Configuring 2k3 server

[anderground]

hi

i've installed 2k3 server and started with adding roles by server configuration wizard.

i've managed to set up dns server, and it works ok.

but i haven't managed to set up dhcp server.

i have turned off router dhcp, set the static ip of the server to 192.168.1.2, and set the scope .10-.50

subsequently i authorized the dhcp.

however, my client (xp) machine is unable to get its ip, although in dhcp (server) everything seems to be ok.

so i hope sc302 or +BudMan are around.

thanks

[+BudMan MVC]

Please tell me you did not add the dns role by yourself?? Just run the dcpromo wizard -- your going to run into issues trying to setup dns before you run dcpromo.

And did you release its old lease? I can teamviewer in if you want -- but only have a few minutes before I have to leave at 6pm

if you want pm the info.

[anderground]

  On 09/05/2010 at 22:35, BudMan said:

Please tell me you did not add the dns role by yourself??

i can't tell you that, because i did it; i firstly added dns, then dhcp, then AD, all by server config wizard..

are you still there?

[anderground]

im going to remove all rolles and start dcpromo by myself ..

[anderground]

i removed all roles, including AD, then started dcpromo and reinstalled AD (with dns).

but i dont know how to configure dns (where to put the isp dns ip ??)

[+BudMan MVC]

There is no reason to put in your ISP DNS to be honest, unless you want to set it up as a forwarder - by default your dns server will look up from roots.

Query it -- it will look up google.com, neowin.net on its own from the root servers directly.

Im here now - if you want to pm me your teamviewer info.

[anderground]

well you're right, dns works without forwarding the isp dns address, but only for the server machine itself.

my client pc neither can get its lan ip from 2k3 dhcp, nor can it use 2k3 dns..

in dhcp and dns mmc everything seems to be ok (all is green, active, authorized etc).

the settings of the client xp comp are:

-"Obtain IP automatically"

- dns: 192.168.1.2

edit:

sorry, im in gmt+1 time zone, so it's not easy to coordinate..

thanks a lot for the remote help offer anyway.

[sc302 Veteran]

i'll take a look a bit later if you want.

[anderground]

ok thanks, i have sent you a pm.

[anderground]

just to say that sc302 provided me a remote help again, so now my dhcp and dns work fine for the client machine too.

there were 2 problems.

firstly i put dns address 192.168.1.2 for my client, instead to set it to automatic.

and there was a wins server present in the configuration.

when he deleted wins server and put dns on the client to automatic, the client got internet connectivity.

i've also (with sc's help) managed to join my client pc to the testdomain1.

now i have to play with groups, permissions etc and when get stuck im back here.

thanks a lot once again (Y) (Y) (Y)

[+BudMan MVC]

I just answered your PM, and gave some info about wins.

You could run one if you so wanted/needed to - just another role you add to the server. Prob not use in your small test setup all on one segment, etc. Even though it is OLD method - it can and is still used for netbios name resolution in many companies.

[sc302 Veteran]

why bother with wins unless you have an older os that needs it?

I wouldn't say that wins is absolutely useless, however there are more issues with it than it is worth. Have you ever had an issue where there were dup entries? I have, and I have helped several admins through the dup entry issues where pcs couldn't get on the network or assigned a wrong address. Ahh wins, how much I hate thee. If a pc can resolve by the netbios name, why would you need wins? A properly setup network, IE defaulted not dicked with network, can resolve the netbios name just fine without wins.

[+BudMan MVC]

I agree completely with you -- he has little need of it im sure, especially on just a test little network where he can broadcast for netbios. But this is not always the case ;)

And yes I have gone through many many issues with wins over the years.. Its one of the those love/hate relationships ;) Trying working with global network with push/pull partners all over the globe and local IT not understand which wins is for servers and which is for desktops, etc. etc.. changing wins servers on you and not informing the rest of the IT, etc. etc..

Yeah I hear you -- can be real fun sometimes trying to keep it clean ;)

I was just saying its still around, and is still used no matter how much we all want to get away from it -- depending on the network and applications used on it, etc. If its a learning exp it would not hurt for him to fire it up and atleast get an understanding of how it works -- even though on a such a small test network he will not run into some of the issues you run into with multiple wins on a network and trying to share info, etc..

But he should understand the basic workings of it -- since it is still around, and will prob be around for some time to come.

[anderground]

i think that backup of the present state of the server would be a smart move.

i'll be changing lots of stuff there, so it would be nice to have a way back when things go wrong. :pc:

is there some 2k3 backup component which works similar to acronis or norton ghost ?

[sc302 Veteran]

best thing you can do is a free imaging solution or windows vista/windows 7 backup.

easeus disk copy can do what you want for free.

[anderground]

hi

i did a backup with easeus disk copy.

it cloned the c partition on d partition as is, and it didnt create any backup file as acronis trueimage does.

im wondering how do i go about restoring it to c partition ?

[sc302 Veteran]

I am so sorry I think what you wanted was todo backup

EASEUS Todo Backup

Free Backup Software - EASEUS Todo Backup enables you to clone the entire disk fast both in windows and bootable CD. It can backup your system partition to image to quickly get the system up and running in the event of a system crash or hardware failure and allows you to restore after viruses attack, unstable software download, and hard drive failure. Meanwhile, EASEUS Todo Backup works with Windows systems, like Windows 2000 Professional/XP/Vista/Window 7 and Windows Server 2000/2003/2008 and can create bootable CD.

http://www.todo-backup.com/download/

I don't use these free utilities, I have legit copies of acronis and ghost at my disposal.

[anderground]

even though it's a bit out of the topic, i have to say that todo-backup is a great free utility which is very similar to acronis.

thanks a lot for it.

[anderground]

hi

a problem occured.

when the lease expires, dhcp is not able to assign a new ip to the client if win firewall is enabled.

i tried ipconfig/release - /renew as well.

i opened ports 67 and 68 in the firewall to no avail.

what would be the solution ?

thanks

[+BudMan MVC]

what firewall on the client -- the built in one or some 3rd party.

by default the windows firewall is not going to be blocking dhcp, if you feel its a firewall issue you must have it misconfigured. you should not have to create any special rules for dhcp -- they would be open already.

As you can see they are pre configured rules - and would be set to allow for both ipv4 and ipv6

Edited May 13, 2010 by BudMan

[anderground]

i think its not client firewall.

when i turn off win firewall on the server, dhcp works ok.

where are that picture from ?

edit:

i've already tried to disable client firewall (pctools)..

edit2:

yesterday i installed clam av on the server , nothing else

[+BudMan MVC]

That picture is from the advanced settings firewall screen on win 7 client.

I can assure you that again you would have to make no specific rules on the 2k3 box for dhcp to work.

client firewall (pctools) <--- lost me on this? So your running a third party firewall on the client?

If you saying it works when you turn off the firewall on the server -- you must of created some rule that is blocking it??

I will take a look at my test 2k3 box firewall rules -- but again I am quite sure there would be default rules to all for it to be a dhcp server.

[anderground]

hmm here's what happened.

as i said i opened 2 dhcp ports (67 and 68) but the both with TCP protocol.

when i added the same 2 dhcp ports but with UDP protocol, dhcp is able to assign ip's to the client. :blink:

does dhcp actually work with udp ?

edit:

yes. im running 3rd party pctools firewall on the client.

and no, i didnt create any blocking rule on the server firewall.

[sc302 Veteran]

why run software firewalls on your internal network that is trusted? do you not trust the pc's on your internal network?

[+BudMan MVC]

Like I said you should not have needed to create any specific rules anyway, and yes dhcp use UDP.. What I find funny is how did you know it was ports 67 and 68 and not that it was UDP vs TCP?

And Im with sc302, I don't really see the point of running any software firewall on your internal trusted machines that are on a private network.. If you must then just use the built in one there is no need for any 3rd party one for sure.