Solved

SBS 2003 Best Practices Error on DNS

Posted on 2012-04-12
15
564 Views
Last Modified: 2012-04-17
Small Business Server 2003, teamed network controller having errors with one controller, I unteamed controllers, disabled controller causing errors.  Configured remaining NIC to appropriate settings.  DNS, pointing to itself, etc.  Re-ran Connect to Internet.  Everything appeared to be fine.  Client claims all computers connected to network and Exchange, but some computers can't access Internet.  Internet access fluctuates around the office.  I ran SBS best practices, receive an error that DNS client isn't configured to point at itself.  Verified card settings, it is referring to itself for DNS.  Checked DNS configuration and all looked well.  Found the following article, need help deciphering registry.
http://support.microsoft.com/kb/875422 - refer to Method 3

Results from server:
Four items listed, only one item has the IP address of the server and the proper subnet, etc.
Step 4: The LANNIC referred is not the one I noted from step 2
(I assume I would enter the one I noted from step 2)
The confusing part for me, is the final part of step 2 - Make a note of the external network GUID also.  (How do I decipher which one is the external network GUID, I am only using one NIC)
Step 6: verify value of the Last_1st_Nic_Guid entry is the LAN adapter GUID that you noted in step2, and then verify that the value of the Last_2nd_Nic_Guid enty is the external network adapter GUID that you noted in step 2.
There is not an entry for Last_2nd_Nic_Guid.

My question is, can I remove the additonal entries that are not populated under step 1?
Change the LANNIC entry to match the right one and ignore the 2nd card instructions?

I would be doing this remotely, I don't want to lose connection and leave client completely non functional.
0
Comment
Question by:HaulnSS
  • 6
  • 6
  • 3
15 Comments
 
LVL 6

Expert Comment

by:sconstable
Comment Utility
Personally I would disable all the NICs you arent using.  But that isnt going to solve the issue of your clients connecting to the internet.

The client issues are most likely an Ip configuration issue - if they can access the "LAN" but not outside of the LAN you might have a bad gateway on the clients or a subnet mask that does not really match up properly.

How are the clients getting thir IP configuration?  DHCP or static?
0
 

Author Comment

by:HaulnSS
Comment Utility
All NIC's that aren't being used, are disabled.

They get IP's via DHCP.
0
 
LVL 6

Expert Comment

by:sconstable
Comment Utility
Is there more than 1 DHCP server?  Can you verify one of the clients configuration by doing an ipconfig /all?
0
 
LVL 6

Expert Comment

by:sconstable
Comment Utility
If you want - post the ipconfig /all from a "working" computer and one from a "non-woring" I migh be able to help you out that way.
0
 

Author Comment

by:HaulnSS
Comment Utility
I am not currently onsite, will see what I can do.
0
 
LVL 77

Expert Comment

by:Rob Williams
Comment Utility
>>"All NIC's that aren't being used, are disabled.
They get IP's via DHCP"
Then they are not disabled.

SBS is very fussy about networking,. There are only 2 possible configurations and neither supports NIC teaming.

1: The server has 1 NIC, it points to itself ONLY for DNS, and all client machines point to it for DNS.
2: The server has 2 NIC's, a LAN NIC configured as above, and a WAN NIC connected directly to the Internet or a router and all PC's use the SBS as their gateway, not the router.

All other NICs must be disabled, not just disconnected and/or disabled.
Once properly configuredd run the "Connect to the Internet Wizard", which will configure networking, DNS, DHCP, remote services, and more.  If you need to change the IP of the LAN NIC for any reason make sure you use the "Change server IP" wizard.

I would also open the DNS management console, right click on the server name, choose properties, and under the interfaces tab make sure only the LAN NIC is bound to DNS. i.e no other NIC's or VPN PPP/adapters.
0
 
LVL 77

Expert Comment

by:Rob Williams
Comment Utility
PS- the following article may be of some help with the 2 configuration methods:
How to configure Internet access in Windows Small Business Server 2003
http://support.microsoft.com/kb/825763
0
Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

 

Author Comment

by:HaulnSS
Comment Utility
Robwill, There are two network adapters in the server.  I have removed the teaming, disabled the network controller that was having issues, in Network Connections.  The workstations get their IP's via DHCP from the server.  When I removed the teaming, the adapter that was having issues retained the IP address, the 2nd adapter picked up an address from DHCP.  I disabled the problematic adapter, changed the IP address and remaining network settings on the 2nd adapter.
Currently, the server has one network adapter, pointing to itself for DNS.  I have run Internet Connection Wizard twice since make these changes.
I confirmed the DNS interfaces is only pointing at the server address.
0
 
LVL 77

Accepted Solution

by:
Rob Williams earned 500 total points
Comment Utility
>>"I disabled the problematic adapter, changed the IP address and remaining network settings on the 2nd adapter."
When you change the IP to be on the second NIC did you use the "Change server IP" wizard? If not run that wizard even if not changing anything and then then re-run the Connect to the Internet wizard.

SBS is VERY fussy about it's LAN adpater. It is possible just by changing the IP and not using the wizard to result in a server rebuild. That IP is bound to AD, DNS, DHCP, Exchange, Sharepoint, WSUS, and much more.

It's also possible you still have a ghost NIC but as mentioned you have to be careful makeing NIC changes to an SBS.
A Ghost NIC is a NIC that was installed, removed or disconnected, but may not have been properly removed as an active device.
To remove:
*Note: before performing the final steps you should locate and save to the disk a copy of the network adapter drivers.
Log in as an administrator
Open a command window (If Vista or newer you need to open “with elevated privileges” i.e. right click on CMD icon and choose “run as administrator”)
Run the following command:
  set devmgr_show_nonpresent_devices=1
Open the device manager management console (you can enter  in the command window ‘start devmgmt.msc’  to do so)
On the menu bar under “view” enable/check “show hidden devices”
The Ghost adapters may be grayed out, if so uninstall. If there are any NIC’s you know are no longer present, uninstall.
To do a complete clean up uninstall all network adapters, reboot, and reinstall your network adapter if not automatically discovered.
0
 

Author Comment

by:HaulnSS
Comment Utility
Thank you Rob, I will be onsight tomorrow and will run the Change Server IP, I did not run that before.  I will follow that with the Internet Connection.

I appreciate your input.
0
 
LVL 77

Expert Comment

by:Rob Williams
Comment Utility
Sorry I should have mentioned that, best not to do it remotely.

Let us know how you make out.
0
 

Author Comment

by:HaulnSS
Comment Utility
I did just view non present devices on server, looks like there are 4 Nic's listed, which is too many of course.  I will try your suggestion, when I am onsight.
0
 
LVL 77

Expert Comment

by:Rob Williams
Comment Utility
That may help to clean up the registry entries as well.
0
 

Author Closing Comment

by:HaulnSS
Comment Utility
This cleaned up the registry problem and DNS error in SBS Best Practices.
0
 
LVL 77

Expert Comment

by:Rob Williams
Comment Utility
Great, glad to hear.
Thanks HaulnSS.
Cheers!
--Rob
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

The SBS 2011 release date (RTM) is supposed to be around Christmas, 2011.  This article is a compilation of my notes -- things I have learned first hand.  The items are in a rather random order, but I think this list covers most of what is new and d…
You may have discovered the 'Compatibility View Settings' workaround for making your SBS 2008 Remote Web Workplace 'connect to a computer' section stops 'working around' after a Windows 10 client upgrade.  That can be fixed so it 'works around' agai…
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now