Solved

Can't ping my local domain

Posted on 2006-11-17
31
1,566 Views
Last Modified: 2007-12-19
I'm trying to ping my local domain e.g.  mydomain.local.  and it doesn't work.  I'm doing this from the cmd prompt on the same server that it should be resolving to.  I think it's a problem with DNS but I'm not sure.  I'm under the impression i should get responses for ping mydomain.local and net view \\mydomain.local.  I can ping and view the server dc1.mydomain.local, just not the domain by itself.

Here's my setup.

1.  Server is Windows 2003 SBS with SP1

2.  I have 1 "zone" - mydomain.local

3.  The server runs DNS but not DHCP (that's handled by a cisco router).

4.  The server has 3 nics - the first one is 10.10.10.3 and that's the primary.  It is registered with DNS and has the "default" radio button for NetBios over tcp/ip.  The other nics are  not registered with DNS and do not allow netbios over tcp/ip. They're used for IIS web sites.

5. I'm not using WINS - only dns as we just have XP pro clients.

6. I have the following DNS entries for the server:
   SOA dc1.mydomain.local
   NS dc1.mydomain.local
   Host(A) 10.10.10.3

7. Only error in applicatino log is the "Windows cannot access the file gpt.ini..." Most likely because it's looking for it at \\mydomain.local\sysvol\mydomain.local\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\gpt.ini.  Since it can't see \\mydomain.local it can't find that file.

Everything else seems to be working ok.  Email works, clients can log on/off, dns forwards to my ISP dns servers, etc.

Help?

0
Comment
Question by:scaffo
  • 13
  • 11
  • 7
31 Comments
 
LVL 31

Expert Comment

by:Toni Uranjek
ID: 17965548
Is your Distributed File System service started?
0
 

Author Comment

by:scaffo
ID: 17965582
Yup - netlogon and DFS services are running.
0
 
LVL 31

Expert Comment

by:Toni Uranjek
ID: 17965702
Does this file %system root%\sysvol\mydomain.local\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\gpt.ini actualy exist?

Let me clarify that you can not ping mydomain.local, you can only ping hosts.

Can you access \\mydomain.local\sysvol from Start/Run... ?
0
 

Author Comment

by:scaffo
ID: 17965979
Yes the file exists.  Just for fun I changed the permission on the sysvol share and the sysvol folder to allow full access to everyone.  (Note I'm logged in as the Administrator which is a member of Administrators, DNSAdmins, DomainAdmins, DomainUsers, EnterpriseAdmins, Group Policy Creators, etc.)

Now this command WORKS, as it wasn't before.:


c:\> dir \\mydomain.local\sysvol\mydomain.local\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\gpt.ini

And now I can open my group policy manager which was previously not working because of permissions.  So I think the "Windows cannot access the file gpt.ini..."  error was due to permissions.  One problem solved.  It's interesting though that once you change permissions on a share or folder, you have to wait a few minutes before doing your tests to see what effec it had.  I guess it has to bake in the oven a little bit.

But now, even though I can do this:

c:\> dir \\mydomain.local\sysvol\

I still can't do this:

c:\> net view \\mydomain.local

0
 
LVL 31

Expert Comment

by:Toni Uranjek
ID: 17966233
When you enter "net view \\mydomain.local" what error do you get?
0
 

Author Comment

by:scaffo
ID: 17966277
I get this error:

Windows cannot find the network path. Verify that the network path is correct and the destination computer is not busy or turned off. If Windows still cannot find the network path, contact your netwok administrator.


Oddly, I'm still getting "Windows cannot access the file gpt.ini..." even though when I copy paste the path in the error msg and do a dir cmd on it, I can see it fine.  Plus that file has Everyone full access on it.

0
 
LVL 31

Expert Comment

by:Toni Uranjek
ID: 17966361
What is event id error number? 1058? According to: http://www.eventid.net/display.asp?eventid=1058&eventno=1752&source=Userenv&phase=1 there are numerous reasons and solutions for this problem.
0
 

Author Comment

by:scaffo
ID: 17966501
Yeah, good ol' 1058.  I've been through some of the solutions, but I'll keep troubleshooting that separately.  The other problem - can't ping or net view local domain, is the one I don't know what to do next on.

Any ideas?
0
 
LVL 31

Expert Comment

by:Toni Uranjek
ID: 17966566
What is result of this command: "nslookup mydomain.local"?
0
 

Author Comment

by:scaffo
ID: 17967122
Server:  dc1.mydomain.local
Address:  10.10.10.3

Name:    mydomain.local
Address:  10.10.10.3
0
 
LVL 31

Expert Comment

by:Toni Uranjek
ID: 17967319
You can ping 10.10.10.3, you can resolve hostnames with nslookup, but you can not ping hostname? And there are no other errors in Event viewer?
0
 

Author Comment

by:scaffo
ID: 17967476
Yes - here are some examples:


C:\>ping 10.10.10.3

Pinging 10.10.10.3 with 32 bytes of data:

Reply from 10.10.10.3: bytes=32 time<1ms TTL=128
Reply from 10.10.10.3: bytes=32 time<1ms TTL=128
Reply from 10.10.10.3: bytes=32 time<1ms TTL=128
Reply from 10.10.10.3: bytes=32 time<1ms TTL=128

Ping statistics for 10.10.10.3:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms

C:\>ping dc1.mydomain.local

Pinging dc1.mydomain.local [10.10.10.3] with 32 bytes of data:

Reply from 10.10.10.3: bytes=32 time<1ms TTL=128
Reply from 10.10.10.3: bytes=32 time<1ms TTL=128
Reply from 10.10.10.3: bytes=32 time<1ms TTL=128
Reply from 10.10.10.3: bytes=32 time<1ms TTL=128

Ping statistics for 10.10.10.3:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms

C:\>ping mydomain.local
ping request could not find host mydomain.local. Please check the name and try again.

C:\>net view \\dc1
Shared resources at \\dc1



Share name                 Type  Used as  Comment

-------------------------------------------------------------------------------
Address                    Disk           "Access to address objects"
ClientApps                 Disk           Windows Small Business Server Client Applications
clients                    Disk           Windows Small Business Server Client Setup
CryptexLicensing.com       Disk
DC1.LOG                    Disk           Exchange message tracking logs
faxclient                  Disk           Microsoft Shared Fax Clients
MailBranch.com             Disk
NETLOGON                   Disk           Logon server share
R3ManagementSolutions.com  Disk
SYSVOL                     Disk           Logon server share
tsclient                   Disk
tsweb                      Disk
Users                      Disk           Users Shared Folders
The command completed successfully.


C:\>net view \\mydomain.local
System error 51 has occurred.

Windows cannot find the network path. Verify that the network path is correct and the destination computer is not busy or turned off. If Windows still cannot find the network path, contact your netwo
k administrator.


C:\>nslookup
Default Server:  dc1.mydomain.local
Address:  10.10.10.3

> www.google.com
Server:  dc1.mydomain.local
Address:  10.10.10.3

Non-authoritative answer:
Name:    www.l.google.com
Addresses:  216.239.37.99, 216.239.37.104
Aliases:  www.google.com

> exit

C:\>
0
 
LVL 31

Expert Comment

by:Toni Uranjek
ID: 17967720
This name resolution problem, do you have all proper records registered in DNS. Does your DNS zone mydomain.local contain _msdcs subzone?
0
 

Author Comment

by:scaffo
ID: 17968338
I believe so yes.  I have (under forward lookup zones):

_msdcs.mydomain.local
->dc
->domains
->gc
->pdc

the _msdcs.mydomain.local folder itself contains:
SOA dc1.mydomain.local
NS dc1.mydomain.local
{b28319e2-9274-468f-b8e9-ef0f4c9119fd} Alias(cname) dc1.mydomain.local

The only error in DNS event log is:

DNS server has updated its own host (A) records.  In order to ensure that its DS-integrated peer DNS servers are able to replicate with this server, an attempt was made to update them with the new records through dynamic update.  An error was encountered during this update, the record data is the error code.
0
 
LVL 31

Expert Comment

by:Toni Uranjek
ID: 17968575
Please go to DNS console and create new host record for 10.10.10.3 with "blank" name. After creation you will see another host record:

(same as parent folder)
0
Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 17968895
Why do you have THREE NICs?   SBS does not generally support this configuration because it wouldn't be able to be configured by the Configure Email and Internet Connection Wizard (CEICW -- which is linked as Connect to the Internet in the Server Management Console > Internet and Email).  There are over 500 command lines in that wizard which keep all of the various services and components in sync on an SBS... these are virtually impossible to configure manually.

Jeff
TechSoEasy
0
 

Author Comment

by:scaffo
ID: 17968939
I think I already have that.  I assume I can use the DNS management snapin to check these settings?

Under DNS/DC1/Forward Lookup Zones/mydomain.local  I have (among other entries)

[Name]                               [Type]                          [Data]
----------------------------       --------------                  ---------------
(same as parent folder)        Host(A)                         10.10.10.3

The other dc1 entries are:

(same as parent folder)        Start Of Authority(SOA)   [661], dc1.mydomain.local, hostmaster.
(same as parent folder)        Name Server (NS)           dc1.mydomain.local
dc1                                     Host(A)                          10.10.10.3


In DomainDNSZones:
(same as parent folder)        Host(A)                          10.10.10.3


In ForestDNSZones:
(same as parent folder)        Host(A)                          10.10.10.3

0
 

Author Comment

by:scaffo
ID: 17969026
In response to TechSoEasy, the box came with 2 onboard nics and I added another one.  Even if I remove the extra 1 I'll still have 2 which I can't physically remove, although I could disable them.

In the Configure Email and Internet Connection wizard, I specify that "my server uses a single network connection for both internet access and the local network."  Namely - the 10.10.10.3 one.  That's the only one registered with DNS and the only one that allows netbios over tcpip.  

Is there anything else I can check on the "too many NICs" side of things?

I kind of figured this might be something we'll never figure out.  It seems a little lame that SBS only functions as intended with a single network interface.

I still think it has something to do with DNS.  I noticed that if i run net view \\dc1  on DC1 itself, it works.  But from other computers, it doesn't work even though I can ping dc1 and I can remote desktop to it.
0
 
LVL 31

Expert Comment

by:Toni Uranjek
ID: 17969076
I'm a little bit confused. :D But name resolution problem can be resolved, you can try to edit host file as last resort. You wouldn't have firewall enabled on this NIC? Does nslookup on clients resolve queries?
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 17969088
Can you please explain why you are using three though???

Jeff
TechSoEasy
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 17969100
And it's not true that SBS only functions with a single network interface.  It's designed to work with either ONE or TWO.  

Jeff
TechSoEasy
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 17969122
And another thought... your comment "It seems a little lame that SBS only functions as intended"  does not at all respect the complexity of what's going on in SBS which has many components and services that would never be deployed in a single machine if you didn't have the SBS infrastructure to keep it coordinated and managed well.

Having a single server solution, DOES add some limitations... but usually these are not at all a problem for most small businesses.

Jeff
TechSoEasy
0
 

Author Comment

by:scaffo
ID: 17969333
I'll try removing the 3rd nic, to limit it to just 2 and see if it works.  And I'll take it down to 1 nic if 2 still doesn't work.

I always thought that having multiple network cards was a fairly basic feature of the O.S. but maybe that's not true?

I don't think anyone would ever accuse windows server of not being complex.

I just need dns, email and web sites.   Not replication, forests, group policies, etc.  I really like Exchange server/Outlook so we went with SBS and it's done really well.  The main challenge is not stirring up trouble by messing with any of the hundreds of advanced and super-advanced options through the various configuration tools :)

I thought maybe someone would find something simple I missed since I'm not an expert at windows server.  But it sounds like it's not something simple, or maybe it is but it's well hidden.

For the most part everything works - email, dns, web sites and so forth.  I'll keep trying different things and if I figure it out I'll post the answer here.
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 17969469
Two will work just fine.  There's a sample configuration here:  http://sbsurl.com/twonics

Also, read through http://sbsurl.com/itpro so you can see what not to mess with.  :-)

It is something VERY simple... just use the wizards to configure your server and deploy it in the manner in which it was designed.  SBS is pre-configured.  It's not as flexible as a standard server2003, but then again, you don't want it to be.

Jeff
TechSoEasy
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 17969471
And don't take this the wrong way... but for SBS?  RTFM!

Jeff
TechSoEasy
0
 
LVL 31

Expert Comment

by:Toni Uranjek
ID: 17971927
You might not be using SBS as recommended but at the end of the day, you still have name resolution problem. Event logs do not show any other errors. Did you try to edit hosts file?
0
 

Author Comment

by:scaffo
ID: 17972284
I havent' tried that yet - what entry should I put in?  You're rerring to the "hosts" file, not the LMHosts file, right?

Here are the new things I've tried:

1. disabling/removing all but the primary nic.  Didn't seem to change anything.  Rebooted, etc.
2. trying to use Wins.  Made sure service was on, set tcpip on nic to use 10.10.10.3 as wins server, etc.  Nothing.
3. turned Wins completely off.  Turned off service, removed entry for wins server on nic.  Didn't seem to matter.  I shouldn't need wins, we have all xp pro clients.

Note that I did somehow get ping mydomain.local working.  I don't know if it was one of the dns entries I tried, or flushing the dns cache or what, but I can ping mydomain.local.  But I still can't net view \\mydomain.local.

It's my understanding that a net view command requires netbios.  And that netbios uses Wins.  But that Microsoft is phasing out Wins and for my setup, I shouldn't even need it.  So how can a net view command work in a pure DNS setup?

I would think if you set "Enable net bios over tcp/ip" then it might work, but it doesn't seem to.
0
 
LVL 31

Accepted Solution

by:
Toni Uranjek earned 500 total points
ID: 17972301
Although "net view" is understood as NetBIOS application, it is posible to connect or view shares with FQDN or even IP. NetBIOS name resolution can use WINS, brodacast or lmhosts. Node type defines behaviour for your clients for NetBIOS name resolution. You can not use net view \\mydomain.local on server or on client? What has happened to error in Event viewer?
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 17973337
Scaffo,

Please advise if you would like further assistance from me.  Otherwise, I'll let this question go and you can continue working with other experts to resolve your issue.

Jeff
TechSoEasy
0
 

Author Comment

by:scaffo
ID: 17973406
lol.  you'll love this - it's working now.  I'm not sure why - several reboots and luck?  I'm not using wins or any special hosts values.  The only thing that really changed was permission on the sysvol share which was really for a separate issue.

Oh well, thank you everyone for your help even if we didn't pin down the exact cause.  If nothing else, I learned a lot about name resolution.
0
 

Author Comment

by:scaffo
ID: 17973935
Thanks toniur for all your help!
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
SBS 2011 running out of space 12 65
Help with computer errors 18 118
Small Business Network Solution 9 78
Funa@india.com 6 394
I work for a company that primarily works with small businesses as their outsourced IT vendor. As such the majority of these customers utilize some version of Small Business Server. Due to the economics of running a small business, many of these cus…
If you are a user of the discontinued Microsoft Office Accounting 2008 (MSOA) and have to move to a new computer running Windows 8, you will be unhappy to discover that it won't install.  In particular, Microsoft SQL Server 2005 Express Edition (SSE…
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now