DNS / AD domain problem 1

[Anarax]

Hello! This has to be easy, so easy that I am missing it.
I am running a tiny 2 node LAN, Server 2003 and and XP Pro box. I have installed AD on the server, along with DHCP and WINS. Network connectivity is no problem; I can contact each box from the other (ping, pathping, tracert), I can send net send messages, but they do not see each other whan I browse the network.
Also:
I cannot map network drives;
When I set up new users in the users OU, they cannot log onto the network, because the XP box cannot join the domain.
Specs:
Server:medusa
Node:tron
Network:skynet.net (I know, but I had to think of one;-)
Static IP for server(DHCP,DNS,WINS):10.0.0.1
XP box is set to obtain ip from DHCP.
When I ping tron from medusa, name resolves to ip, as it should. When I ping medusa from tron, name does not resolve, but I can ping the ip (10.0.0.1).
After working on this for 4 hours on my day off, I am ready to slam my head against the closest flat and heavy object that I can find!
Thanks in advance for your help.
Tim

 

[Anarax]

I forgot to mention something that may be important:
When I run Nslookup on medusa (server), I get the following result:
DNS request timed out.
timeout was 2 seconds.
***Can't find server name for address 10.0.0.1: timed out
default server:unknown
address:10.0.0.1

I'll buy you a beer if you can tell me where I went wrong!
Much thanks!
Tim

 

[GlenJohnson]

When I ping tron from medusa, name resolves to ip, as it should. When I ping medusa from tron, name does not resolve, but I can ping the ip (10.0.0.1).
What does pathping show from medusa to tron?


Glen A. Johnson
"Give the laziest man the hardest job and he'll find the easiest way to do it."

Want to get great answers to your Tek-Tips questions? Have a look at FAQ219-2884

 

[Anarax]

I am at work now, but will post the pathping results later. I also made a mistake in the nslookup output: The ip that it is showing when it tries to connect to the dns server is 10.0.0.10. I have no idea where that came from; would it be better to just delete the dns server and just create a new one? Or will I have to uninstall AD first?

 

[Anarax]

In doing some research (which I should have done in the first place) I realized that my problem is a direct result of NOT creating a DNS server before I ran DCPROMO.
So, is it advisable to uninstall the DNS server, and then reload AD?
Can I even uninstall AD?
Tim

 

[GlenJohnson]

DCPROMO will take care of installing AD and DNS. You may have a different problem. Run DCPROMO now and it will un-install ad for you.

Glen A. Johnson
"Give the laziest man the hardest job and he'll find the easiest way to do it."

Want to get great answers to your Tek-Tips questions? Have a look at FAQ219-2884

 

[Anarax]

Dns was installed; I think the problem was that there are 2 NICs and 2 VMWare NICs installed; anyway, I disabled the 3 NICs that I am not using, and enabled 1, ip 10.0.0.1.
When I run pathping from server (Medusa) to Tron (node) I get everything checks out (skynet.net domain, static ip on medusa of 10.0.0.1), but when I run it from tron, I get "Unable to resolve target system name."
However, tron has pulled an ip from medusa (10.0.0.101) AND I can ping medusa from tron if I ping the ip (ping medusa does not work).
As a result, I cannot log onto the skynet.net domain using any accounts that I set up; I can only log onto tron using a local account.

What did I do?

Thanks
Tim

 

[GlenJohnson]

Check and see if you have a hosts file on Tron. It's possible you have an old one that is causing problems. If you don't, try installing one just for jollies and see if you can ping Medusa with the hosts file in place. Should rule out hardware if you can ping the server with a hosts file. Good luck.

Glen A. Johnson
"Give the laziest man the hardest job and he'll find the easiest way to do it."

Want to get great answers to your Tek-Tips questions? Have a look at FAQ219-2884

 

[Anarax]

Glen-
There is a host and lmhost file on tron. But I ran nslookup on both medusa and tron, both came back with the same reply:
DNS timed out.
timeout was 2 seconds.
***Can't find server name for address 10.0.0.1: timed out
default server:unknown
address:10.0.0.1

Strange that I'm getting this message when the DNS is setup on medusa; should I just try uninstalling DNS/DNS server and reloading it again? Will I be in any trouble if I do that? Of course this is just a private lab, but I mean will I be able to reload DNS after I blow it out?
When I tried to join the domain under a user account on tron, I got the reply:
A Domain Controller for skynet could not be contacted.

This has to be something easy that I am overlooking; should I just remove AD, DNS, DHCP, WINS and start over again? I really hate to do that, but I cannot figure this out.

Thanks again
Tim

 

[GlenJohnson]

No, let's check your event logs first for error messages. Check them out and post the event id numbers. Good luck.

Glen A. Johnson
"Give the laziest man the hardest job and he'll find the easiest way to do it."

Want to get great answers to your Tek-Tips questions? Have a look at FAQ219-2884

 

[jfk8680]

You said in a previous post: "The ip that it is showing when it tries to connect to the dns server is 10.0.0.10" In a later post you are talking about 10.0.0.1. Could you post the output of ipconfig /all to make sure that your client (tron) looks for the correct DNS server?

Do DNS queries resolve OK on the server? What is the output of NSLOOKUP on the server?

 

[ricpinto]

I agree with jfk8680, post ipconfig/all on medusa and tron to check irregularities. Download netdiag.exe and run netdiag/fix

 

[Anarax]

Thanks for your replies; here is the output for both boxes:
Results of Medusa output::::
C:\>ipconfig/all

Windows IP Configuration

Host Name . . . . . . . . . . . . : MEDUSA
Primary Dns Suffix . . . . . . . : skynet.net
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : skynet.net

Ethernet adapter Local Area Connection 2:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : IBM Netfinity 10/100 Ethernet Adapter
Physical Address. . . . . . . . . : 00-04-AC-D8-58-56
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.0.0.1
Subnet Mask . . . . . . . . . . . : 255.0.0.0
Default Gateway . . . . . . . . . : 10.0.0.1
DNS Servers . . . . . . . . . . . : 10.0.0.1

/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/

C:\>nslookup
DNS request timed out.
timeout was 2 seconds.
*** Can't find server name for address 10.0.0.1: Timed out
Default Server: UnKnown
Address: 10.0.0.1

/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/

C:\>pathping tron

Tracing route to tron [10.0.0.101]
over a maximum of 30 hops:
0 MEDUSA.skynet.net [10.0.0.1]
1 TRON [10.0.0.101]

Computing statistics for 25 seconds...
Source to Here This Node/Link
Hop RTT Lost/Sent = Pct Lost/Sent = Pct Address
0 MEDUSA.skynet.net [10.0.0.1]
0/ 100 = 0% |
1 0ms 0/ 100 = 0% 0/ 100 = 0% TRON [10.0.0.101]

Trace complete.

/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/

C:\>tracert tron

Tracing route to tron [10.0.0.101]
over a maximum of 30 hops:

1 <1 ms <1 ms <1 ms TRON [10.0.0.101]

Trace complete.

/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/

C:\>ping tron

Pinging tron [10.0.0.101] with 32 bytes of data:

Reply from 10.0.0.101: bytes=32 time<1ms TTL=128
Reply from 10.0.0.101: bytes=32 time<1ms TTL=128
Reply from 10.0.0.101: bytes=32 time<1ms TTL=128
Reply from 10.0.0.101: bytes=32 time<1ms TTL=128

Ping statistics for 10.0.0.101:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms

C:\>ping skynet.net

Pinging skynet.net [10.0.0.1] with 32 bytes of data:

Reply from 10.0.0.1: bytes=32 time<1ms TTL=128
Reply from 10.0.0.1: bytes=32 time<1ms TTL=128
Reply from 10.0.0.1: bytes=32 time<1ms TTL=128
Reply from 10.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 10.0.0.1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms

///////////////////////\\\\\\\\\\\\\\\\\\\\//////\\\\\\
Results of Tron output::::


C:\>ipconfig/all

Windows IP Configuration

Host Name . . . . . . . . . . . . : tron
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8139 Family PCI Fast Ethe
rnet NIC
Physical Address. . . . . . . . . : 00-00-C5-C0-8C-01
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 10.0.0.101
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DHCP Server . . . . . . . . . . . : 10.0.0.1
DNS Servers . . . . . . . . . . . : 10.0.0.1
Primary WINS Server . . . . . . . : 10.0.0.10
Lease Obtained. . . . . . . . . . : Tuesday, February 17, 2004 7:45:45 A
M
Lease Expires . . . . . . . . . . : Wednesday, February 25, 2004 7:45:45
AM

/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/

C:\>nslookup
DNS request timed out.
timeout was 2 seconds.
*** Can't find server name for address 10.0.0.1: Timed out
*** Default servers are not available
Default Server: UnKnown
Address: 10.0.0.1

/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/

C:\>ping medusa
Ping request could not find host medusa. Please check the name and try again.

C:\>ping skynet.net

Pinging skynet.net [10.0.0.1] with 32 bytes of data:

Reply from 10.0.0.1: bytes=32 time=1ms TTL=128
Reply from 10.0.0.1: bytes=32 time<1ms TTL=128
Reply from 10.0.0.1: bytes=32 time<1ms TTL=128
Reply from 10.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 10.0.0.1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 1ms, Average = 0ms

C:\>

{{{{{{}}}}}}

I ran netdiag on both boxes (saved netdiag to C:\Winnt\System32, and ran it from the command line; here is the result:

Error Message: The procedure entry point DnsGetPrimaryDomainName_UTF8 could not be located in the dynamic link library DNSAPI.dll.

Thanks again for your help!
Tim

 

[jfk8680]

I bet ping medusa.skynet.net works fine, doesn't it?

The primary WINS server of your client is 10.0.0.10 which you haven't mentioned at all in your description. Does this WINS server exist? I suspect it doesn't...

When you give the command ping MEDUSA, it probably tries to use WINS server 10.0.0.10 to resolve the name (MEDUSA = WINS, MEDUSA.SKYNET.NET = DNS). Do you have WINS lookup enabled on your DNS server?

Good luck!

Jeffrey
PS. There are some excellent name resolution process flowcharts in Mark Minasi's (Sybex) Mastering Windows 2000/2003 Server.

Jeffrey Kusters

MCSA, MCSE, CCNA

 

[Anarax]

jfk:
Yes, when I ping medusa.skynet.net it resolves (ip 10.0.0.1). When I ping skynet.net, it resolves the same; however, medusa still saiys that ping request could not find host. You are on the right track, though; it has to be a WINs problem; I enabled WINS lookup (used ip 10.0.0.1) and refreshed. Still does not resolve. I also tried pinging 10.0.0.10 so that I can determine if it exists, and it timed out on both boxes.
However, as the out indicated from my last post, 10.0.0.10 is listed as the primary wins server on tron. What can I do to change this? I have deleted the wins server and added another (medusa, and it prefilled the ip of 10.0.0.1) so what else can I try? Also, is this the reason that I cannot add tron to the skynet.net domain? Because it cannnot resolve the netbios name? Why would that make a difference?
I just tried adding tron again to the domain (right click on My Computer, select join domain, after I setup an admin account in AD so that I would be ABLE to join the domain), and lo and behold, I was allowed to logon to the domain. I created another account in AD (user only rights) and that was cool, too.
Everything appears to be working fine.
Except I need to lose the 10.0.0.10 as my primary WINs server.....
Thanks for all your help, everybody. Just another case of not reading the f!#king manual!
Thanks again
Tim

 

[GlenJohnson]

Quick down and dirty trick to see if jfk8680 is correct, and I'm betting he is. Throw an lmhosts file on each machine and see if the netbios name resolution works out, and I'm guessing it will. Good call, j. Here's a star.

Glen A. Johnson
&quot;Give the laziest man the hardest job and he'll find the easiest way to do it.&quot;

Want to get great answers to your Tek-Tips questions? Have a look at FAQ219-2884

 

[jfk8680]

Tim,

Since your server is hosting DHCP I think you have created a scope or server option which gives the clients the primary WINS server. To change or remove it open the DHCP MMC, go to scope or server options (if you followed the wizard when you added a new scope, which is likely, go to scope options). Find option 044 WINS/NBNS Servers. If I'm right the 10.0.0.10 address should be there. Change it to 10.0.0.1 and everythink should be fine...

Glad I could help and thanks for the kind words Glen!

Jeffrey

Jeffrey Kusters

MCSA, MCSE, CCNA

 

[Zilantyas]

Hey! On your Windows XP and 2003 machine make sure you turned off the built-in firewall. Internet Connection Firewall:
Right-click MY NETWORK PLACES select PROPERTIES then click on the ADVANCED tab. UNCHECK the box then click OK.

Do this on both machines.

Hope that helps!

Zilantyas
Professional Information Technology Solutions

http://www.zilantyas.com

 

[Anarax]

Hi, Zilantyas!
No, I do not have ICF (or ICS) enabled, however I ran into another problem (maybe I should punt and start over); when I try to browse the network, I cannot see the other box. When I am on tron, I cannot see medusa, and vice versa.
I did fix the wins prob; Jeffrey was right about that, 10.0.0.10 was reserved in the DHCP scope by the friend that built the server for me as a gift. So, the problem stems from the fact that the server was started by someone and then I took it over without knowing all the settings. Talk about a learning experience!
Back to the network browsing issue; I just checked on it earlier, and other than verifying that I have something shared from each box, what else can I check? Both medusa and tron are logged on using an account with admin rights.

Thanks again!
Tim

 

[jfk8680]

Tim,

Can you access shares when you use UNC paths: \\MEDUSA and \\TRON?

Check your event logs for any (master) browser related errors.

If my memory serves me right, the network neighborhood is populated by the Master Browser which should be your Domain Controler (MEDUSA). There isn't a Linux SAMBA box on your network? Often the Linux/Unix boxes take over the Master Browser role and kill the Network Neighborhood...

Good luck!

PS. I wouldn't kill your network because of the problems you're running into. Sure, start over once all your problems are fixed so you can also experience the installation process. As you said yourself, this is a nice learning experience!

Jeffrey Kusters

MCSA, MCSE, CCNA