Solved

Can't browse domain after new server install.

Posted on 2007-04-05
10
183 Views
Last Modified: 2012-05-05
I have a small network, 3 DC's (2 win 2000, 1 win 2003) and about 90 workstations/servers.  Ever since I installed the new windows 2003 server as the PDC, I am unable to browse the network (through My Network Places, for ex.)  and I can't figure out why.  This definitly began when I set up the 2003 server.  It is not my first 2003 server, as exchange is running on 2003...  I really don't know where to begin to troubleshoot...
0
Comment
Question by:mchad65
  • 6
  • 4
10 Comments
 
LVL 10

Expert Comment

by:mcrossland
ID: 18857970
Did you install A/D integrated DNS on the 2003 server?
Is your DNS and Wins pointing to the new server for all servers and workstations?

0
 

Author Comment

by:mchad65
ID: 18857999
I did install DNS, (I assume is it AD integrated?) and the server itself is pointing to itself as the primary DNS, however none of the clients are pointing to it for DNS yet.  This includes all the local users.  I think I resolved the browsing issue by enabling the computer browser service on the server.  Now I can browse the domain...
0
 
LVL 10

Expert Comment

by:mcrossland
ID: 18858050
cool.
0
 
LVL 10

Accepted Solution

by:
mcrossland earned 500 total points
ID: 18858077
Ultimately you will want all the workstations and servers pointing to that as the primary.  You will then be able to turn off the browser service.
0
 

Author Comment

by:mchad65
ID: 18858088
I am however still having an issue with it.  The server is accessable fine by everyone in our office, and those accessing via a software vpn client, however a remote office connecting via a L2L VPN can't access the new server.  Can't even ping.  Can't map drives by IP either \\IPADDRESS\sharename.  The other servers are on the same network, same subnet.  I do use a hosts file for resolution of internal resources, as the L2L vpn config uses their ISP's DNS servers...  ANy ideas on this one?
0
 
LVL 10

Expert Comment

by:mcrossland
ID: 18858139
try             tracert IPADDRESS
See where it is hopping.  I bet it dies out at the main gateway.  This means that your gateway doesn't know about the new server's ip address.  Try adding a route to the default gateway of the remote network.  Sounds like you are just using local host files. I don't like doing that personally.  I just add the route to the entire subnet on the firewall or vpn device.
0
 

Author Comment

by:mchad65
ID: 18858265
It is a cisco 506e set up to L2L.  I would bet you are right about it failing there.   The problem is this: it is a small office in the UK, they use the VPN to access network shares only.  They do alot of browsing, so it is set up to use their ISP DNS for name resolution.

In the cisco config, the only ACL I have referring to our internal network is this, where 10.1.3.x is the local (UK) network and 10.1.1.x is out (US) network:
access-list vpn_tunnel permit ip 10.1.3.0 255.255.255.0 10.1.1.0 255.255.255.0

What would I need to have in there for a route (if you know cisco)?
0
 

Author Comment

by:mchad65
ID: 18858358
tracert doesn't make it past the first hop... (The PIX)
0
 
LVL 10

Expert Comment

by:mcrossland
ID: 18858371
You need to tell the PIX where to go next.  
Try a tracert for a server that you CAN reach and that will be the second hop that the pix will need to know to get to that new server.
Check your route tables on the PIX.
0
 
LVL 10

Expert Comment

by:mcrossland
ID: 18858385
I believe it would be something like this.
IP Route 10.1.1.0 255.255.255.0 nexthopip
0

Join & Write a Comment

I know all systems administrator at some time or another has had to create a script to copy file from a server share to a desktop. Well now there is an easy way to do this in Group Policy. Using Group policy preferences is not hard. The first thing …
Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now