Solved

Windows 7 clients won't obtain DHCP address from the Windows 2003 domain controllder

Posted on 2010-11-24
31
3,384 Views
Last Modified: 2012-08-14
Windows 7 clients won't obtain a DHCP address from the Win 2003 domain controller. When the IPv4 protocol is set to 'Obtain an IP address automatically' it gets assigned an alternate ip and then cannot connect to the internet or domain resources. IPv6  is unchecked and I am pointing to our DNS servers in the DNS configuration. If I assign a static IP on our domain, then all works well.

XP clients do not have a problem. I have tried more than one Win 7 client and the same problem occurs.

What is the fix for this? I have looked read many blogs on this and other web sites, but nothing has pointed a way to a fix.
0
Comment
Question by:maripro
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 12
  • 6
  • 3
  • +4
31 Comments
 
LVL 7

Expert Comment

by:celazkon
ID: 34209760
Hi, do you use any security software suite on the win7 box? If yea, check whether it is configured correctly. If not, check whether the network connection type is set as home of office network, since this sets the required windows firewall rules correctly.
Good luck
0
 
LVL 1

Expert Comment

by:chasefan31
ID: 34209795
Set the connection type as "work" to make it work correctly on a domain.  You could disable the firewall also to determine if it is interfering.
0
 
LVL 6

Expert Comment

by:RootsMan
ID: 34213298
What is the range of DHCP addresses defined on you server?
How many DHCP clients are on your LAN?
Is it possible that you're running out of available DHCP leases on your server?
0
Get MySQL database support online, now!

At Percona’s web store you can order your MySQL database support needs in minutes. No hassles, no fuss, just pick and click. Pay online with a credit card.

 
LVL 7

Expert Comment

by:D_Vante
ID: 34214013
On an xp box try renew all to see if it can get a new ip

On win7. Try clearing the dns entries
0
 

Author Comment

by:maripro
ID: 34269884
I have a Win 7 Pro system out of the box. I joined my domain and it won't use the existing DHCP on my domain controller.  On Win 7 Pro system, System and Security, Windows Firewall tells me that some settings are managed by group policy (yes, and the existing configuration works for all XP systems). Below, the firewall settings it says, Domain networks: Not Connected, and Home or work network: Not Connected. The Win 7 systems was assigned a public address (even though it did join the domain), but cannot reach the internet or any system resources.

So what group policy do I need to change to control Win 7? The domain controllers work for all XP systems, so there appears to be something that needs to be added or altered, but WHAT?
0
 
LVL 7

Expert Comment

by:celazkon
ID: 34273970
Do you have some other win 7 machine, that you could join to your domain to see whether this problem is common for win 7 OS family, or if it arises only on your actual win 7 box?
0
 
LVL 6

Expert Comment

by:RootsMan
ID: 34274100
What is the range of DHCP scope of addresses defined on your server?
How many DHCP clients are on your LAN?
Is it possible that you're running out of available DHCP leases on your server?
0
 

Author Comment

by:maripro
ID: 34285220
We have three Win 7 machines on the network. If we assign a static IP address, all network resources are available to it. If, I try to use DHCP, the domain controller will  not give it an IP or allow it to have network resource (because it is given an alternate IP address that is not on the domain).

The scope of IP addresses available to DHCP is a class C, 128.170.nnn
This is not a problem of running out of available DHCP leases.

Any other ideas?
0
 
LVL 6

Accepted Solution

by:
RootsMan earned 250 total points
ID: 34287921
You could try running the Wireshark packet sniffer to see if the PC is sending a request "DHCPDISCOVER" for an IP address, and getting a reply "DHCPOFFER" from the DHCP server.
Make a note of the MAC address of the PC in question and filter on that MAC address.

After you start a capture with Wireshark, do an ipconfig /release and then ipconfig /renew.
0
 
LVL 13

Expert Comment

by:IT-Monkey-Dave
ID: 34287951
Is DHCP Conflict Detection enabled on the DHCP server?
0
 
LVL 13

Assisted Solution

by:IT-Monkey-Dave
IT-Monkey-Dave earned 250 total points
ID: 34287977
http://social.technet.microsoft.com/Forums/en-US/winserverNIS/thread/07a26080-5b37-410d-85c7-e131cc678efe

Scroll just past the halfway point and find a post by "Harry Hi" with a whole bunch of DHCP problem solutions for Win7.  I'd quote it here but it's quite lengthy and I don't want to steal someone else's work.  :)  Anyway there are some good suggestions there.
0
 

Author Comment

by:maripro
ID: 34297475
OK, the posts at the site you suggested were helpful together with packet capture. I have turned on DHCP Conflict Detection on the DHCP server. The DHCP server logs show repeated attempts to renew the lease to the Win7 computer every second or so, without end and no resolution. The Win7 computer will not accept the lease IP, but does not reveal why.

I captured packets using Wireshark. It confirms what I see in the DHCP server logs, a repeated request cycle, over and over. However there are no DHCP Denials, as the post web site suggests. The cycle is:
1. DHCP Discover from Win7
2. DHCP Offer from Server
3. DHCP Request from Win7
4. DHCP ACK from the Server

This four command request and response cycle continues each second and is never resolved. What is going on here? The post(s) are saying this is not a Windows issue, but possibly a network equipment problem. However, since there is no DHCP denials, I think this may be something different. Any ideas on what to do next?

The end result is that the Win7 computer won't access the internet or any network resources. The Win7 machine is assigned an IP addrss outside the domain.

0
 
LVL 7

Expert Comment

by:celazkon
ID: 34299611
I would try to turn OFF the checksum for Rx & Tx on the network card on win7 machine. This can be done in the device manager on the advanced tab of the network controller properties dialog.
0
 
LVL 6

Expert Comment

by:RootsMan
ID: 34301143
Is the IP address offered to the Windows 7 PC in the "DHCP Offer from Server" packet correct for your LAN?

What is the IP address least time set to on the server?

0
 

Author Comment

by:maripro
ID: 34303384
@ RootsMan - IP address offered to Windows 7 PC in "DHCP Offer from Server" is correct for our LAN. Where do I find "IP address least time set to on the server"?
0
 

Author Comment

by:maripro
ID: 34306507
@ celazkon: I turned OFF che checksum for Rx and Tx on the network card for the win7 computer. The Win7 box still refuses to accept the x.x.x.123 lease. Network activity shows that there are no transmission packets from the Win 7 machine, but Win7 receives packets.

Wireshark shows the same DHCP sequence described earlier. I decided to assign the static IP x.x.x.123 to the Win7 computer and now it can access network resources and the internet.

I am going to try to connect Win7 directly to the DHCP server with a crossover cable as suggested in one of the blogs. This will help identify if the source of the problem lies in network gear.

Any other suggestions welcome.  This problem is grinding....
0
 
LVL 43

Expert Comment

by:Davis McCarn
ID: 34325603
Both Vista and 7 will refuse to accept an ip address that is already in use by an active connection.  The test is to set things back to automatic, open network connections, then disable and enable the network connection.
0
 

Author Comment

by:maripro
ID: 34339870
As suggested, I set network adapter settings back to get an automatic IP from DHCP. Rebooted the computer, opened network connections, disabled then enabled the network connection. Same results with the Win 7 computer assigning a non-domain IP. No internet connectivity and no access to network resources.  

The detailed blogs I followed earlier suggested the problems were not with Windows, but other network gear. Any other ideas?

 


0
 
LVL 6

Expert Comment

by:RootsMan
ID: 34340794
Did you also try to connect the Windows 7 box directly to the DHCP server with a crossover cable?
0
 
LVL 13

Expert Comment

by:IT-Monkey-Dave
ID: 34340882
"Both Vista and 7 will refuse to accept an ip address that is already in use by an active connection"

Did we determine if conflict detection is enabled on the DHCP server?
0
 

Author Comment

by:maripro
ID: 34352339
I connected the Windows 7 box directly to the DHCP server with a crossover cable. The results were the same and Windows 7 computer assigns itself a non-domain IP. Conflict detection is enabled on the DHCP server.

So let's review:

--Win 7 client makes it's request to the DHCP server.
--DHCP server offers an unused IP to Win7 computer (I am sure of this, since I've removed the lease before starting, and verified).
--Win 7 client gets an acknowledgement from the DHCP server as seen in Wireshark packet.
--Win 7 client does not accept the DHCP issued IP, but rather comes up with its own (169.xxx) and won't get to the Internet or see any domain resources.
--DHCP assigns the lease and records it in it's database, however subsequently it attempts to renew the lease every second as see on the server side logs.

Are there any logs or clues to look for on the client, since it looks like client is having a problem and not the server?  What could be going on here?
0
 
LVL 43

Expert Comment

by:Davis McCarn
ID: 34359691
Who made these systems?
Did they come with any preinstalled antivirus/security software that may still be lurking in the backgroud (meaning it didn't uninstall correctly)?
Do you have access to a regular D-Link/Belkin/Netgear/etc. router so you could see if the system refuses it's DHCP too?
Is there something strange in the DNS/DHCP configuration on the servers?

Short of a common infestation or failed uninstall of a security package, I have never had problems with DHCP in Win7, nor does it seem to be a common problem.
0
 
LVL 6

Expert Comment

by:RootsMan
ID: 34359915
On the Windows 7 box, try deleting the network interface from device manager and then reboot.

If that doesn't work, try uninstalling Internet Protocol v4, reboot, then install IPv4.

If that doesn't work, try installing a separate NIC and see if the new NIC has the same problem.

0
 

Author Comment

by:maripro
ID: 34383095
There is no security software on the Dell box.  I connected the computer to a regular Linksys box (off the domain) and it did NOT get a DHCP issued IP. Woahhh! So, I restored Windows 7 OS to it's original state to start from scratch. Plugged Windows 7 computer into a regular Linksys box and got an DHCP issued IP. OK, at least this makes sense.

I set the network location to 'Work' and plugged Windows 7 computer into my domain. It connected, gave it a DHCP address in my domain and can get on the Internet. However it is still in the default 'WORKGROUP' and I had not "joined the domain" and could not get network files. In Network and Sharing Center, it shows computer is connected to my 'domain name' and below it says 'Work network'. Next I turned off the Windows Firewall and in System and Security\System, I joined my domain. Now in Network and Sharing, it says 'Domain network' below my 'domain name'. I can get at all the resources now on this box.

I still have another two Windows 7 systems where it will not take the DHCP issued IP and takes the alternate non domain IP. The DHCP renews occur once per second. I now have a workaround, but I don't know is Windows Firewall or startup response is the issue. These are out-of-the box DELL computers with Windows 7 Pro pre-installed.

Thank you for the suggestions as it seemed to be a combination of still puzzling events.
0
 
LVL 43

Expert Comment

by:Davis McCarn
ID: 34384479
It is not Windows firewall!  Even M$ is smarter than to block DHCP.
On one of the other systems, click Start and, in the search box, type CMD<CTRL-SHIFT-ENTER> which will open an elevated CMD window.  In it, type:
netsh winsock reset
netsh winsock reset catalog
netsh interface ip reset C:\interface-resetlog.txt
netsh interface reset all
netsh firewall reset
Reboot.

If that doesn't get it, change the system back to non-domain, then go to the device manager, delete the network card, and reboot to redetect it.
0
 

Author Comment

by:maripro
ID: 34397261
Argggg ....totally frustrated now. The Windows 7 box did not survive a reboot. In Network and Sharing Center, where it shows computer is connected to my 'domain name' and below it says 'Work network',  after reboot it says 'Unidentified network' and below it says 'Public network'. The problem has returned!

The docs say to go to Network and Sharing Center and choose a location. There is no where to get it back to the domain location or even to a work location.

Is this a domain issue and GPOs interfering somehow?  Why won't the Win 7 accept an IP that it had before and reverts to a non-domain IP.  If I assign a static IP, everything works fine. Crazy M$ again.

@DavisMcCarn - tried running script that did not have any effect
"netsh interface reset all" had an error, the reset all netsh ran.  
0
 

Assisted Solution

by:maripro
maripro earned 0 total points
ID: 34413117
OK, I've found a reasonable workaround after spending weeks on this problem. This technet post revealed that this is not just an isolated case, but a pitfall for at least several installations. I have found dozens of posts about this problem(s). The atttached post was most helpful. The last suggestion on the attached post works, but is a workaround. Using MMC, add local services and network services to the local administrators group. This works to fix the broken machines as well.

Another workaround is to assign a static IP, but there is no visibility with your DHCP server and managing your other machines. This is a poor choice.  The author of the post found a workaround by blocking inheritance of GPO in a new Active Directory OU. I did not want to go there.

I would like to know a permanent fix to this problem along with others I'm sure. So post it here if known.
0
 

Assisted Solution

by:maripro
maripro earned 0 total points
ID: 34413127
0
 

Author Closing Comment

by:maripro
ID: 34428922
Awarded points to information that led to a work around solution.
0

Featured Post

Instantly Create Instructional Tutorials

Contextual Guidance at the moment of need helps your employees adopt to new software or processes instantly. Boost knowledge retention and employee engagement step-by-step with one easy solution.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Windows functions GetTickCount and timeGetTime retrieve the number of milliseconds since the system was started. However, the value is stored in a DWORD, which means that it wraps around to zero every 49.7 days. This article shows how to solve t…
Keystroke loggers have been around for a very long time. While the threat is old, some of the remedies are new!
This Micro Tutorial will teach you how to the overview of Microsoft Security Essentials. This is a free anti-virus software that guards your PC against viruses, spyware, worms, and other malicious software. This will be demonstrated using Windows…
This Micro Tutorial will give you a introduction in two parts how to utilize Windows Live Movie Maker to its maximum capability. This will be demonstrated using Windows Live Movie Maker on Windows 7 operating system.

627 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question