Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 3428
  • Last Modified:

Windows 7 clients won't obtain DHCP address from the Windows 2003 domain controllder

Windows 7 clients won't obtain a DHCP address from the Win 2003 domain controller. When the IPv4 protocol is set to 'Obtain an IP address automatically' it gets assigned an alternate ip and then cannot connect to the internet or domain resources. IPv6  is unchecked and I am pointing to our DNS servers in the DNS configuration. If I assign a static IP on our domain, then all works well.

XP clients do not have a problem. I have tried more than one Win 7 client and the same problem occurs.

What is the fix for this? I have looked read many blogs on this and other web sites, but nothing has pointed a way to a fix.
0
maripro
Asked:
maripro
  • 12
  • 6
  • 3
  • +4
4 Solutions
 
celazkonCommented:
Hi, do you use any security software suite on the win7 box? If yea, check whether it is configured correctly. If not, check whether the network connection type is set as home of office network, since this sets the required windows firewall rules correctly.
Good luck
0
 
chasefan31Commented:
Set the connection type as "work" to make it work correctly on a domain.  You could disable the firewall also to determine if it is interfering.
0
 
RootsManCommented:
What is the range of DHCP addresses defined on you server?
How many DHCP clients are on your LAN?
Is it possible that you're running out of available DHCP leases on your server?
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
D_VanteCommented:
On an xp box try renew all to see if it can get a new ip

On win7. Try clearing the dns entries
0
 
mariproAuthor Commented:
I have a Win 7 Pro system out of the box. I joined my domain and it won't use the existing DHCP on my domain controller.  On Win 7 Pro system, System and Security, Windows Firewall tells me that some settings are managed by group policy (yes, and the existing configuration works for all XP systems). Below, the firewall settings it says, Domain networks: Not Connected, and Home or work network: Not Connected. The Win 7 systems was assigned a public address (even though it did join the domain), but cannot reach the internet or any system resources.

So what group policy do I need to change to control Win 7? The domain controllers work for all XP systems, so there appears to be something that needs to be added or altered, but WHAT?
0
 
celazkonCommented:
Do you have some other win 7 machine, that you could join to your domain to see whether this problem is common for win 7 OS family, or if it arises only on your actual win 7 box?
0
 
RootsManCommented:
What is the range of DHCP scope of addresses defined on your server?
How many DHCP clients are on your LAN?
Is it possible that you're running out of available DHCP leases on your server?
0
 
mariproAuthor Commented:
We have three Win 7 machines on the network. If we assign a static IP address, all network resources are available to it. If, I try to use DHCP, the domain controller will  not give it an IP or allow it to have network resource (because it is given an alternate IP address that is not on the domain).

The scope of IP addresses available to DHCP is a class C, 128.170.nnn
This is not a problem of running out of available DHCP leases.

Any other ideas?
0
 
RootsManCommented:
You could try running the Wireshark packet sniffer to see if the PC is sending a request "DHCPDISCOVER" for an IP address, and getting a reply "DHCPOFFER" from the DHCP server.
Make a note of the MAC address of the PC in question and filter on that MAC address.

After you start a capture with Wireshark, do an ipconfig /release and then ipconfig /renew.
0
 
IT-Monkey-DaveCommented:
Is DHCP Conflict Detection enabled on the DHCP server?
0
 
IT-Monkey-DaveCommented:
http://social.technet.microsoft.com/Forums/en-US/winserverNIS/thread/07a26080-5b37-410d-85c7-e131cc678efe

Scroll just past the halfway point and find a post by "Harry Hi" with a whole bunch of DHCP problem solutions for Win7.  I'd quote it here but it's quite lengthy and I don't want to steal someone else's work.  :)  Anyway there are some good suggestions there.
0
 
mariproAuthor Commented:
OK, the posts at the site you suggested were helpful together with packet capture. I have turned on DHCP Conflict Detection on the DHCP server. The DHCP server logs show repeated attempts to renew the lease to the Win7 computer every second or so, without end and no resolution. The Win7 computer will not accept the lease IP, but does not reveal why.

I captured packets using Wireshark. It confirms what I see in the DHCP server logs, a repeated request cycle, over and over. However there are no DHCP Denials, as the post web site suggests. The cycle is:
1. DHCP Discover from Win7
2. DHCP Offer from Server
3. DHCP Request from Win7
4. DHCP ACK from the Server

This four command request and response cycle continues each second and is never resolved. What is going on here? The post(s) are saying this is not a Windows issue, but possibly a network equipment problem. However, since there is no DHCP denials, I think this may be something different. Any ideas on what to do next?

The end result is that the Win7 computer won't access the internet or any network resources. The Win7 machine is assigned an IP addrss outside the domain.

0
 
celazkonCommented:
I would try to turn OFF the checksum for Rx & Tx on the network card on win7 machine. This can be done in the device manager on the advanced tab of the network controller properties dialog.
0
 
RootsManCommented:
Is the IP address offered to the Windows 7 PC in the "DHCP Offer from Server" packet correct for your LAN?

What is the IP address least time set to on the server?

0
 
mariproAuthor Commented:
@ RootsMan - IP address offered to Windows 7 PC in "DHCP Offer from Server" is correct for our LAN. Where do I find "IP address least time set to on the server"?
0
 
mariproAuthor Commented:
@ celazkon: I turned OFF che checksum for Rx and Tx on the network card for the win7 computer. The Win7 box still refuses to accept the x.x.x.123 lease. Network activity shows that there are no transmission packets from the Win 7 machine, but Win7 receives packets.

Wireshark shows the same DHCP sequence described earlier. I decided to assign the static IP x.x.x.123 to the Win7 computer and now it can access network resources and the internet.

I am going to try to connect Win7 directly to the DHCP server with a crossover cable as suggested in one of the blogs. This will help identify if the source of the problem lies in network gear.

Any other suggestions welcome.  This problem is grinding....
0
 
Davis McCarnOwnerCommented:
Both Vista and 7 will refuse to accept an ip address that is already in use by an active connection.  The test is to set things back to automatic, open network connections, then disable and enable the network connection.
0
 
mariproAuthor Commented:
As suggested, I set network adapter settings back to get an automatic IP from DHCP. Rebooted the computer, opened network connections, disabled then enabled the network connection. Same results with the Win 7 computer assigning a non-domain IP. No internet connectivity and no access to network resources.  

The detailed blogs I followed earlier suggested the problems were not with Windows, but other network gear. Any other ideas?

 


0
 
RootsManCommented:
Did you also try to connect the Windows 7 box directly to the DHCP server with a crossover cable?
0
 
IT-Monkey-DaveCommented:
"Both Vista and 7 will refuse to accept an ip address that is already in use by an active connection"

Did we determine if conflict detection is enabled on the DHCP server?
0
 
mariproAuthor Commented:
I connected the Windows 7 box directly to the DHCP server with a crossover cable. The results were the same and Windows 7 computer assigns itself a non-domain IP. Conflict detection is enabled on the DHCP server.

So let's review:

--Win 7 client makes it's request to the DHCP server.
--DHCP server offers an unused IP to Win7 computer (I am sure of this, since I've removed the lease before starting, and verified).
--Win 7 client gets an acknowledgement from the DHCP server as seen in Wireshark packet.
--Win 7 client does not accept the DHCP issued IP, but rather comes up with its own (169.xxx) and won't get to the Internet or see any domain resources.
--DHCP assigns the lease and records it in it's database, however subsequently it attempts to renew the lease every second as see on the server side logs.

Are there any logs or clues to look for on the client, since it looks like client is having a problem and not the server?  What could be going on here?
0
 
Davis McCarnOwnerCommented:
Who made these systems?
Did they come with any preinstalled antivirus/security software that may still be lurking in the backgroud (meaning it didn't uninstall correctly)?
Do you have access to a regular D-Link/Belkin/Netgear/etc. router so you could see if the system refuses it's DHCP too?
Is there something strange in the DNS/DHCP configuration on the servers?

Short of a common infestation or failed uninstall of a security package, I have never had problems with DHCP in Win7, nor does it seem to be a common problem.
0
 
RootsManCommented:
On the Windows 7 box, try deleting the network interface from device manager and then reboot.

If that doesn't work, try uninstalling Internet Protocol v4, reboot, then install IPv4.

If that doesn't work, try installing a separate NIC and see if the new NIC has the same problem.

0
 
mariproAuthor Commented:
There is no security software on the Dell box.  I connected the computer to a regular Linksys box (off the domain) and it did NOT get a DHCP issued IP. Woahhh! So, I restored Windows 7 OS to it's original state to start from scratch. Plugged Windows 7 computer into a regular Linksys box and got an DHCP issued IP. OK, at least this makes sense.

I set the network location to 'Work' and plugged Windows 7 computer into my domain. It connected, gave it a DHCP address in my domain and can get on the Internet. However it is still in the default 'WORKGROUP' and I had not "joined the domain" and could not get network files. In Network and Sharing Center, it shows computer is connected to my 'domain name' and below it says 'Work network'. Next I turned off the Windows Firewall and in System and Security\System, I joined my domain. Now in Network and Sharing, it says 'Domain network' below my 'domain name'. I can get at all the resources now on this box.

I still have another two Windows 7 systems where it will not take the DHCP issued IP and takes the alternate non domain IP. The DHCP renews occur once per second. I now have a workaround, but I don't know is Windows Firewall or startup response is the issue. These are out-of-the box DELL computers with Windows 7 Pro pre-installed.

Thank you for the suggestions as it seemed to be a combination of still puzzling events.
0
 
Davis McCarnOwnerCommented:
It is not Windows firewall!  Even M$ is smarter than to block DHCP.
On one of the other systems, click Start and, in the search box, type CMD<CTRL-SHIFT-ENTER> which will open an elevated CMD window.  In it, type:
netsh winsock reset
netsh winsock reset catalog
netsh interface ip reset C:\interface-resetlog.txt
netsh interface reset all
netsh firewall reset
Reboot.

If that doesn't get it, change the system back to non-domain, then go to the device manager, delete the network card, and reboot to redetect it.
0
 
mariproAuthor Commented:
Argggg ....totally frustrated now. The Windows 7 box did not survive a reboot. In Network and Sharing Center, where it shows computer is connected to my 'domain name' and below it says 'Work network',  after reboot it says 'Unidentified network' and below it says 'Public network'. The problem has returned!

The docs say to go to Network and Sharing Center and choose a location. There is no where to get it back to the domain location or even to a work location.

Is this a domain issue and GPOs interfering somehow?  Why won't the Win 7 accept an IP that it had before and reverts to a non-domain IP.  If I assign a static IP, everything works fine. Crazy M$ again.

@DavisMcCarn - tried running script that did not have any effect
"netsh interface reset all" had an error, the reset all netsh ran.  
0
 
mariproAuthor Commented:
OK, I've found a reasonable workaround after spending weeks on this problem. This technet post revealed that this is not just an isolated case, but a pitfall for at least several installations. I have found dozens of posts about this problem(s). The atttached post was most helpful. The last suggestion on the attached post works, but is a workaround. Using MMC, add local services and network services to the local administrators group. This works to fix the broken machines as well.

Another workaround is to assign a static IP, but there is no visibility with your DHCP server and managing your other machines. This is a poor choice.  The author of the post found a workaround by blocking inheritance of GPO in a new Active Directory OU. I did not want to go there.

I would like to know a permanent fix to this problem along with others I'm sure. So post it here if known.
0
 
mariproAuthor Commented:
0
 
mariproAuthor Commented:
Awarded points to information that led to a work around solution.
0

Featured Post

New feature and membership benefit!

New feature! Upgrade and increase expert visibility of your issues with Priority Questions.

  • 12
  • 6
  • 3
  • +4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now