in your log a reference to IP address 10.10.0.1. Did you configure something with this address? If so, what?
ASKER
Yes on my client the ip DNS is set to 192.168.1.200 I can get on the the net on the server and the client. If I turn the server OFF then I loose net access on the client.
The reason for my post on the 10.10.0.1 is because :
Your Server Wizard installs DNS and DHCP and configures DNS, DHCP, and Active Directory. The default values set by the wizard are:
DHCP Scope:
10.0.0.3-10.0.0.254
Preferred DNS Server:
127.0.0.1
IP address:
10.10.1.1
Subnet mask:
255.0.0.0
Im not sure if those default settings will affect me or not:
NSLOOKUP On client is as follows:
*** Can't find server name for address 192.168.1.200: Non-existent domain
*** Default servers are not available
Default Server: UnKnown
Address: 192.168.1.200
The reason for my post on the 10.10.0.1 is because :
Your Server Wizard installs DNS and DHCP and configures DNS, DHCP, and Active Directory. The default values set by the wizard are:
DHCP Scope:
10.0.0.3-10.0.0.254
Preferred DNS Server:
127.0.0.1
IP address:
10.10.1.1
Subnet mask:
255.0.0.0
Im not sure if those default settings will affect me or not:
NSLOOKUP On client is as follows:
*** Can't find server name for address 192.168.1.200: Non-existent domain
*** Default servers are not available
Default Server: UnKnown
Address: 192.168.1.200
After seeing your added post, yeah the 10.x isn't your problem. In your DNS Forward Lookup zone do you have a host record for the server and another for your client workstation? Do you have the service records - these start with an underscore character, ie _msdcs. I believe that there are 4.
If you don't have the service records, ensure that you have added the server's IP address to point to itself for DNS. I know you said that you did, but it's always wise to check. Then reboot and see if the service records get created. You need to get nslookup to work, that tell you that name resolution is OK.
If you don't have the service records, ensure that you have added the server's IP address to point to itself for DNS. I know you said that you did, but it's always wise to check. Then reboot and see if the service records get created. You need to get nslookup to work, that tell you that name resolution is OK.
Hi
First have you enabled dynamic updates in dns on the server? In admin tools/dns right click your zone under forwarders, then on general tab, make sure dynamic updates are accepted.
On your client pc open up a command prompt ie click start run, type in cmd and then ok
then at the C: prompt type ipconfig /all and post what it says.
If your client is using dhcp from the server, then it's picking up an address (according to your default settings above) of probably 10.0.0.3, which will not enable it to connect to your server or the net or anything else for that matter and would account for your problem.
To fix this for now, manually change your settings on the client tcp/ip to ip address to 192.168.1.3, primary dns server 192.168.200 (your server ip which should be correct, and default gateway the same as your router's ip.
Then you will need to change the dhcop scope on the server, but post your ipconfig/all results for the client to make sure that's what's going on,
Deb :))
First have you enabled dynamic updates in dns on the server? In admin tools/dns right click your zone under forwarders, then on general tab, make sure dynamic updates are accepted.
On your client pc open up a command prompt ie click start run, type in cmd and then ok
then at the C: prompt type ipconfig /all and post what it says.
If your client is using dhcp from the server, then it's picking up an address (according to your default settings above) of probably 10.0.0.3, which will not enable it to connect to your server or the net or anything else for that matter and would account for your problem.
To fix this for now, manually change your settings on the client tcp/ip to ip address to 192.168.1.3, primary dns server 192.168.200 (your server ip which should be correct, and default gateway the same as your router's ip.
Then you will need to change the dhcop scope on the server, but post your ipconfig/all results for the client to make sure that's what's going on,
Deb :))
ASKER
Under Forward Look up zones is a single folder named altek.local. That altek folder, has folders for _msdcs, _sites, _tcp, _udp.
Hi - right click on the folder in dns - altec.local - click properties and check dynamic updates are enabled on the general tab - there are two types - secure only and yes (the other setting is no) click yes for now.
Also post your ipconfig /all results from your client,
Deb :))
Also post your ipconfig /all results from your client,
Deb :))
ASKER
Ipconfig /all from client:
Windows IP Configuration
Host Name . . . . . . . . . . . . : it
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : NVIDIA nForce MCP Networking Control
ler
Physical Address. . . . . . . . . : 00-0C-76-90-B3-30
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.106
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.2
DNS Servers . . . . . . . . . . . : 192.168.1.200
I have the IP SETTINGS on the clint set up STATIC
"First have you enabled dynamic updates in dns on the server? In admin tools/dns right click your zone under forwarders, then on general tab, make sure dynamic updates are accepted."
The value was set to Only secure I changed it to YES.
Windows IP Configuration
Host Name . . . . . . . . . . . . : it
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : NVIDIA nForce MCP Networking Control
ler
Physical Address. . . . . . . . . : 00-0C-76-90-B3-30
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.106
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.2
DNS Servers . . . . . . . . . . . : 192.168.1.200
I have the IP SETTINGS on the clint set up STATIC
"First have you enabled dynamic updates in dns on the server? In admin tools/dns right click your zone under forwarders, then on general tab, make sure dynamic updates are accepted."
The value was set to Only secure I changed it to YES.
Hmm - have you actually joined it to the domain yet?
Right click on my computer on the client, click on properties, then click on network identification tab, under full computer name it should be something like
computername.altec.local, also do the same for the server and let us know what both full computer names are,
Deb :))
Right click on my computer on the client, click on properties, then click on network identification tab, under full computer name it should be something like
computername.altec.local, also do the same for the server and let us know what both full computer names are,
Deb :))
ASKER
Windows could not find an account for your computer?
ASKER
Also the WORKGROUP for the CLINTE is ALTEK
ASKER
K under the Server the full name show s Server2000.altek.local
and the domain shows altek.local
Under the CLIENT it shows:
Full name of computer it
and
Work Group: ALTEK
and the domain shows altek.local
Under the CLIENT it shows:
Full name of computer it
and
Work Group: ALTEK
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I got an error message saying someting about the computer was not found in the domain.
I went to Active Directory and Users and found the folder on the left that had COMPUTER. There are 0 objects in that folder.. I clicked NEW COMPUTER and left all default settings and then told it the NAME of my client PC.
I then did the steps you recomened above again.
It found the DOMAIN at this point.. but it will only take the ADMINISTRATOR and pass of the SEVER to log in.
I did create a USER and PASS in the active directory on the server, but when I try to use the USER and PASS in the DOMAIN on the client PC it will not go. IF I use "Administrator" and the pass for the SERVER it will log in.
Im getting closer I think.
I went to Active Directory and Users and found the folder on the left that had COMPUTER. There are 0 objects in that folder.. I clicked NEW COMPUTER and left all default settings and then told it the NAME of my client PC.
I then did the steps you recomened above again.
It found the DOMAIN at this point.. but it will only take the ADMINISTRATOR and pass of the SEVER to log in.
I did create a USER and PASS in the active directory on the server, but when I try to use the USER and PASS in the DOMAIN on the client PC it will not go. IF I use "Administrator" and the pass for the SERVER it will log in.
Im getting closer I think.
Yes you are - you need to create the user and the password in active directory users and computers on the server :- start - programs - admin tools - ad users and computers as you've done. Expand the treee, right click the folder called users and choose new -> user. You will then need to complete your details for the new user but be careful to fill in and note the logon name, and the password that you set - for now check "password never expires". Once created you should then be able to logon at the client with the user logon name and password that you set but you'll need to logon to the altek domain. This should work ok, hopefully,
Deb :))
Deb :))
ASKER
Deb,
You have helped me A LOT. I will award you the points with just a few more questions to understand what I have learned today.
I can log in the users.. the problem was a misspelling in the password on the server vs what I was using on the client....
The only way I could get in was to go to Active Directgory and Users and under COMPUTERS add an object NEW COMPUTER and give it the NAME of the client computer.
A.) is it safe to assume I will have to ad the name of EVERY client PC on the network the same way.
B.) It should not matter client PC the user logs on under as long as the use a valid user name and pass that is made in the Active Directory.
C.).... I have many many other questions comming up about other UNRELATED issues to this topic. They shale have points of their own. I would like you to consider helping... is there a way to get you a message to ask you to come look at the topic?
You have helped me A LOT. I will award you the points with just a few more questions to understand what I have learned today.
I can log in the users.. the problem was a misspelling in the password on the server vs what I was using on the client....
The only way I could get in was to go to Active Directgory and Users and under COMPUTERS add an object NEW COMPUTER and give it the NAME of the client computer.
A.) is it safe to assume I will have to ad the name of EVERY client PC on the network the same way.
B.) It should not matter client PC the user logs on under as long as the use a valid user name and pass that is made in the Active Directory.
C.).... I have many many other questions comming up about other UNRELATED issues to this topic. They shale have points of their own. I would like you to consider helping... is there a way to get you a message to ask you to come look at the topic?
A: - Yes you do, but once added you can rename them from the network id wizard if you need to.
B: - That's correct - It doesn't matter where a user logs on - if the client pc is a member of the domain they can log on (so long as you have no specific policies set that means they can't) - as a default setting, yes.
C: That's nice - My email address is in my profile, but it's not for use to answer any EE questions directly - they always need to be posted here - plus there are a lot of people in EE just as good as me and many much better, so you needn't worry about not having enough help on here,
Best wishes,
Deb :))
B: - That's correct - It doesn't matter where a user logs on - if the client pc is a member of the domain they can log on (so long as you have no specific policies set that means they can't) - as a default setting, yes.
C: That's nice - My email address is in my profile, but it's not for use to answer any EE questions directly - they always need to be posted here - plus there are a lot of people in EE just as good as me and many much better, so you needn't worry about not having enough help on here,
Best wishes,
Deb :))
ASKER
C:\Documents and Settings\Administrator.SER
*** Can't find server name for address 192.168.1.200: Non-existent domain
*** Default servers are not available
Default Server: UnKnown
Address: 192.168.1.200