Problem:
1. Vista workstations are configured for DHCP but cannot get an IP address
from the SBS Server/DC
2. Vista & XP Workstations cannot access their email via Outlook
3. Workstations cannot remote desktop to SBS server/Domain controller
4. SBS/DC Server (ABCSBS01)

We think the problem is with the DNS setup, however nothing has changed on
it. Recently We noticed a few

Environment:
• Vista SP1 workstations with Office/Outlook 2007
• XP SP2 & SP3 workstations with Office/Outlook 2003
• Win 2003 SBS Server SP2 with Exchange, is Domain Controller & DNS Server
DHCP Server (SBS/DC) (192.168.0.2 & 192.168.0.. No Windows firewall
(ABCSBS01)
• Win 2003 File Server, also a Domain Controller (192.168.0.3). No Windows
Firewall. (ABCFS01)
• Motorola Surfboard Cable Modem – DHCP is disabled (192.168.100.1)
• Smoothwall firewall (192.168.0.1)

Recent maintenance tasks on server
The only maintenance task done on the SBS/DC was to swap the EXCHSRVR disk
that contains the MDBData files. No programme file locates were changed.
After stopping the Exchange services, these files were relocated to a new
disk and the disk was allocated the same drive letter as the former disk.
All the Exchange services start without error and we can access the Exchange
mail box via OWA on the SBS/DC.

Connectivity tests

Workstations
• Vista workstations attempt to log on to the SBS and get a 169.254.* IP
address.
• On Vista workstations, Connection-specific DNS suffix is blank in
IPconfig.
• When doing Network Diagnostics, we get Windows cannot find “ABCSBS01”
Click for more information about DNS.
• When doing ipconfig /displayDNS, Name does not exist appears in relation
to all the DNS servers that are described in our DNS setup (viz ABCSBS01,
ABCFS01, _kerberos._tcp.dc._msdcs.ABC.local,
_ldap._tcp.dc._msdcs.ABC.local. Many external web sites are listed here also.
• Have done Ipconfig /flushDNS, Ipconfig /degisterDNS
• XP workstations can get a valid 192.168 ip address but cannot access
Exchange via Outlook. Connection-specific DNS suffix is not blank in IPconfig
• If we configure a Vista Workstations with Fixed IP address, it can access
the domain resources (files & folders on the file server) but cannot access
email on the exchange server. Either a local PST is opened or a workstation
issues the error Microsoft Exchange server is unavailable. Retry/Work
offline/Cancel.
• Can remote desktop to the ABCFS01 File server but not to the SBS/DC ABCSBS01
• From any workstation, when we attempt to ping the SBS/DC – via IP address
or workstation name, we get time-outs
• When doing NSLookup <DC name> we get a DNS request timeout with Server
UnKnown however the correct Ip address of the DNS server is returned.
• Only some workstations are displayed in Network leaf of Explorer.


SBS/DC (ABCSBS01) – Connectivity
• When doing IPConfig, we get 2 IP addresses returned for the same NIC
(192.168.0.2 & 192.168.0.. This has been the case for a very long time
without problem. The old IP address that probably was used by an old NIC is
displaying along with the current IP address.
• When pinging itself via w/station name – viz ABCsbs01, we get the valid ip
address returned. When we ping that same IP address, we get the workstation
name returned
• When we ping the additional IP address, we also get successful
• Can access the File server file via Remote Desktop and can access files &
folders on the file server
• Can access the internet

DHCP – services are started
Net Logon services are started pm

I don't believe we have any group policies that would be preventing us from
logging in.

DNS Setup
The server name ABCSBS01.local appears with every occurrence of the valid
IIP address (192.168.0.2). The old IP address (192.168.0. is also listed
with the server name in the DNS setup along with the current IP addressof the
server in DomainDNSZones & ForestDNSZones in the DNS setup

We have done, Ipconfig /FlushDNS, Ipconfig /RegisterDNS, DCDiag /FIX, Net
stop netlogin, Net Start netLogin.

When we run DCDiag again, we still get the error GUID <Long
Number>._msdcs.jsr.local) couldn't be resolved, the server name
(jsrsbs01.jsr.local) resolved to the IP address (192.168.0.2) and was
pingable. Check that the IP address is registered correctly with the DNS
server. ABCSBS01 failed test Connectivity

Other DCDiag tests pass.

Where do we enter the name of the server to overcome the UnKnown error in
the DNS name?

We have looked through the event logs and haven’t found anything that looks
particularly informative.

Where else do we need to check/look to overcome the login problem which I
believe is preventing Access to the Exchange mail boxes via Outlook?

Jeff <Jeff@discussions.microsoft.com> wrote:

Quote:

Problem: 1. Vista workstations are configured for DHCP but cannot get an IP address from the SBS Server/DC 2. Vista & XP Workstations cannot access their email via Outlook 3. Workstations cannot remote desktop to SBS server/Domain controller 4. SBS/DC Server (ABCSBS01) We think the problem is with the DNS setup, however nothing has changed on it.

An unedited ipconfig /all from your server and a workstation would be
helpful here.

Quote:

Recently We noticed a few Environment: . Vista SP1 workstations with Office/Outlook 2007 . XP SP2 & SP3 workstations with Office/Outlook 2003 . Win 2003 SBS Server SP2 with Exchange, is Domain Controller & DNS Server DHCP Server (SBS/DC) (192.168.0.2 & 192.168.0..

Get rid of that 2nd IP address. Reboot everything. See if it helps. It
should.

Quote:

No Windows firewall (ABCSBS01) . Win 2003 File Server, also a Domain Controller (192.168.0.3). No Windows Firewall. (ABCFS01) . Motorola Surfboard Cable Modem - DHCP is disabled (192.168.100.1) . Smoothwall firewall (192.168.0.1) Recent maintenance tasks on server The only maintenance task done on the SBS/DC was to swap the EXCHSRVR disk that contains the MDBData files. No programme file locates were changed. After stopping the Exchange services, these files were relocated to a new disk and the disk was allocated the same drive letter as the former disk. All the Exchange services start without error and we can access the Exchange mail box via OWA on the SBS/DC. Connectivity tests Workstations . Vista workstations attempt to log on to the SBS and get a 169.254.* IP address. . On Vista workstations, Connection-specific DNS suffix is blank in IPconfig. . When doing Network Diagnostics, we get Windows cannot find "ABCSBS01" Click for more information about DNS. . When doing ipconfig /displayDNS, Name does not exist appears in relation to all the DNS servers that are described in our DNS setup (viz ABCSBS01, ABCFS01, _kerberos._tcp.dc._msdcs.ABC.local, _ldap._tcp.dc._msdcs.ABC.local. Many external web sites are listed here also. . Have done Ipconfig /flushDNS, Ipconfig /degisterDNS . XP workstations can get a valid 192.168 ip address but cannot access Exchange via Outlook. Connection-specific DNS suffix is not blank in IPconfig . If we configure a Vista Workstations with Fixed IP address, it can access the domain resources (files & folders on the file server) but cannot access email on the exchange server. Either a local PST is opened or a workstation issues the error Microsoft Exchange server is unavailable. Retry/Work offline/Cancel. . Can remote desktop to the ABCFS01 File server but not to the SBS/DC ABCSBS01 . From any workstation, when we attempt to ping the SBS/DC - via IP address or workstation name, we get time-outs . When doing NSLookup <DC name> we get a DNS request timeout with Server UnKnown however the correct Ip address of the DNS server is returned. . Only some workstations are displayed in Network leaf of Explorer. SBS/DC (ABCSBS01) - Connectivity . When doing IPConfig, we get 2 IP addresses returned for the same NIC (192.168.0.2 & 192.168.0.. This has been the case for a very long time without problem. The old IP address that probably was used by an old NIC is displaying along with the current IP address.

It is a problem and it needs to be gotten rid of...I do'nt know why things
would've been working right before.

Quote:

. When pinging itself via w/station name - viz ABCsbs01, we get the valid ip address returned. When we ping that same IP address, we get the workstation name returned . When we ping the additional IP address, we also get successful . Can access the File server file via Remote Desktop and can access files & folders on the file server . Can access the internet DHCP - services are started Net Logon services are started pm I don't believe we have any group policies that would be preventing us from logging in. DNS Setup The server name ABCSBS01.local appears with every occurrence of the valid IIP address (192.168.0.2). The old IP address (192.168.0. is also listed with the server name in the DNS setup along with the current IP addressof the server in DomainDNSZones & ForestDNSZones in the DNS setup We have done, Ipconfig /FlushDNS, Ipconfig /RegisterDNS, DCDiag /FIX, Net stop netlogin, Net Start netLogin. When we run DCDiag again, we still get the error GUID <Long Number>._msdcs.jsr.local) couldn't be resolved, the server name (jsrsbs01.jsr.local) resolved to the IP address (192.168.0.2) and was pingable. Check that the IP address is registered correctly with the DNS server. ABCSBS01 failed test Connectivity Other DCDiag tests pass. Where do we enter the name of the server to overcome the UnKnown error in the DNS name? We have looked through the event logs and haven't found anything that looks particularly informative. Where else do we need to check/look to overcome the login problem which I believe is preventing Access to the Exchange mail boxes via Outlook?

This is a nice amount of detail but unfortunately it is difficult to make
sense of such a long post. I hope my advice above helps.

(Adding in microsoft.public.windows.server.sbs)

Do you possibly have ISA 2004 and recently applied MS09-012?



Jeff wrote:

Quote:

Problem: 1. Vista workstations are configured for DHCP but cannot get an IP address from the SBS Server/DC 2. Vista & XP Workstations cannot access their email via Outlook 3. Workstations cannot remote desktop to SBS server/Domain controller 4. SBS/DC Server (ABCSBS01) We think the problem is with the DNS setup, however nothing has changed on it. Recently We noticed a few Environment: . Vista SP1 workstations with Office/Outlook 2007 . XP SP2 & SP3 workstations with Office/Outlook 2003 . Win 2003 SBS Server SP2 with Exchange, is Domain Controller & DNS Server DHCP Server (SBS/DC) (192.168.0.2 & 192.168.0.. No Windows firewall (ABCSBS01) . Win 2003 File Server, also a Domain Controller (192.168.0.3). No Windows Firewall. (ABCFS01) . Motorola Surfboard Cable Modem - DHCP is disabled (192.168.100.1) . Smoothwall firewall (192.168.0.1) Recent maintenance tasks on server The only maintenance task done on the SBS/DC was to swap the EXCHSRVR disk that contains the MDBData files. No programme file locates were changed. After stopping the Exchange services, these files were relocated to a new disk and the disk was allocated the same drive letter as the former disk. All the Exchange services start without error and we can access the Exchange mail box via OWA on the SBS/DC. Connectivity tests Workstations . Vista workstations attempt to log on to the SBS and get a 169.254.* IP address. . On Vista workstations, Connection-specific DNS suffix is blank in IPconfig. . When doing Network Diagnostics, we get Windows cannot find "ABCSBS01" Click for more information about DNS. . When doing ipconfig /displayDNS, Name does not exist appears in relation to all the DNS servers that are described in our DNS setup (viz ABCSBS01, ABCFS01, _kerberos._tcp.dc._msdcs.ABC.local, _ldap._tcp.dc._msdcs.ABC.local. Many external web sites are listed here also. . Have done Ipconfig /flushDNS, Ipconfig /degisterDNS . XP workstations can get a valid 192.168 ip address but cannot access Exchange via Outlook. Connection-specific DNS suffix is not blank in IPconfig . If we configure a Vista Workstations with Fixed IP address, it can access the domain resources (files & folders on the file server) but cannot access email on the exchange server. Either a local PST is opened or a workstation issues the error Microsoft Exchange server is unavailable. Retry/Work offline/Cancel. . Can remote desktop to the ABCFS01 File server but not to the SBS/DC ABCSBS01 . From any workstation, when we attempt to ping the SBS/DC - via IP address or workstation name, we get time-outs . When doing NSLookup <DC name> we get a DNS request timeout with Server UnKnown however the correct Ip address of the DNS server is returned. . Only some workstations are displayed in Network leaf of Explorer. SBS/DC (ABCSBS01) - Connectivity . When doing IPConfig, we get 2 IP addresses returned for the same NIC (192.168.0.2 & 192.168.0.. This has been the case for a very long time without problem. The old IP address that probably was used by an old NIC is displaying along with the current IP address. . When pinging itself via w/station name - viz ABCsbs01, we get the valid ip address returned. When we ping that same IP address, we get the workstation name returned . When we ping the additional IP address, we also get successful . Can access the File server file via Remote Desktop and can access files & folders on the file server . Can access the internet DHCP - services are started Net Logon services are started pm I don't believe we have any group policies that would be preventing us from logging in. DNS Setup The server name ABCSBS01.local appears with every occurrence of the valid IIP address (192.168.0.2). The old IP address (192.168.0. is also listed with the server name in the DNS setup along with the current IP addressof the server in DomainDNSZones & ForestDNSZones in the DNS setup We have done, Ipconfig /FlushDNS, Ipconfig /RegisterDNS, DCDiag /FIX, Net stop netlogin, Net Start netLogin. When we run DCDiag again, we still get the error GUID <Long Number>._msdcs.jsr.local) couldn't be resolved, the server name (jsrsbs01.jsr.local) resolved to the IP address (192.168.0.2) and was pingable. Check that the IP address is registered correctly with the DNS server. ABCSBS01 failed test Connectivity Other DCDiag tests pass. Where do we enter the name of the server to overcome the UnKnown error in the DNS name? We have looked through the event logs and haven't found anything that looks particularly informative. Where else do we need to check/look to overcome the login problem which I believe is preventing Access to the Exchange mail boxes via Outlook?

--
/kj

Hello jeff,

I agree with Lanwench, an unedited ipconfig /all from DC/DNS and a more functional
workstation could be helpful. Also if the DC has 2 ip addresses on the NIC,
that should be removed.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

Quote:

Problem: 1. Vista workstations are configured for DHCP but cannot get an IP address from the SBS Server/DC 2. Vista & XP Workstations cannot access their email via Outlook 3. Workstations cannot remote desktop to SBS server/Domain controller 4. SBS/DC Server (ABCSBS01) We think the problem is with the DNS setup, however nothing has changed on it. Recently We noticed a few Environment: • Vista SP1 workstations with Office/Outlook 2007 • XP SP2 & SP3 workstations with Office/Outlook 2003 • Win 2003 SBS Server SP2 with Exchange, is Domain Controller & DNS Server DHCP Server (SBS/DC) (192.168.0.2 & 192.168.0.. No Windows firewall (ABCSBS01) • Win 2003 File Server, also a Domain Controller (192.168.0.3). No Windows Firewall. (ABCFS01) • Motorola Surfboard Cable Modem – DHCP is disabled (192.168.100.1) • Smoothwall firewall (192.168.0.1) Recent maintenance tasks on server The only maintenance task done on the SBS/DC was to swap the EXCHSRVR disk that contains the MDBData files. No programme file locates were changed. After stopping the Exchange services, these files were relocated to a new disk and the disk was allocated the same drive letter as the former disk. All the Exchange services start without error and we can access the Exchange mail box via OWA on the SBS/DC. Connectivity tests Workstations • Vista workstations attempt to log on to the SBS and get a 169.254.* IP address. • On Vista workstations, Connection-specific DNS suffix is blank in IPconfig. • When doing Network Diagnostics, we get Windows cannot find “ABCSBS01” Click for more information about DNS. • When doing ipconfig /displayDNS, Name does not exist appears in relation to all the DNS servers that are described in our DNS setup (viz ABCSBS01, ABCFS01, _kerberos._tcp.dc._msdcs.ABC.local, _ldap._tcp.dc._msdcs.ABC.local. Many external web sites are listed here also. • Have done Ipconfig /flushDNS, Ipconfig /degisterDNS • XP workstations can get a valid 192.168 ip address but cannot access Exchange via Outlook. Connection-specific DNS suffix is not blank in IPconfig • If we configure a Vista Workstations with Fixed IP address, it can access the domain resources (files & folders on the file server) but cannot access email on the exchange server. Either a local PST is opened or a workstation issues the error Microsoft Exchange server is unavailable. Retry/Work offline/Cancel. • Can remote desktop to the ABCFS01 File server but not to the SBS/DC ABCSBS01 • From any workstation, when we attempt to ping the SBS/DC – via IP address or workstation name, we get time-outs • When doing NSLookup <DC name> we get a DNS request timeout with Server UnKnown however the correct Ip address of the DNS server is returned. • Only some workstations are displayed in Network leaf of Explorer. SBS/DC (ABCSBS01) – Connectivity • When doing IPConfig, we get 2 IP addresses returned for the same NIC (192.168.0.2 & 192.168.0.. This has been the case for a very long time without problem. The old IP address that probably was used by an old NIC is displaying along with the current IP address. • When pinging itself via w/station name – viz ABCsbs01, we get the valid ip address returned. When we ping that same IP address, we get the workstation name returned • When we ping the additional IP address, we also get successful • Can access the File server file via Remote Desktop and can access files & folders on the file server • Can access the internet DHCP – services are started Net Logon services are started pm I don't believe we have any group policies that would be preventing us from logging in. DNS Setup The server name ABCSBS01.local appears with every occurrence of the valid IIP address (192.168.0.2). The old IP address (192.168.0. is also listed with the server name in the DNS setup along with the current IP addressof the server in DomainDNSZones & ForestDNSZones in the DNS setup We have done, Ipconfig /FlushDNS, Ipconfig /RegisterDNS, DCDiag /FIX, Net stop netlogin, Net Start netLogin. When we run DCDiag again, we still get the error GUID <Long Number>> ._msdcs.jsr.local) couldn't be resolved, the server name

Number>>

Quote:

(jsrsbs01.jsr.local) resolved to the IP address (192.168.0.2) and was pingable. Check that the IP address is registered correctly with the DNS server. ABCSBS01 failed test Connectivity Other DCDiag tests pass. Where do we enter the name of the server to overcome the UnKnown error in the DNS name? We have looked through the event logs and haven’t found anything that looks particularly informative. Where else do we need to check/look to overcome the login problem which I believe is preventing Access to the Exchange mail boxes via Outlook?

Hi,

Thak you for your replies.

ISA is not installed on the network.

Here is ther IPCONFig from a workstation that I've configured for Static IP.
On this workstation I still cannot remote desktop to the SBS/DC or access
Exchange/email on it.

Windows IP Configuration

Host Name . . . . . . . . . . . . : ABCQ66
Primary Dns Suffix . . . . . . . : abc.local
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : abc.local

Ethernet adapter Local Area Connection 4:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : TAP-Win32 Adapter V9
Physical Address. . . . . . . . . : 00-FF-62-40-60-CE
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8168B/8111B Family PCI-E
Gigabit Ethernet NIC (NDIS 6.0)
Physical Address. . . . . . . . . : 00-19-DB-F5-2F-B3
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::9dbd:7262:29d8:18b9%8(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.11(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.0.1
DNS Servers . . . . . . . . . . . : 192.168.0.2
61.9.194.49
61.9.195.193
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 16:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . :
isatap.{624060CE-7AFC-464F-B013-BCD08D158A9C}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 17:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . :
isatap.{35C3329A-1451-418C-99E2-7B2B413302B3}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 18:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . :
2001:0:cf2e:3096:2845:2851:3f57:fff4(Preferred)
Link-local IPv6 Address . . . . . :
fe80::2845:2851:3f57:fff4%23(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

NSLookup on the same PC looks like this:

DNS request timed out.
timeout was 2 seconds.
Default Server: UnKnown
Address: 192.168.0.2

--------------------

Here is the IPconfig from a laptop that is configured for DHCP:

Windows IP Configuration

Host Name . . . . . . . . . . . . : T61
Primary Dns Suffix . . . . . . . : abc.local
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : abc.local

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) Wireless WiFi Link 4965AGN
Physical Address. . . . . . . . . : 00-1F-3B-AF-B0-49
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) 82566MM Gigabit Network
Connection
Physical Address. . . . . . . . . : 00-1C-25-BA-E2-1E
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . :
fe80::184e:37ee:f925:b2fc%10(Preferred)
Autoconfiguration IPv4 Address. . : 169.254.178.252(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . : 192.168.0.1
DNS Servers . . . . . . . . . . . : 192.168.0.2
61.9.194.49
61.9.195.193
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 7:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . :
isatap.{40391962-23E1-4E39-83C9-105332B77200}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

----------------------------

Here is IPConfig from the DNS server:

Windows IP Configuration

Host Name . . . . . . . . . . . . : abcsbs01
Primary Dns Suffix . . . . . . . : abc.local
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : Yes
DNS Suffix Search List. . . . . . : abc.local

Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Server Adapter
Physical Address. . . . . . . . . : 00-04-23-B9-AF-15
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.0.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.0.1
DNS Servers . . . . . . . . . . . : 61.9.194.49

I have checked the DHCP server is running & authorised. The only entries
inthe DHCP logs are events 24 & 25. I checked Scope Option 15 has abc.local
specified in the value and 192.168.0.2 is spcified in scope 006 (DNS Server)
& 044 (Wins/Netbios).


Both 192.168.0.2 & 192.168.0.8 were configured for the same NIC. When I
deleited 192.168.0.8 I received a message that that IP was allocated ot a NIC
that was no longer availalble. But since 192.168.0.8 has been removed from
the NIC and from the DNS entries and rebooted we still have the same problem
and cant access enchange or access shares on SBS/DC or acces SBS/DC via
remote desktop.

Thanks,
Jeff



"Meinolf Weber [MVP-DS]" wrote:

Quote:

Hello jeff, I agree with Lanwench, an unedited ipconfig /all from DC/DNS and a more functional workstation could be helpful. Also if the DC has 2 ip addresses on the NIC, that should be removed. Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights. ** Please do NOT email, only reply to Newsgroups ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm Problem: 1. Vista workstations are configured for DHCP but cannot get an IP address from the SBS Server/DC 2. Vista & XP Workstations cannot access their email via Outlook 3. Workstations cannot remote desktop to SBS server/Domain controller 4. SBS/DC Server (ABCSBS01) We think the problem is with the DNS setup, however nothing has changed on it. Recently We noticed a few Environment: • Vista SP1 workstations with Office/Outlook 2007 • XP SP2 & SP3 workstations with Office/Outlook 2003 • Win 2003 SBS Server SP2 with Exchange, is Domain Controller & DNS Server DHCP Server (SBS/DC) (192.168.0.2 & 192.168.0.. No Windows firewall (ABCSBS01) • Win 2003 File Server, also a Domain Controller (192.168.0.3). No Windows Firewall. (ABCFS01) • Motorola Surfboard Cable Modem – DHCP is disabled (192.168.100.1) • Smoothwall firewall (192.168.0.1) Recent maintenance tasks on server The only maintenance task done on the SBS/DC was to swap the EXCHSRVR disk that contains the MDBData files. No programme file locates were changed. After stopping the Exchange services, these files were relocated to a new disk and the disk was allocated the same drive letter as the former disk. All the Exchange services start without error and we can access the Exchange mail box via OWA on the SBS/DC. Connectivity tests Workstations • Vista workstations attempt to log on to the SBS and get a 169.254.* IP address. • On Vista workstations, Connection-specific DNS suffix is blank in IPconfig. • When doing Network Diagnostics, we get Windows cannot find “ABCSBS01” Click for more information about DNS. • When doing ipconfig /displayDNS, Name does not exist appears in relation to all the DNS servers that are described in our DNS setup (viz ABCSBS01, ABCFS01, _kerberos._tcp.dc._msdcs.ABC.local, _ldap._tcp.dc._msdcs.ABC.local. Many external web sites are listed here also. • Have done Ipconfig /flushDNS, Ipconfig /degisterDNS • XP workstations can get a valid 192.168 ip address but cannot access Exchange via Outlook. Connection-specific DNS suffix is not blank in IPconfig • If we configure a Vista Workstations with Fixed IP address, it can access the domain resources (files & folders on the file server) but cannot access email on the exchange server. Either a local PST is opened or a workstation issues the error Microsoft Exchange server is unavailable. Retry/Work offline/Cancel. • Can remote desktop to the ABCFS01 File server but not to the SBS/DC ABCSBS01 • From any workstation, when we attempt to ping the SBS/DC – via IP address or workstation name, we get time-outs • When doing NSLookup <DC name> we get a DNS request timeout with Server UnKnown however the correct Ip address of the DNS server is returned. • Only some workstations are displayed in Network leaf of Explorer. SBS/DC (ABCSBS01) – Connectivity • When doing IPConfig, we get 2 IP addresses returned for the same NIC (192.168.0.2 & 192.168.0.. This has been the case for a very long time without problem. The old IP address that probably was used by an old NIC is displaying along with the current IP address. • When pinging itself via w/station name – viz ABCsbs01, we get the valid ip address returned. When we ping that same IP address, we get the workstation name returned • When we ping the additional IP address, we also get successful • Can access the File server file via Remote Desktop and can access files & folders on the file server • Can access the internet DHCP – services are started Net Logon services are started pm I don't believe we have any group policies that would be preventing us from logging in. DNS Setup The server name ABCSBS01.local appears with every occurrence of the valid IIP address (192.168.0.2). The old IP address (192.168.0. is also listed with the server name in the DNS setup along with the current IP addressof the server in DomainDNSZones & ForestDNSZones in the DNS setup We have done, Ipconfig /FlushDNS, Ipconfig /RegisterDNS, DCDiag /FIX, Net stop netlogin, Net Start netLogin. When we run DCDiag again, we still get the error GUID <Long Number>> ._msdcs.jsr.local) couldn't be resolved, the server name Number (jsrsbs01.jsr.local) resolved to the IP address (192.168.0.2) and was pingable. Check that the IP address is registered correctly with the DNS server. ABCSBS01 failed test Connectivity Other DCDiag tests pass. Where do we enter the name of the server to overcome the UnKnown error in the DNS name? We have looked through the event logs and haven’t found anything that looks particularly informative. Where else do we need to check/look to overcome the login problem which I believe is preventing Access to the Exchange mail boxes via Outlook?

"Jeff" <Jeff@discussions.microsoft.com> wrote in message
news:5C66282A-8156-4A4C-BB61-B6869F73178E@microsoft.com...

Quote:

Hi, Thak you for your replies. ISA is not installed on the network. Here is ther IPCONFig from a workstation that I've configured for Static IP. On this workstation I still cannot remote desktop to the SBS/DC or access Exchange/email on it. Windows IP Configuration Host Name . . . . . . . . . . . . : ABCQ66 Primary Dns Suffix . . . . . . . : abc.local Node Type . . . . . . . . . . . . : Broadcast IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : abc.local Ethernet adapter Local Area Connection 4: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : TAP-Win32 Adapter V9 Physical Address. . . . . . . . . : 00-FF-62-40-60-CE DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Realtek RTL8168B/8111B Family PCI-E Gigabit Ethernet NIC (NDIS 6.0) Physical Address. . . . . . . . . : 00-19-DB-F5-2F-B3 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Link-local IPv6 Address . . . . . : fe80::9dbd:7262:29d8:18b9%8(Preferred) IPv4 Address. . . . . . . . . . . : 192.168.0.11(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.0.1 DNS Servers . . . . . . . . . . . : 192.168.0.2 61.9.194.49 61.9.195.193 NetBIOS over Tcpip. . . . . . . . : Enabled Tunnel adapter Local Area Connection* 16: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : isatap.{624060CE-7AFC-464F-B013-BCD08D158A9C} Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Tunnel adapter Local Area Connection* 17: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : isatap.{35C3329A-1451-418C-99E2-7B2B413302B3} Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Tunnel adapter Local Area Connection* 18: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface Physical Address. . . . . . . . . : 02-00-54-55-4E-01 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes IPv6 Address. . . . . . . . . . . : 2001:0:cf2e:3096:2845:2851:3f57:fff4(Preferred) Link-local IPv6 Address . . . . . : fe80::2845:2851:3f57:fff4%23(Preferred) Default Gateway . . . . . . . . . : :: NetBIOS over Tcpip. . . . . . . . : Disabled NSLookup on the same PC looks like this: DNS request timed out. timeout was 2 seconds. Default Server: UnKnown Address: 192.168.0.2 -------------------- Here is the IPconfig from a laptop that is configured for DHCP: Windows IP Configuration Host Name . . . . . . . . . . . . : T61 Primary Dns Suffix . . . . . . . : abc.local Node Type . . . . . . . . . . . . : Broadcast IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : abc.local Wireless LAN adapter Wireless Network Connection: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Intel(R) Wireless WiFi Link 4965AGN Physical Address. . . . . . . . . : 00-1F-3B-AF-B0-49 DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Intel(R) 82566MM Gigabit Network Connection Physical Address. . . . . . . . . : 00-1C-25-BA-E2-1E DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes Link-local IPv6 Address . . . . . : fe80::184e:37ee:f925:b2fc%10(Preferred) Autoconfiguration IPv4 Address. . : 169.254.178.252(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.0.0 Default Gateway . . . . . . . . . : 192.168.0.1 DNS Servers . . . . . . . . . . . : 192.168.0.2 61.9.194.49 61.9.195.193 NetBIOS over Tcpip. . . . . . . . : Enabled Tunnel adapter Local Area Connection* 7: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : isatap.{40391962-23E1-4E39-83C9-105332B77200} Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Tunnel adapter Local Area Connection* 12: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3 Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes ---------------------------- Here is IPConfig from the DNS server: Windows IP Configuration Host Name . . . . . . . . . . . . : abcsbs01 Primary Dns Suffix . . . . . . . : abc.local Node Type . . . . . . . . . . . . : Unknown IP Routing Enabled. . . . . . . . : Yes WINS Proxy Enabled. . . . . . . . : Yes DNS Suffix Search List. . . . . . : abc.local Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Server Adapter Physical Address. . . . . . . . . : 00-04-23-B9-AF-15 DHCP Enabled. . . . . . . . . . . : No IP Address. . . . . . . . . . . . : 192.168.0.2 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.0.1 DNS Servers . . . . . . . . . . . : 61.9.194.49 I have checked the DHCP server is running & authorised. The only entries inthe DHCP logs are events 24 & 25. I checked Scope Option 15 has abc.local specified in the value and 192.168.0.2 is spcified in scope 006 (DNS Server) & 044 (Wins/Netbios). Both 192.168.0.2 & 192.168.0.8 were configured for the same NIC. When I deleited 192.168.0.8 I received a message that that IP was allocated ot a NIC that was no longer availalble. But since 192.168.0.8 has been removed from the NIC and from the DNS entries and rebooted we still have the same problem and cant access enchange or access shares on SBS/DC or acces SBS/DC via remote desktop. Thanks, Jeff

Hello Jeff,

I've been following your thread, and when I first read it, I said to myself,
as Meinolf and the only main reason that one can't login to a domain is
because of DNS. And looking at the ipconfigs, now I see why.

The two outside DNS servers is causing all of the problems. They are these
servers:
61.9.194.49
61.9.195.193

And the SBS is using:

Quote:

DNS Servers . . . . . . . . . . . : 61.9.194.49

I recommend removing EVERY instance of them on ALL machines. Change it so
ONLY 192.168.0.2 shows up.

You can use those two outside addresses as forwarders for more efficient
internet resolution. This article shows how:
323380 - HOW TO Configure DNS for Internet Access in Windows Server 2003 :
http://support.microsoft.com/?id=323380

Is the SBS your DHCP server? Double check Option 006 and make sure it only
has 192.168.0.2 as the DNS address it is handing out. If it is only set to
this address, then I would look at your router to make sure DHCP services
are not enabled. If so, your clients are getting the incorrect
configuration. If it is enabled on the router, please disable it.

Also, it appears that the laptop is getting this IP address:

Quote:

Autoconfiguration IPv4 Address. . : 169.254.178.252(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.0.0

The 169.254.x.x address is what we call the APIPA address (the automatic
Private IP Address) that a machine will give it's NIC when a DHCP server is
not available. So I can see why this laptop may not be communicating. Find
out if DHCP is running on the router.


==============
So by now you are wondering why the big deal with DNS and not use the ISP's
DNS addresses. Well, if you have a little time, the following is a nice read
with a background on DNS and AD to help understand the inter-relationship a
little better.

First, just to get this out of the way, if you have your ISP's DNS addresses
in your IP configuration (DCs and clients), they need to be REMOVED. If the
ISP's DNS is in there, this will cause problems. I usually see errors (GPOs
not working, can't find the domain, RPC issues, etc), when the ISP's DNS
servers are listed on a client, DCs and/or member servers, or with
multihomed DCs. If you have an ISP's (or some other outside DNS server or
even using your router as a DNS server) DNS addresses in your IP
configuration (all DCs, member servers and clients), they need to be REMOVED
and ONLY use the internal DNS server(s). This can be very problematic.

Basically, AD requires DNS. DNS stores AD's resource and service locations
in the form of SRV records, hence how everything that is part of the domain
will find resources in the domain. If the ISP's DNS is configured in the any
of the internal AD member machines' IP properties, (including all client
machines and DCs), the machines will be asking the ISP's DNS 'where is the
domain controller for my domain?", whenever it needs to perform a function,
(such as a logon request, replication request, querying and applying GPOs,
etc). Unfortunately, the ISP's DNS does not have that info and they reply
with an "I dunno know", and things just fail. Unfortunately, the ISP's (or
your router as a DNS server) DNS doesn't have information or records about
your internal private AD domain, and they shouldn't have that sort of
information.

If you mix the internal DNS and an external DNS, is not good. This because
of the way the resolver service works on all machines (DCs and clients):
If the server gets a response, even if it is a negative ('not found')
response, it's a response and will not go to the alternate. If after the
query to the first one times out (after 3 tries), it removes it from the
'eligible' resolvers list and then goes to the next one in the order listed.
It will not go back to the first one until a specified timeout period
(forget how long) unless one of three other things happen: restart the
machine, restart the DNS Client Service or DHCP Client Service, or set a reg
entry to force the TTL to reset the list after each query.

Also, AD registers certain records in DNS in the form of SRV records that
signify AD's resource and service locations. If a domain controller has
multiple NICs, each NIC registers. IF a client, or another DC queries DNS
for this DC, it may get the wrong record. One factor controlling this is
Round Robin. If a DC or client on another subnet that the DC is not
configured on queries for it, Round Robin will kick in offering one or the
other. If the wrong one gets offered, it may not have a route to it. On the
other hand, Subnetmask Priortization will ensure a querying client will get
an IP that corresponds to the subnet it's on, which will work. To insure
everything works, stick with one NIC.

These articles explains AD and DNS best practices in more detail:
825036 - Best practices for DNS client settings in Windows 2000 Server and
in Windows Server 2003:
http://support.microsoft.com/?id=825036

DNS and AD (Windows 2000 & 2003) FAQ:
http://support.microsoft.com/?id=291382

I hope this helps.


--
Ace

This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSA Messaging, MCT
Microsoft Certified Trainer
aceman@mvps.RemoveThisPart.org

For urgent issues, you may want to contact Microsoft PSS directly. Please
check http://support.microsoft.com for regional support phone numbers.

Hello jeff,

Remove the 61.9.194.49 and 61.9.195.193 from the NIC configuration on ANY
domain machine.

These are your ISP's DNS server i assume, they should be configured on the
FORWARDERS tab in the DNS server properties with the DNS management console.
The DNS server has to point to itself ass preferred DNS not to the ISP's
DNS server.

Additional remove the IPv6 addresses or better disable, at least uncheck
the IPv6, on the local area connection properties of the NIC.

Unused NIC's which set there APIPA address 169.254.x.x disable, they register
with that address also in DNS and create conflicts.


Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

Thanks. I deselected the V6 IP and also removed the external (ISP) IP
addresses from the DNS settings of the workstation so just the local DNS
Server Ip is there. But I still cannot connect to it.

When doing ipconfig/renew from that workstation, I get the error " An error
occurred while renewing interface Unable to contact your DHCP server.
Request time out.

I have removed the ISP IPs from the server DNS settings and ensured the
Server DNS was pointing to itself. The ISP's IPs were also already in the
DNS Forwarders.

Because none of the server DHCP & DNS configurations have changed aboart
from the above, I'm thinking the problem must be something more obvious.

DHCP is running and authorised. It is the only DHCP server on the network.
When I look at the statistics on it, it shows Nil Discovers, Offers,
Requests, Acks, Nacks, Declines etc.

The DNS server also passes the database consistency checks. The recursive
and simple DNS tests pass.

It also seems odd that when I set a workstation a fixed IP of 192.168.0.*, I
still cant ping the SBSDC or remote desktop to it. But I can ping that
worksation from the SBSDC and remote desktop from the SBSdc to another
workstation.

Thanks,

Jeff



"Meinolf Weber [MVP-DS]" wrote:

Quote:

Hello jeff, Remove the 61.9.194.49 and 61.9.195.193 from the NIC configuration on ANY domain machine. These are your ISP's DNS server i assume, they should be configured on the FORWARDERS tab in the DNS server properties with the DNS management console. The DNS server has to point to itself ass preferred DNS not to the ISP's DNS server. Additional remove the IPv6 addresses or better disable, at least uncheck the IPv6, on the local area connection properties of the NIC. Unused NIC's which set there APIPA address 169.254.x.x disable, they register with that address also in DNS and create conflicts. Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights. ** Please do NOT email, only reply to Newsgroups ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

IpConfig /all from the SBS DC is now:

Windows IP Configuration

Host Name . . . . . . . . . . . . : abcsbs01
Primary Dns Suffix . . . . . . . : abc.local
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : Yes
DNS Suffix Search List. . . . . . : abc.local



Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Server Adapter
Physical Address. . . . . . . . . : 00-04-23-B9-AF-15
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.0.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.0.1
DNS Servers . . . . . . . . . . . : 192.168.0.2


Here is an IPconfig from a workstation:


Windows IP Configuration

Host Name . . . . . . . . . . . . : T61
Primary Dns Suffix . . . . . . . : abc.local
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : abc.local

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) 82566MM Gigabit Network
Connection
Physical Address. . . . . . . . . : 00-1C-25-BA-E2-1E
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Autoconfiguration IPv4 Address. . : 169.254.178.252(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . : 192.168.0.1
DNS Servers . . . . . . . . . . . : 192.168.0.2
NetBIOS over Tcpip. . . . . . . . : Enabled

Thanks,
Jeff


"Jeff" wrote:

Quote:

Thanks. I deselected the V6 IP and also removed the external (ISP) IP addresses from the DNS settings of the workstation so just the local DNS Server Ip is there. But I still cannot connect to it. When doing ipconfig/renew from that workstation, I get the error " An error occurred while renewing interface Unable to contact your DHCP server. Request time out. I have removed the ISP IPs from the server DNS settings and ensured the Server DNS was pointing to itself. The ISP's IPs were also already in the DNS Forwarders. Because none of the server DHCP & DNS configurations have changed aboart from the above, I'm thinking the problem must be something more obvious. DHCP is running and authorised. It is the only DHCP server on the network. When I look at the statistics on it, it shows Nil Discovers, Offers, Requests, Acks, Nacks, Declines etc. The DNS server also passes the database consistency checks. The recursive and simple DNS tests pass. It also seems odd that when I set a workstation a fixed IP of 192.168.0.*, I still cant ping the SBSDC or remote desktop to it. But I can ping that worksation from the SBSDC and remote desktop from the SBSdc to another workstation. Thanks, Jeff "Meinolf Weber [MVP-DS]" wrote: Hello jeff, Remove the 61.9.194.49 and 61.9.195.193 from the NIC configuration on ANY domain machine. These are your ISP's DNS server i assume, they should be configured on the FORWARDERS tab in the DNS server properties with the DNS management console. The DNS server has to point to itself ass preferred DNS not to the ISP's DNS server. Additional remove the IPv6 addresses or better disable, at least uncheck the IPv6, on the local area connection properties of the NIC. Unused NIC's which set there APIPA address 169.254.x.x disable, they register with that address also in DNS and create conflicts. Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights. ** Please do NOT email, only reply to Newsgroups ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

Hello jeff,

Is the DHCP server authorized in AD and the scope activated?

Please post again an unedited ipconfig /all from the server and a test machine.

Are all DNS zones cleaned up from the old ip addresses?

For testing disable the firewall if activated on the SBS server.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

Quote:

Thanks. I deselected the V6 IP and also removed the external (ISP) IP addresses from the DNS settings of the workstation so just the local DNS Server Ip is there. But I still cannot connect to it. When doing ipconfig/renew from that workstation, I get the error " An error occurred while renewing interface Unable to contact your DHCP server. Request time out. I have removed the ISP IPs from the server DNS settings and ensured the Server DNS was pointing to itself. The ISP's IPs were also already in the DNS Forwarders. Because none of the server DHCP & DNS configurations have changed aboart from the above, I'm thinking the problem must be something more obvious. DHCP is running and authorised. It is the only DHCP server on the network. When I look at the statistics on it, it shows Nil Discovers, Offers, Requests, Acks, Nacks, Declines etc. The DNS server also passes the database consistency checks. The recursive and simple DNS tests pass. It also seems odd that when I set a workstation a fixed IP of 192.168.0.*, I still cant ping the SBSDC or remote desktop to it. But I can ping that worksation from the SBSDC and remote desktop from the SBSdc to another workstation. Thanks, Jeff "Meinolf Weber [MVP-DS]" wrote: Hello jeff, Remove the 61.9.194.49 and 61.9.195.193 from the NIC configuration on ANY domain machine. These are your ISP's DNS server i assume, they should be configured on the FORWARDERS tab in the DNS server properties with the DNS management console. The DNS server has to point to itself ass preferred DNS not to the ISP's DNS server. Additional remove the IPv6 addresses or better disable, at least uncheck the IPv6, on the local area connection properties of the NIC. Unused NIC's which set there APIPA address 169.254.x.x disable, they register with that address also in DNS and create conflicts. Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights. ** Please do NOT email, only reply to Newsgroups ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

Hello jeff,

Please also answer my questions. How many DHCP servers do you have running?

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

Quote:

IpConfig /all from the SBS DC is now: Windows IP Configuration Host Name . . . . . . . . . . . . : abcsbs01 Primary Dns Suffix . . . . . . . : abc.local Node Type . . . . . . . . . . . . : Unknown IP Routing Enabled. . . . . . . . : Yes WINS Proxy Enabled. . . . . . . . : Yes DNS Suffix Search List. . . . . . : abc.local Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Server Adapter Physical Address. . . . . . . . . : 00-04-23-B9-AF-15 DHCP Enabled. . . . . . . . . . . : No IP Address. . . . . . . . . . . . : 192.168.0.2 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.0.1 DNS Servers . . . . . . . . . . . : 192.168.0.2 Here is an IPconfig from a workstation: Windows IP Configuration Host Name . . . . . . . . . . . . : T61 Primary Dns Suffix . . . . . . . : abc.local Node Type . . . . . . . . . . . . : Broadcast IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : abc.local Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Intel(R) 82566MM Gigabit Network Connection Physical Address. . . . . . . . . : 00-1C-25-BA-E2-1E DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes Autoconfiguration IPv4 Address. . : 169.254.178.252(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.0.0 Default Gateway . . . . . . . . . : 192.168.0.1 DNS Servers . . . . . . . . . . . : 192.168.0.2 NetBIOS over Tcpip. . . . . . . . : Enabled Thanks, Jeff "Jeff" wrote: Thanks. I deselected the V6 IP and also removed the external (ISP) IP addresses from the DNS settings of the workstation so just the local DNS Server Ip is there. But I still cannot connect to it. When doing ipconfig/renew from that workstation, I get the error " An error occurred while renewing interface Unable to contact your DHCP server. Request time out. I have removed the ISP IPs from the server DNS settings and ensured the Server DNS was pointing to itself. The ISP's IPs were also already in the DNS Forwarders. Because none of the server DHCP & DNS configurations have changed aboart from the above, I'm thinking the problem must be something more obvious. DHCP is running and authorised. It is the only DHCP server on the network. When I look at the statistics on it, it shows Nil Discovers, Offers, Requests, Acks, Nacks, Declines etc. The DNS server also passes the database consistency checks. The recursive and simple DNS tests pass. It also seems odd that when I set a workstation a fixed IP of 192.168.0.*, I still cant ping the SBSDC or remote desktop to it. But I can ping that worksation from the SBSDC and remote desktop from the SBSdc to another workstation. Thanks, Jeff "Meinolf Weber [MVP-DS]" wrote: Hello jeff, Remove the 61.9.194.49 and 61.9.195.193 from the NIC configuration on ANY domain machine. These are your ISP's DNS server i assume, they should be configured on the FORWARDERS tab in the DNS server properties with the DNS management console. The DNS server has to point to itself ass preferred DNS not to the ISP's DNS server. Additional remove the IPv6 addresses or better disable, at least uncheck the IPv6, on the local area connection properties of the NIC. Unused NIC's which set there APIPA address 169.254.x.x disable, they register with that address also in DNS and create conflicts. Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights. ** Please do NOT email, only reply to Newsgroups ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

"Jeff" <Jeff@discussions.microsoft.com> wrote in message
news:049E3F86-1063-4D43-88B8-968F5FC8D0AD@microsoft.com...

Quote:

[snipped] DHCP is running and authorised. It is the only DHCP server on the network. When I look at the statistics on it, it shows Nil Discovers, Offers, Requests, Acks, Nacks, Declines etc.

Jeff, have you confirmed that the DHCP service on your router is disabled?

Ace

"Jeff" <Jeff@discussions.microsoft.com> wrote in message
news:9B36974F-CFDC-4412-B6F7-1E86AA2E99BE@microsoft.com...

Quote:

IpConfig /all from the SBS DC is now: Windows IP Configuration Host Name . . . . . . . . . . . . : abcsbs01 Primary Dns Suffix . . . . . . . : abc.local Node Type . . . . . . . . . . . . : Unknown IP Routing Enabled. . . . . . . . : Yes WINS Proxy Enabled. . . . . . . . : Yes DNS Suffix Search List. . . . . . : abc.local Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Server Adapter Physical Address. . . . . . . . . : 00-04-23-B9-AF-15 DHCP Enabled. . . . . . . . . . . : No IP Address. . . . . . . . . . . . : 192.168.0.2 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.0.1 DNS Servers . . . . . . . . . . . : 192.168.0.2 Here is an IPconfig from a workstation: Windows IP Configuration Host Name . . . . . . . . . . . . : T61 Primary Dns Suffix . . . . . . . : abc.local Node Type . . . . . . . . . . . . : Broadcast IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : abc.local Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Intel(R) 82566MM Gigabit Network Connection Physical Address. . . . . . . . . : 00-1C-25-BA-E2-1E DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes Autoconfiguration IPv4 Address. . : 169.254.178.252(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.0.0 Default Gateway . . . . . . . . . : 192.168.0.1 DNS Servers . . . . . . . . . . . : 192.168.0.2 NetBIOS over Tcpip. . . . . . . . : Enabled Thanks, Jeff

Jeff,

The server ipconfig looks good. The workstation does not. See the
169.254.x.x address? It's saying it cannot get a configuration from a DHCP
server. It appears there are more than one DHCP service running causing a
conflict.

Also, is RRAS installed and running on the SBS? I've seen where RRAS if
installed and misconfigured, will cause the SBS to not be able to
communicate properly.

Ace

Hi Acde,

Yes, The DHCP on the cable modem is disabled.

Jeff


"Ace Fekay [Microsoft Certified Trainer]" wrote:

Quote:

"Jeff" <Jeff@discussions.microsoft.com> wrote in message news:049E3F86-1063-4D43-88B8-968F5FC8D0AD@microsoft.com... [snipped] DHCP is running and authorised. It is the only DHCP server on the network. When I look at the statistics on it, it shows Nil Discovers, Offers, Requests, Acks, Nacks, Declines etc. Jeff, have you confirmed that the DHCP service on your router is disabled? Ace

"Jeff" <Jeff@discussions.microsoft.com> wrote in message
news:77CB88B9-3676-4CB8-8C6E-FDCD76C2CB20@microsoft.com...

Quote:

Hi Acde, Yes, The DHCP on the cable modem is disabled. Jeff

Good.

What is the IP range you've created in your Windows DHCP scope?

Also, did you see my other question regarding RRAS?

Ace

Hi Meinolf,

The SCSDC (abcsbs01) is the only DHCP server and it is authorised & running.
DHCP is disabled on the cable router. Our file server (abcfs01) is also
setup to be a DC /replicate AD, but I'm not sure how well that works as we
cannot acess the file server (abcfs01) if the SBSDC is down. The file server
(abcfs01) doesn't have DHCP or DNS installed on it.

Thanks,
Jeff

"Meinolf Weber [MVP-DS]" wrote:

Quote:

Hello jeff, Please also answer my questions. How many DHCP servers do you have running? Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights. ** Please do NOT email, only reply to Newsgroups ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm IpConfig /all from the SBS DC is now: Windows IP Configuration Host Name . . . . . . . . . . . . : abcsbs01 Primary Dns Suffix . . . . . . . : abc.local Node Type . . . . . . . . . . . . : Unknown IP Routing Enabled. . . . . . . . : Yes WINS Proxy Enabled. . . . . . . . : Yes DNS Suffix Search List. . . . . . : abc.local Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Server Adapter Physical Address. . . . . . . . . : 00-04-23-B9-AF-15 DHCP Enabled. . . . . . . . . . . : No IP Address. . . . . . . . . . . . : 192.168.0.2 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.0.1 DNS Servers . . . . . . . . . . . : 192.168.0.2 Here is an IPconfig from a workstation: Windows IP Configuration Host Name . . . . . . . . . . . . : T61 Primary Dns Suffix . . . . . . . : abc.local Node Type . . . . . . . . . . . . : Broadcast IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : abc.local Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Intel(R) 82566MM Gigabit Network Connection Physical Address. . . . . . . . . : 00-1C-25-BA-E2-1E DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes Autoconfiguration IPv4 Address. . : 169.254.178.252(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.0.0 Default Gateway . . . . . . . . . : 192.168.0.1 DNS Servers . . . . . . . . . . . : 192.168.0.2 NetBIOS over Tcpip. . . . . . . . : Enabled Thanks, Jeff "Jeff" wrote: Thanks. I deselected the V6 IP and also removed the external (ISP) IP addresses from the DNS settings of the workstation so just the local DNS Server Ip is there. But I still cannot connect to it. When doing ipconfig/renew from that workstation, I get the error " An error occurred while renewing interface Unable to contact your DHCP server. Request time out. I have removed the ISP IPs from the server DNS settings and ensured the Server DNS was pointing to itself. The ISP's IPs were also already in the DNS Forwarders. Because none of the server DHCP & DNS configurations have changed aboart from the above, I'm thinking the problem must be something more obvious. DHCP is running and authorised. It is the only DHCP server on the network. When I look at the statistics on it, it shows Nil Discovers, Offers, Requests, Acks, Nacks, Declines etc. The DNS server also passes the database consistency checks. The recursive and simple DNS tests pass. It also seems odd that when I set a workstation a fixed IP of 192.168.0.*, I still cant ping the SBSDC or remote desktop to it. But I can ping that worksation from the SBSDC and remote desktop from the SBSdc to another workstation. Thanks, Jeff "Meinolf Weber [MVP-DS]" wrote: Hello jeff, Remove the 61.9.194.49 and 61.9.195.193 from the NIC configuration on ANY domain machine. These are your ISP's DNS server i assume, they should be configured on the FORWARDERS tab in the DNS server properties with the DNS management console. The DNS server has to point to itself ass preferred DNS not to the ISP's DNS server. Additional remove the IPv6 addresses or better disable, at least uncheck the IPv6, on the local area connection properties of the NIC. Unused NIC's which set there APIPA address 169.254.x.x disable, they register with that address also in DNS and create conflicts. Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights. ** Please do NOT email, only reply to Newsgroups ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

"Jeff" <Jeff@discussions.microsoft.com> wrote in message
news:5853A907-356E-4C33-9C98-FDAB3E119FD1@microsoft.com...

Quote:

Hi Meinolf, The SCSDC (abcsbs01) is the only DHCP server and it is authorised & running. DHCP is disabled on the cable router. Our file server (abcfs01) is also setup to be a DC /replicate AD, but I'm not sure how well that works as we cannot acess the file server (abcfs01) if the SBSDC is down. The file server (abcfs01) doesn't have DHCP or DNS installed on it. Thanks, Jeff

Actually, that is the way it works. The SBS server is your domain
controller, therefore it authenticates all access requests to anything in
the domain, from shares and other resources (printers, etc) on itself, to
shares and other resources (printers, etc), on all other machines that are
joined to the domain. If it is down, and all DNS records point to it, then
it will not be able to authenticate. This may also point to an issue with
abcfs01 possibly not registering properly in DNS.

Please post an ipconfig /all of abcfs01.

I would recommend to install DNS on abcfs01. Once installed, allow
replication to occur (do not manually create any zones), and wait for the
zone to automatically show up. This may take up to 30 minutes. Then setup
the NIC on each domain controller so the first DNS address is itself (its
own IP), and the second IP is the other domain controller.

Back to DHCP. We have to find out why DHCP is not giving an IP address to
your workstations. I had a previous question regarding RRAS and what the IP
range is set to for the DHCP scope.

Hopefully between Meinolf and I, we'll eventually get this thing going for
you.

Ace

Hi Ace,

The DHCP on the cable router & on the Smoothwall firewall are disabled.
I’ve also shutdown the cable modem & smoothwall firewall and attempted to
login as part of my tests.

I’ve shut them I looked at RRAS. Yes it is installed but there don’t seem
to be any policies that could prevent login. There are 3 default remote
access policies - Mobile users, connections to routing & remote access
servers & login time restrictions which allow 24/7. But I did stop it and
attempted to log in from a Vista PC and still couldn't & the local DNS server
name doesn’t display when doing IPCOnfig from that workstation.

I've started RRAS again. The settings look correct. The 7 ports in use
are WAN miniport VPNs, PPPoe & parallel.
IP routing –General
Loopback - 127.0.01,
Local Area Connection – Dedicated -
Enable IP Router Manager
Use IP address has 192.168.0.2 (SBSDC).
Multicast heartbeat & broadcast have no entries, not enabled
Internal interfaces – IP Manager enabled but nothing specified

Static routes – nothing specified

I looked again at the DHCP setup and it appears correct
Scope has 192.168.0.1 through 192.168.0.254 On the DNS tab, Enable DNS
dynamic updates is not selected “Dynamically update DNS A & PTR Records if
specifically requested by DHCP clients is ticked and greyed out.
DHCP only is ticked on the Advanced tab.

But going back to basics – I can’t ping the SBSDC (either IP or w/s name)
from any other PC on the Lan, but the SBSDC can ping any PC on the LAN.

On the SBSDC I can open OWA and see my current mail, but OWA on any
workstation (or via remote access) gives IE errors.


"Ace Fekay [Microsoft Certified Trainer]" wrote:

Quote:

"Jeff" <Jeff@discussions.microsoft.com> wrote in message news:049E3F86-1063-4D43-88B8-968F5FC8D0AD@microsoft.com... [snipped] DHCP is running and authorised. It is the only DHCP server on the network. When I look at the statistics on it, it shows Nil Discovers, Offers, Requests, Acks, Nacks, Declines etc. Jeff, have you confirmed that the DHCP service on your router is disabled? Ace

"Jeff" <Jeff@discussions.microsoft.com> wrote in message
news:B4EB5185-684A-47E4-B498-F9B08C4DE25D@microsoft.com...

Quote:

Hi Ace, The DHCP on the cable router & on the Smoothwall firewall are disabled. I’ve also shutdown the cable modem & smoothwall firewall and attempted to login as part of my tests. I’ve shut them I looked at RRAS. Yes it is installed but there don’t seem to be any policies that could prevent login. There are 3 default remote access policies - Mobile users, connections to routing & remote access servers & login time restrictions which allow 24/7. But I did stop it and attempted to log in from a Vista PC and still couldn't & the local DNS server name doesn’t display when doing IPCOnfig from that workstation. I've started RRAS again. The settings look correct. The 7 ports in use are WAN miniport VPNs, PPPoe & parallel. IP routing –General Loopback - 127.0.01, Local Area Connection – Dedicated - Enable IP Router Manager Use IP address has 192.168.0.2 (SBSDC). Multicast heartbeat & broadcast have no entries, not enabled Internal interfaces – IP Manager enabled but nothing specified Static routes – nothing specified I looked again at the DHCP setup and it appears correct Scope has 192.168.0.1 through 192.168.0.254 On the DNS tab, Enable DNS dynamic updates is not selected “Dynamically update DNS A & PTR Records if specifically requested by DHCP clients is ticked and greyed out. DHCP only is ticked on the Advanced tab. But going back to basics – I can’t ping the SBSDC (either IP or w/s name) from any other PC on the Lan, but the SBSDC can ping any PC on the LAN. On the SBSDC I can open OWA and see my current mail, but OWA on any workstation (or via remote access) gives IE errors.

Jeff,

Good DHCP on your two other devices are disabled.

RRAS was just a possible cause. It looks like the settings are fine.

For DHCP, the scope is overlapping existing IP addresses, such as your
router (192.168.0.1), and your two servers (192.168.00.2 and .the other
server, I think is 192.168.0.3). This will cause conflicts and may be the
cause of why the workstations can't get an IP. You may have to delete the
scope and re-created it, with settings such as:
Scope: 192.168.0.100 - 192.168.0.254
Option 003 = 192.168.0.1
Option 006 = 192.168.0.2 and 192.168.0.3 (for the other DC after you install
DNS on it)
Option 015 = abc.local

If you are using RRAS, I would suggest to use WINS so the remote users will
be able to browse server shares and resources. If you do install WINS, add
the following to Scope options:
Option 044 = 192.168.0.2
Option 046 = 0x8

Getting closer. Also, I haven't seen the ipconfig /all of the other server.

Ace

Hi Ace,

Thanks again to you and Meinholf. I know we're getting there. Thanks
also for explaining the authentication and earlier issues. I thought if the
F/S was also setup as a DC replicating AD from the Primary, it woud
authenticate if the SBSDC was down.

Here is the ipconfig from the abcfs01. I'm about to install DNS on it as
you recommend.

Windows IP Configuration

Host Name . . . . . . . . . . . . : abcfs01
Primary Dns Suffix . . . . . . . : abc.local
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : abc.local

Ethernet adapter Local Area Connection:


Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet
Physical Address. . . . . . . . . : 00-0C-76-A0-0B-12
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.0.3
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.0.1
DNS Servers . . . . . . . . . . . : 192.168.0.2


Jeff.

"Ace Fekay [Microsoft Certified Trainer]" wrote:

Quote:

"Jeff" <Jeff@discussions.microsoft.com> wrote in message news:5853A907-356E-4C33-9C98-FDAB3E119FD1@microsoft.com... Hi Meinolf, The SCSDC (abcsbs01) is the only DHCP server and it is authorised & running. DHCP is disabled on the cable router. Our file server (abcfs01) is also setup to be a DC /replicate AD, but I'm not sure how well that works as we cannot acess the file server (abcfs01) if the SBSDC is down. The file server (abcfs01) doesn't have DHCP or DNS installed on it. Thanks, Jeff Actually, that is the way it works. The SBS server is your domain controller, therefore it authenticates all access requests to anything in the domain, from shares and other resources (printers, etc) on itself, to shares and other resources (printers, etc), on all other machines that are joined to the domain. If it is down, and all DNS records point to it, then it will not be able to authenticate. This may also point to an issue with abcfs01 possibly not registering properly in DNS. Please post an ipconfig /all of abcfs01. I would recommend to install DNS on abcfs01. Once installed, allow replication to occur (do not manually create any zones), and wait for the zone to automatically show up. This may take up to 30 minutes. Then setup the NIC on each domain controller so the first DNS address is itself (its own IP), and the second IP is the other domain controller. Back to DHCP. We have to find out why DHCP is not giving an IP address to your workstations. I had a previous question regarding RRAS and what the IP range is set to for the DHCP scope. Hopefully between Meinolf and I, we'll eventually get this thing going for you. Ace