• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 597
  • Last Modified:

Setting up my new domain

I have started a new domain on my 2003 server
called it win2003 and set the dns to point to itself. all is good
when i do a nslookup i get the right results its points to the right IP i mean.
But I cant access the server from other clients. I cant even ping the server.
the server is joined to my network with a billion 701 voip/modem/router.
Should I point the server to my ISP DNS? Im very confused with this
0
Netwitz
Asked:
Netwitz
5 Solutions
 
LauraEHunterMVPCommented:
If your clients cannot ping the server by its IP address, then you have either a physical connectivity issue, or you have not opened the correct ports on any firewall that is in place between server and client.  (If your 2003 server is running SP1, be sure that the Windows Firewall is disabled.)

As for DNS, your DC should point to itself for DNS (assuming that the DC is running the DNS server service), and should be configured with your ISP's DNS as a forwarder.  Your clients need to be configured with the DNS of your DC, otherwise they will not be able to access Active Directory authentication on that DC.
0
 
santhoshuCommented:
Leave alone the server.  First find out if the clients are able to ping each other.  If yes, then look @ the IP range on the Server and Clients.  If they are differnt Class or differnt networks, the first find out if the clients can ping the Router. Make sure the default gateway is set to the router IP on the cleints and the server.
0
 
KCTSCommented:
All of your clients and the DC itself MUST point to the DC for DNS and local host names need tp be resolved by the server. In order to set up internet name resolution you need to open up the DNS console on the DC, right click on the DNS server and select forwarders and enter the IP address(es) of your ISPs DNS Server(s).

See - standard forwarding at http://articles.techrepublic.com.com/5100-6268_11-5112303.html
0
 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

 
NetwitzAuthor Commented:
Local gateway is i92.168.1.254, server is i92.168.1.8, was acting as a local server no DC, and all was good
No firewall on the server, I cant ping that bad boy, from other comps in the network. therefore I cant join the domain either, it is my first Domain so am worried I made a mistake somwhere. there are 2 network cards in the server, although 1 is disables, I plan to hook the adsl modem into the second card, its a mystery

0
 
LauraEHunterMVPCommented:
Are your clients located on the same subnet as the server?  

If so, are clients and servers configured with the correct subnet mask?

If clients are on a remote subnet, how is traffic being physically routed between subnets?

As an aside, it is not a best practice to multi-home a domain controller.  Leave the domain controller attached solely to your private LAN and use a dedicated hardware router or a different server to act as your proxy server/router.
0
 
John Gates, CISSPSecurity ProfessionalCommented:
In addition to KCTS's comment you would also need to delete the "." zone from the DNS server because when you set up DNS it sets itself up as an authoritative root server.  This means if it does not find resolution in it's own records it will simply fail.  Removing the "." zone in forward lookup zones and restarting the service with make it go to the servers that you list when it cannot find a record locally.

-D-
0
 
NetwitzAuthor Commented:
this turns out to be a windows firewall problem and SP1. When I try to acces the firewall it said it was not able to start. I presumed this was because it was disabled. I know that you guys could not correctly answer this due to me giving you incorect information
I searched the web to solve that problem and Voila it solved this problem as well, I can now ping the server and connect to the domain.
also nslookup returns the right information
found info at this address http://www.itnewsgroups.net/group/microsoft.public.windows.server.networking/topic6877.aspx
0

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now