timnjohnson
asked on
Windows 2003 DHCP-DNS PROBLEMS-UNABLE TO JOIN THE DOMAIN OR PING
We are small Biotech company in the process of implementing Active Directory and Exchange.
Windows 2003 server is up and running but I'm having DHCP and DNS problems. We have an internet Registered Domain and ready to add MS Exchange soon.
I've tried using MS step by step troubleshooting tools but none seems to help. For one, I can't join any of my workstations to the Domain, dhcp is not issuing ip addresses, cannot ping the dc name or ip and there could be some issues with DNS.
I've gathered enough info from DCDIAG and NETDIAG tests all ran from the DC. I'm gonna need to create MX Records for Exchange..so if you can include that too..I'll appreciate........ Here are the results:
Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.
C:\Documents and Settings\Administrator.MED SRV1.000>c d\
C:\>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : medsrv1
Primary Dns Suffix . . . . . . . : XYZ.com
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : XYZ.com
Ethernet adapter Local Area Connection 2:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/100+ PCI Adapter
Physical Address. . . . . . . . . : 00-90-27-71-A2-BC
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.5
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 192.168.1.5
C:\>dcdiag.exe
Domain Controller Diagnosis
Performing initial setup:
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\ME DSRV1
Starting test: Connectivity
......................... MEDSRV1 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\ME DSRV1
Starting test: Replications
......................... MEDSRV1 passed test Replications
Starting test: NCSecDesc
......................... MEDSRV1 passed test NCSecDesc
Starting test: NetLogons
......................... MEDSRV1 passed test NetLogons
Starting test: Advertising
......................... MEDSRV1 passed test Advertising
Starting test: KnowsOfRoleHolders
......................... MEDSRV1 passed test KnowsOfRoleHolders
Starting test: RidManager
......................... MEDSRV1 passed test RidManager
Starting test: MachineAccount
......................... MEDSRV1 passed test MachineAccount
Starting test: Services
......................... MEDSRV1 passed test Services
Starting test: ObjectsReplicated
......................... MEDSRV1 passed test ObjectsReplicated
Starting test: frssysvol
......................... MEDSRV1 passed test frssysvol
Starting test: frsevent
......................... MEDSRV1 passed test frsevent
Starting test: kccevent
......................... MEDSRV1 passed test kccevent
Starting test: systemlog
An Error Event occured. EventID: 0x00000423
Time Generated: 07/22/2007 06:38:20
Event String: The DHCP service failed to see a directory server
An Error Event occured. EventID: 0x00000416
Time Generated: 07/22/2007 06:38:20
Event String: The DHCP/BINL service on the local machine,
An Error Event occured. EventID: 0x00000423
Time Generated: 07/22/2007 06:38:20
Event String: The DHCP service failed to see a directory server
......................... MEDSRV1 failed test systemlog
Starting test: VerifyReferences
......................... MEDSRV1 passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Running partition tests on : XYZ
Starting test: CrossRefValidation
......................... XYZ passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... XYZ passed test CheckSDRefDom
Running enterprise tests on : XYZ.com
Starting test: Intersite
......................... XYZ.com passed test Intersite
Starting test: FsmoCheck
......................... XYZ.com passed test FsmoCheck
C:\>Netdiag.exe
.......................... ..........
Computer Name: MEDSRV1
DNS Host Name: medsrv1.XYZ.com
System info : Windows 2000 Server (Build 3790)
Processor : x86 Family 6 Model 7 Stepping 3, GenuineIntel
List of installed hotfixes :
KB924667-v2
KB925398_WMP64
KB925902
KB926122
KB927891
KB929123
KB930178
KB931784
KB931836
KB932168
KB933566
KB933854
KB935839
KB935840
KB935966
KB936357
Q147222
Netcard queries test . . . . . . . : Passed
Per interface results:
Adapter : Local Area Connection 2
Netcard queries test . . . : Passed
Host Name. . . . . . . . . : medsrv1
IP Address . . . . . . . . : 192.168.1.5
Subnet Mask. . . . . . . . : 255.255.255.0
Default Gateway. . . . . . : 192.168.1.1
Dns Servers. . . . . . . . : 192.168.1.5
AutoConfiguration results. . . . . . : Passed
Default gateway test . . . : Passed
NetBT name test. . . . . . : Passed
[WARNING] At least one of the <00> 'WorkStation Service', <03> 'Messenge
r Service', <20> 'WINS' names is missing.
WINS service test. . . . . : Skipped
There are no WINS servers configured for this interface.
Global results:
Domain membership test . . . . . . : Passed
NetBT transports test. . . . . . . : Passed
List of NetBt transports currently configured:
NetBT_Tcpip_{305CC760-4CB2 -4FDC-B65E -D584D16DE 9CB}
1 NetBt transport currently configured.
Autonet address test . . . . . . . : Passed
IP loopback ping test. . . . . . . : Passed
Default gateway test . . . . . . . : Passed
NetBT name test. . . . . . . . . . : Passed
[WARNING] You don't have a single interface with the <00> 'WorkStation Servi
ce', <03> 'Messenger Service', <20> 'WINS' names defined.
Winsock test . . . . . . . . . . . : Passed
DNS test . . . . . . . . . . . . . : Passed
PASS - All the DNS entries for DC are registered on DNS server '192.168.1.5'
.
Redir and Browser test . . . . . . : Passed
List of NetBt transports currently bound to the Redir
NetBT_Tcpip_{305CC760-4CB2 -4FDC-B65E -D584D16DE 9CB}
The redir is bound to 1 NetBt transport.
List of NetBt transports currently bound to the browser
NetBT_Tcpip_{305CC760-4CB2 -4FDC-B65E -D584D16DE 9CB}
The browser is bound to 1 NetBt transport.
DC discovery test. . . . . . . . . : Passed
DC list test . . . . . . . . . . . : Passed
Trust relationship test. . . . . . : Skipped
Kerberos test. . . . . . . . . . . : Passed
LDAP test. . . . . . . . . . . . . : Passed
Bindings test. . . . . . . . . . . : Passed
WAN configuration test . . . . . . : Skipped
No active remote access connections.
Modem diagnostics test . . . . . . : Passed
IP Security test . . . . . . . . . : Skipped
Note: run "netsh ipsec dynamic show /?" for more detailed information
The command completed successfully
C:\>
Windows 2003 server is up and running but I'm having DHCP and DNS problems. We have an internet Registered Domain and ready to add MS Exchange soon.
I've tried using MS step by step troubleshooting tools but none seems to help. For one, I can't join any of my workstations to the Domain, dhcp is not issuing ip addresses, cannot ping the dc name or ip and there could be some issues with DNS.
I've gathered enough info from DCDIAG and NETDIAG tests all ran from the DC. I'm gonna need to create MX Records for Exchange..so if you can include that too..I'll appreciate........ Here are the results:
Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.
C:\Documents and Settings\Administrator.MED
C:\>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : medsrv1
Primary Dns Suffix . . . . . . . : XYZ.com
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : XYZ.com
Ethernet adapter Local Area Connection 2:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/100+ PCI Adapter
Physical Address. . . . . . . . . : 00-90-27-71-A2-BC
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.5
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 192.168.1.5
C:\>dcdiag.exe
Domain Controller Diagnosis
Performing initial setup:
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\ME
Starting test: Connectivity
......................... MEDSRV1 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\ME
Starting test: Replications
......................... MEDSRV1 passed test Replications
Starting test: NCSecDesc
......................... MEDSRV1 passed test NCSecDesc
Starting test: NetLogons
......................... MEDSRV1 passed test NetLogons
Starting test: Advertising
......................... MEDSRV1 passed test Advertising
Starting test: KnowsOfRoleHolders
......................... MEDSRV1 passed test KnowsOfRoleHolders
Starting test: RidManager
......................... MEDSRV1 passed test RidManager
Starting test: MachineAccount
......................... MEDSRV1 passed test MachineAccount
Starting test: Services
......................... MEDSRV1 passed test Services
Starting test: ObjectsReplicated
......................... MEDSRV1 passed test ObjectsReplicated
Starting test: frssysvol
......................... MEDSRV1 passed test frssysvol
Starting test: frsevent
......................... MEDSRV1 passed test frsevent
Starting test: kccevent
......................... MEDSRV1 passed test kccevent
Starting test: systemlog
An Error Event occured. EventID: 0x00000423
Time Generated: 07/22/2007 06:38:20
Event String: The DHCP service failed to see a directory server
An Error Event occured. EventID: 0x00000416
Time Generated: 07/22/2007 06:38:20
Event String: The DHCP/BINL service on the local machine,
An Error Event occured. EventID: 0x00000423
Time Generated: 07/22/2007 06:38:20
Event String: The DHCP service failed to see a directory server
......................... MEDSRV1 failed test systemlog
Starting test: VerifyReferences
......................... MEDSRV1 passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Running partition tests on : XYZ
Starting test: CrossRefValidation
......................... XYZ passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... XYZ passed test CheckSDRefDom
Running enterprise tests on : XYZ.com
Starting test: Intersite
......................... XYZ.com passed test Intersite
Starting test: FsmoCheck
......................... XYZ.com passed test FsmoCheck
C:\>Netdiag.exe
..........................
Computer Name: MEDSRV1
DNS Host Name: medsrv1.XYZ.com
System info : Windows 2000 Server (Build 3790)
Processor : x86 Family 6 Model 7 Stepping 3, GenuineIntel
List of installed hotfixes :
KB924667-v2
KB925398_WMP64
KB925902
KB926122
KB927891
KB929123
KB930178
KB931784
KB931836
KB932168
KB933566
KB933854
KB935839
KB935840
KB935966
KB936357
Q147222
Netcard queries test . . . . . . . : Passed
Per interface results:
Adapter : Local Area Connection 2
Netcard queries test . . . : Passed
Host Name. . . . . . . . . : medsrv1
IP Address . . . . . . . . : 192.168.1.5
Subnet Mask. . . . . . . . : 255.255.255.0
Default Gateway. . . . . . : 192.168.1.1
Dns Servers. . . . . . . . : 192.168.1.5
AutoConfiguration results. . . . . . : Passed
Default gateway test . . . : Passed
NetBT name test. . . . . . : Passed
[WARNING] At least one of the <00> 'WorkStation Service', <03> 'Messenge
r Service', <20> 'WINS' names is missing.
WINS service test. . . . . : Skipped
There are no WINS servers configured for this interface.
Global results:
Domain membership test . . . . . . : Passed
NetBT transports test. . . . . . . : Passed
List of NetBt transports currently configured:
NetBT_Tcpip_{305CC760-4CB2
1 NetBt transport currently configured.
Autonet address test . . . . . . . : Passed
IP loopback ping test. . . . . . . : Passed
Default gateway test . . . . . . . : Passed
NetBT name test. . . . . . . . . . : Passed
[WARNING] You don't have a single interface with the <00> 'WorkStation Servi
ce', <03> 'Messenger Service', <20> 'WINS' names defined.
Winsock test . . . . . . . . . . . : Passed
DNS test . . . . . . . . . . . . . : Passed
PASS - All the DNS entries for DC are registered on DNS server '192.168.1.5'
.
Redir and Browser test . . . . . . : Passed
List of NetBt transports currently bound to the Redir
NetBT_Tcpip_{305CC760-4CB2
The redir is bound to 1 NetBt transport.
List of NetBt transports currently bound to the browser
NetBT_Tcpip_{305CC760-4CB2
The browser is bound to 1 NetBt transport.
DC discovery test. . . . . . . . . : Passed
DC list test . . . . . . . . . . . : Passed
Trust relationship test. . . . . . : Skipped
Kerberos test. . . . . . . . . . . : Passed
LDAP test. . . . . . . . . . . . . : Passed
Bindings test. . . . . . . . . . . : Passed
WAN configuration test . . . . . . : Skipped
No active remote access connections.
Modem diagnostics test . . . . . . : Passed
IP Security test . . . . . . . . . : Skipped
Note: run "netsh ipsec dynamic show /?" for more detailed information
The command completed successfully
C:\>
Does your internet router (you probably have one) is issuing DHCP addresses? If so, disable the built-in DHCP server.
ASKER
No it has static ip. DHCP is disabled on the Linksys router.
Try to remove the domain controller (un-promote using dcpromo), and check your DHCP+DNS services. Do they work correctly? You need to have the DHCP running correctly. What is the configuration of the scope?
ASKER
The DHCP and DNS services are ok. I can stop and start services without any problem.
My DHCP Scope configuration:
Starting IP: 192.168.1.2
Ending IP 192.168.1.30
Excluded from DHCP Distribution:
192.168.1.2 through 192.168.1.11 ( Domain is 192.168.1.5)
No Reservations configured.
Scope Options:
003-router= 192.168.1.1
006-DNS Server: ISP IP ADDRESSE
015-DNS Domain Name: My Domain-XYZ.COM
Server Options:
ISP Forwarders.
Note:
I've not demoted the Domain yet.
Look at the config and let me know whether demoting is necessary.
Thanks.
It seems to be ok, however, you say your clients can't get IP from your DHCP server, right?
ASKER
Yes, but I can't ping the dc from the client side.
Could it be that there some other computer with the DC's IP?
What happens when you attempt to run nslookup with the DC's name?
What happens when you attempt to run nslookup with the DC's name?
ASKER
Here is the result with nslookup:
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.
C:\Documents and Settings\Administrator>nsl
Server: cns.manassaspr.va.dc02.com
Address: 68.87.73.242
Non-authoritative answer:
Name: premium11.geo.yahoo9.akadn
Addresses: 69.147.83.176, 69.147.83.154, 69.147.83.152, 69.147.83.158
69.147.83.156, 69.147.83.178, 69.147.83.155, 69.147.83.159
Aliases: Medstar.Medstarcorp.com
C:\Documents and Settings\Administrator>
Your settings are incorrect. The DHCP *should* supply the DNS address of the DC server. Nothing else. Also, the DC server has to use its own DNS, and its DNS should use your ISP's DNS settings as its forwarders.
ASKER
I have made the changes you recommended. Removed all the forwarders from DHCP and instead placed the local DNS server ( 192.168.1.5) address The DC is it's own dns server also. But, even after all that I still can't ping the server by name or ip address. Stopped and started both DHCP and DNS SERVICES but still no go.
Have a look at this ping summary:
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.
C:\Documents and Settings\TimJ>ping medstar
Ping request could not find host medstar. Please check the name and try again.
C:\Documents and Settings\TimJ>ping 192.168.1.5
Pinging 192.168.1.5 with 32 bytes of data:
Destination host unreachable.
Destination host unreachable.
Destination host unreachable.
Destination host unreachable.
Ping statistics for 192.168.1.5:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
C:\Documents and Settings\TimJ>ping medstar
Ping request could not find host medstar. Please check the name and try again.
C:\Documents and Settings\TimJ>ping 192.168.1.5
Pinging 192.168.1.5 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 192.168.1.5:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
C:\Documents and Settings\TimJ>ping 192.168.1.5
Pinging 192.168.1.5 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 192.168.1.5:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
C:\Documents and Settings\TimJ>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : LisasPC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter Local Area Connection 4:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 3Com EtherLink XL 10/100 PCI TX NIC
(3C905B-TX)
Physical Address. . . . . . . . . : 00-50-04-A0-7F-01
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Autoconfiguration IP Address. . . : 169.254.46.52
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . : 169.254.46.52
C:\Documents and Settings\TimJ>
Your IP shows you got no DHCP.
About the server, use 'ipconfig /registerdns' to register it, however, it seems as if you're having some vlan or a whole different (and disconnected) network problem.
Try running 'ipconfig /renew' on the client, and see if it got an IP of the class 192.168.1.x
About the server, use 'ipconfig /registerdns' to register it, however, it seems as if you're having some vlan or a whole different (and disconnected) network problem.
Try running 'ipconfig /renew' on the client, and see if it got an IP of the class 192.168.1.x
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I'll try your suggestions and post the results.
Thanks.
Sure, let me know if you have any questions or need clarification
ASKER
Update:
Now the clients are getting the IP address from the DHCP server, but after joining the domain it's taking almost ten minutes to load personal profile every time I log off. I can understand the first time after joining the domain but second, third and fourth time there must be something wrong some where.
Do you have any ideas?
Thanks.
Sure... sorry for the delay....
First, unplug the pc from the network and attempt to login to it using a domain account that you have logged into it before. See if your response is any better. If the login is significately better, however, when you plug it back in it is slow, then you have some sort of routing issue here.
Secondly, make sure that you are not using roaming profiles (http://technet2.microsoft.com/windowsserver/en/library/b41402c2-c982-4bfb-891e-91b47f211e181033.mspx?mfr=true)
Last but not least, make sure that when you ping domainname.com that you are getting the ip address of the dc. For instance, if my internal domain that the computer is joined to is called mickey.internal ..... If you ping mickey.internal you should recieve ip address of the domain controller.
First, unplug the pc from the network and attempt to login to it using a domain account that you have logged into it before. See if your response is any better. If the login is significately better, however, when you plug it back in it is slow, then you have some sort of routing issue here.
Secondly, make sure that you are not using roaming profiles (http://technet2.microsoft.com/windowsserver/en/library/b41402c2-c982-4bfb-891e-91b47f211e181033.mspx?mfr=true)
Last but not least, make sure that when you ping domainname.com that you are getting the ip address of the dc. For instance, if my internal domain that the computer is joined to is called mickey.internal ..... If you ping mickey.internal you should recieve ip address of the domain controller.