+ Reply to Thread
Page 1 of 2 1 2 Last
Results 1 to 25 of 45
  1. VCDX in 2017 Essendon's Avatar
    Join Date
    Sep 2007
    Location
    Melbourne
    Posts
    4,489

    Certifications
    VCIX-NV, VCAP5-DCD/DTA/DCA, VCP-5/DT, MCSA: 2008, MCITP: EA, MCTS x5, ITIL v3, MCSA: M, MS in Telecom Engg
    #1

    Default Major issues ** Now Resolved **

    Well, it's me again. I am the one who seems to have the most and the weirdest problems. It does give me valuable experience but I could really do without problems for some time now.

    As before, I have 1 DC called server1 and a member server, server3 in the domain contoso.com

    server1 config: !!!!! server3 config:
    !!!!!
    IP: 192.168.0.101 !!!!! IP : 192.168.2.129
    Mask: 255.255.255.0 !!!!!! Mask : 255.255.255.0
    Def gateway : NONE SET !!!!! Def gateway : 192.168.2.2
    Preferred DNS : 192.168.0.101 !!!!!! Preferred DNS : 192.168.2.129

    Both servers are DNS server with server1 being the primary DNS server. It was only last night that I gave the role of secondary DNS to server3. At first, the forward lookup zone contoso.com would not show up on server3, even after doing either Transfer from Master or Reload from Master. But a reboot of both servers helped and server3 was able to pull the DNS information from server1.

    Now there are no errors on any of the event logs on server1, nothing serious except one saying that the browser forced an election....because a domain master was started. Unsure what that is about.

    Errors on server3:
    1.Windows cannot query for the list of GP objects. Check the event log for possible messages logged by the policy engine that describes the reason for this Event ID : 1030, Source : Userenv
    (I havent found any other messages)


    2. Windows cannot find the machine account. No authority could be contacted for authentication. Does this mean that this server was unable to contact the DC?

    3. Just got another event log saying Security policy in the GP objects has been applied successfully.

    4. Last night, I got this Windows cannot obtain the DC name for your computer. The specified domain either does not exist or could not be contacted. GP processing aborted.

    There are A records for server1 and server3 in the DNS snap-in on both computers. Everything appearing on the DNS snap-in looks alright. BUT, should there be any A records for the VMWare network adapters in the DNS snap-in? They appeared by themselves when I first gave the DNS role to server1.

    I did a netdiag and a dcdiag last night, and I am afraid that contents of the logs did not look good

    Netdiag had a few particularly alarming messages:

    1. Default gateway test failed : No gateways are reachable. You have no connectivity to other network segments. If you have a static IP address, you must have atleast one def gateway.(which is probably because there is no def gateway on server1)

    2. DNS test : Passed
    The Record is different on the DNS server : 192.168.0.101. DNS server has more than one entries for this name, usually this means that there are multiple DCs for this domain. Your DC entry is one of them on DNS server "192.168.0.101", no need to re-register. (Heaps and heaps of this one)

    server1 passed most of the DCDIAG tests. Though at the very last line it said, contoso.com failed test DNS (this might be because I dont this server connected to the internet.

    One more thing I should put in is nslookup. When I do an nslookup on either server ,say I am at server1 and type in nslookup server03.contoso.com., I get :

    Server: server3.contoso.com
    Address: 192.168.2.129

    *** server3.contoso.com. cant find nslookup : Non-existent domain

    Similar result when I do an nslook server1 while at server3.

    Guys, really need help on this one. This time I am going to pester you till I stop getting all errors!
    VCDX: DCV - Round 2 rescheduled (by VMware) for December 2017.

    Blog >> http://virtual10.com
    Reply With Quote Quote  

  2. SS -->
  3. MIPS processor please Mishra's Avatar
    Join Date
    Feb 2007
    Location
    Ashburn, VA
    Posts
    2,468

    Certifications
    MCSA:2012, MCITP:EA/SA, MCSE 2003, MCTS: Vista, VCP4, AAS
    #2
    server1 config: !!!!! server3 config:
    !!!!!
    IP: 192.168.0.101 !!!!! IP : 192.168.2.129
    Mask: 255.255.255.0 !!!!!! Mask : 255.255.255.0
    Def gateway : NONE SET !!!!! Def gateway : 192.168.2.2
    Preferred DNS : 192.168.0.101 !!!!!! Preferred DNS : 192.168.2.129

    Both servers are DNS server with server1 being the primary DNS server. It was only last night that I gave the role of secondary DNS to server2. At first, the forward lookup zone contoso.com would not show up on server2, even after doing either Transfer from Master or Reload from Master. But a reboot of both servers helped and server2 was able to pull the DNS information from server1.

    You are saying server2 is your DNS server but server3 is using it's DNS server as itself although it's just a stand alone server? I think you may have typoed.
    Reply With Quote Quote  

  4. VCDX in 2017 Essendon's Avatar
    Join Date
    Sep 2007
    Location
    Melbourne
    Posts
    4,489

    Certifications
    VCIX-NV, VCAP5-DCD/DTA/DCA, VCP-5/DT, MCSA: 2008, MCITP: EA, MCTS x5, ITIL v3, MCSA: M, MS in Telecom Engg
    #3
    Maybe I wasnt clear enough, pretty late in the night here. It's been a busy day!

    server1 is the primary DNS server and server3 is the secondary server. server3 is pointing to itself just as was described in CBT Nuggets and in Mark Minasi's book. Hey wait a minute, I think in CBT Nuggets, James has both servers setup as DC's, right?
    VCDX: DCV - Round 2 rescheduled (by VMware) for December 2017.

    Blog >> http://virtual10.com
    Reply With Quote Quote  

  5. MIPS processor please Mishra's Avatar
    Join Date
    Feb 2007
    Location
    Ashburn, VA
    Posts
    2,468

    Certifications
    MCSA:2012, MCITP:EA/SA, MCSE 2003, MCTS: Vista, VCP4, AAS
    #4
    That was my next question. That is do you have ADI zones setup and do you have them setup as domain controllers if so.
    Reply With Quote Quote  

  6. VCDX in 2017 Essendon's Avatar
    Join Date
    Sep 2007
    Location
    Melbourne
    Posts
    4,489

    Certifications
    VCIX-NV, VCAP5-DCD/DTA/DCA, VCP-5/DT, MCSA: 2008, MCITP: EA, MCTS x5, ITIL v3, MCSA: M, MS in Telecom Engg
    #5
    But not in Mark Minasi's book. he has server1 as the DC and the other server as the member server (but a secondary DNS server)
    VCDX: DCV - Round 2 rescheduled (by VMware) for December 2017.

    Blog >> http://virtual10.com
    Reply With Quote Quote  

  7. VCDX in 2017 Essendon's Avatar
    Join Date
    Sep 2007
    Location
    Melbourne
    Posts
    4,489

    Certifications
    VCIX-NV, VCAP5-DCD/DTA/DCA, VCP-5/DT, MCSA: 2008, MCITP: EA, MCTS x5, ITIL v3, MCSA: M, MS in Telecom Engg
    #6
    ADI on server1 as it is the only DC. The ADI option on server3 is grayed out obviously because it is not a DC.
    VCDX: DCV - Round 2 rescheduled (by VMware) for December 2017.

    Blog >> http://virtual10.com
    Reply With Quote Quote  

  8. MIPS processor please Mishra's Avatar
    Join Date
    Feb 2007
    Location
    Ashburn, VA
    Posts
    2,468

    Certifications
    MCSA:2012, MCITP:EA/SA, MCSE 2003, MCTS: Vista, VCP4, AAS
    #7
    Have to go to a meeting. Be back later.
    Reply With Quote Quote  

  9. VCDX in 2017 Essendon's Avatar
    Join Date
    Sep 2007
    Location
    Melbourne
    Posts
    4,489

    Certifications
    VCIX-NV, VCAP5-DCD/DTA/DCA, VCP-5/DT, MCSA: 2008, MCITP: EA, MCTS x5, ITIL v3, MCSA: M, MS in Telecom Engg
    #8
    Go for it, Mishra. Try not to fall asleep. I fell asleep twice today in a 3 hour meeting on Safety.

    Too late in the night here, bed's waiting.
    VCDX: DCV - Round 2 rescheduled (by VMware) for December 2017.

    Blog >> http://virtual10.com
    Reply With Quote Quote  

  10. Virtual Member undomiel's Avatar
    Join Date
    Sep 2007
    Location
    Bellevue, WA
    Posts
    2,813

    Certifications
    MCSA:2008, VCP4/5, CCA (XS), MCITP: EA/VA, MCSE, MCSA, Linux+, Security+, Server+, A+
    #9
    Maybe I'm being brain dead here, but wouldn't server1 need a default gateway so that it would be able to talk to server3 which is on a different subnet?
    Reply With Quote Quote  

  11. VCDX in 2017 Essendon's Avatar
    Join Date
    Sep 2007
    Location
    Melbourne
    Posts
    4,489

    Certifications
    VCIX-NV, VCAP5-DCD/DTA/DCA, VCP-5/DT, MCSA: 2008, MCITP: EA, MCTS x5, ITIL v3, MCSA: M, MS in Telecom Engg
    #10
    I have been thinking the same thing, undomiel. But how is everything else working. server3 is able to pull DNS information from server1 despite being a different subnet, or is that normal DNS behaviour?
    VCDX: DCV - Round 2 rescheduled (by VMware) for December 2017.

    Blog >> http://virtual10.com
    Reply With Quote Quote  

  12. MIPS processor please Mishra's Avatar
    Join Date
    Feb 2007
    Location
    Ashburn, VA
    Posts
    2,468

    Certifications
    MCSA:2012, MCITP:EA/SA, MCSE 2003, MCTS: Vista, VCP4, AAS
    #11
    Quote Originally Posted by MobilOne
    I have been thinking the same thing, undomiel. But how is everything else working. server3 is able to pull DNS information from server1 despite being a different subnet, or is that normal DNS behaviour?
    With servers on different subnets they will not be able to communicate with each other at all. If there is no route then there is no traffic. DNS/DHCP/any application it doesn't matter.

    Try to ping server3 from server1. If ping is OK then check out your 'route print' command in a CLI window and see if you can find a leftover route from testing. If so a reboot or a routing table flush will fix it to where they cannot communicate.
    Reply With Quote Quote  

  13. MIPS processor please Mishra's Avatar
    Join Date
    Feb 2007
    Location
    Ashburn, VA
    Posts
    2,468

    Certifications
    MCSA:2012, MCITP:EA/SA, MCSE 2003, MCTS: Vista, VCP4, AAS
    #12
    Quote Originally Posted by MobilOne
    Maybe I wasnt clear enough, pretty late in the night here. It's been a busy day!

    server1 is the primary DNS server and server3 is the secondary server. server3 is pointing to itself just as was described in CBT Nuggets and in Mark Minasi's book. Hey wait a minute, I think in CBT Nuggets, James has both servers setup as DC's, right?
    I'm still confused. What is server2's info and role?
    Reply With Quote Quote  

  14. Virtual Member undomiel's Avatar
    Join Date
    Sep 2007
    Location
    Bellevue, WA
    Posts
    2,813

    Certifications
    MCSA:2008, VCP4/5, CCA (XS), MCITP: EA/VA, MCSE, MCSA, Linux+, Security+, Server+, A+
    #13
    I think it was a typo. Server2 is actually server3. Am I right MobilOne?
    Reply With Quote Quote  

  15. VCDX in 2017 Essendon's Avatar
    Join Date
    Sep 2007
    Location
    Melbourne
    Posts
    4,489

    Certifications
    VCIX-NV, VCAP5-DCD/DTA/DCA, VCP-5/DT, MCSA: 2008, MCITP: EA, MCTS x5, ITIL v3, MCSA: M, MS in Telecom Engg
    #14
    Of course are right, undomiel. There is NO server2 anymore. I used to have this machine but I killed it but I sometimes still mistakenly write/say server2 instead of server3.

    So, server1 needs a default gateway. What should it be? The IP address of one of the VMWare network adapters? But the addresses of the network adapters also come up as A records...is that ok?
    VCDX: DCV - Round 2 rescheduled (by VMware) for December 2017.

    Blog >> http://virtual10.com
    Reply With Quote Quote  

  16. Virtual Member undomiel's Avatar
    Join Date
    Sep 2007
    Location
    Bellevue, WA
    Posts
    2,813

    Certifications
    MCSA:2008, VCP4/5, CCA (XS), MCITP: EA/VA, MCSE, MCSA, Linux+, Security+, Server+, A+
    #15
    You'd want the address of the adapter that fits server1's network which is the 192.168.0/24 network.
    Reply With Quote Quote  

  17. Question Mark Member rjbarlow's Avatar
    Join Date
    Apr 2007
    Location
    the few neurons in my brain... Italy!
    Posts
    419

    Certifications
    CCNA, MCSA 2k3: Messaging, MCP, 70-285. WIP: 70-236, 70-293
    #16
    MobilOne, the servers are in two different subnets.
    So, because You are using VMWare, You can do two things:
    - set a static route on both servers;
    - place a Virtual machine between the two servers and set it up as a routing server; it need to have two interfaces, one on subnet of server1 and one in the subnet of server3. Then You have to enable the "Only LAN routing" (or something similar) in this server and You have Your DNS servers communicating.

    The first option is much easier if You succed to write static routes. Type "route /?" in a prompt and try that before create a new machine.

    Have You tried first putting both servers in the ssame subnet? I think this should work even in vmware.
    Reply With Quote Quote  

  18. VCDX in 2017 Essendon's Avatar
    Join Date
    Sep 2007
    Location
    Melbourne
    Posts
    4,489

    Certifications
    VCIX-NV, VCAP5-DCD/DTA/DCA, VCP-5/DT, MCSA: 2008, MCITP: EA, MCTS x5, ITIL v3, MCSA: M, MS in Telecom Engg
    #17
    undomiel and rjbarlow, I'll try this when I get home from work (the day's just started!). Why did VMWare assign different subnets to the two machines? Is that default VMWare behaviour?
    VCDX: DCV - Round 2 rescheduled (by VMware) for December 2017.

    Blog >> http://virtual10.com
    Reply With Quote Quote  

  19. Virtual Member undomiel's Avatar
    Join Date
    Sep 2007
    Location
    Bellevue, WA
    Posts
    2,813

    Certifications
    MCSA:2008, VCP4/5, CCA (XS), MCITP: EA/VA, MCSE, MCSA, Linux+, Security+, Server+, A+
    #18
    Can't help you on that one as I use VirtualBox mostly. I thought VMWare assigned a different subnet for each type of interface though? Bridged/NAT/Host-only/Custom. I could be wrong about that. You might want to check and make sure they're all using the same network connection.
    Reply With Quote Quote  

  20. VCDX in 2017 Essendon's Avatar
    Join Date
    Sep 2007
    Location
    Melbourne
    Posts
    4,489

    Certifications
    VCIX-NV, VCAP5-DCD/DTA/DCA, VCP-5/DT, MCSA: 2008, MCITP: EA, MCTS x5, ITIL v3, MCSA: M, MS in Telecom Engg
    #19
    I have tried to put them (server1 and server2) on the same subnet. But they seem to lose network connectivity when I do that.
    VCDX: DCV - Round 2 rescheduled (by VMware) for December 2017.

    Blog >> http://virtual10.com
    Reply With Quote Quote  

  21. Senior Member
    Join Date
    May 2006
    Posts
    878

    Certifications
    A+, N+, MCDST, MCSA 2003, ACSP, ACTC, SQL Certified, Phillips/GE Emergin System Administrator
    #20
    Set the network adapter to "Bridged" That should change the IP address information so all machines are on the same subnet. I have a setup at home much like this and the bridged works great. If you use the NAT function it can become more work setting the routes than actually learning the microsoft stuff.
    Reply With Quote Quote  

  22. VCDX in 2017 Essendon's Avatar
    Join Date
    Sep 2007
    Location
    Melbourne
    Posts
    4,489

    Certifications
    VCIX-NV, VCAP5-DCD/DTA/DCA, VCP-5/DT, MCSA: 2008, MCITP: EA, MCTS x5, ITIL v3, MCSA: M, MS in Telecom Engg
    #21
    Quote Originally Posted by TechJunky
    Set the network adapter to "Bridged" That should change the IP address information so all machines are on the same subnet. I have a setup at home much like this and the bridged works great. If you use the NAT function it can become more work setting the routes than actually learning the microsoft stuff.
    Now, that's what's been at the back of my mind for a while. I have them set to NAT, I'll try setting them to bridged today. So, I am sure I'll need to make some changes in DNS settings, like pointing to the DNS server and stuff, right?
    VCDX: DCV - Round 2 rescheduled (by VMware) for December 2017.

    Blog >> http://virtual10.com
    Reply With Quote Quote  

  23. VCDX in 2017 Essendon's Avatar
    Join Date
    Sep 2007
    Location
    Melbourne
    Posts
    4,489

    Certifications
    VCIX-NV, VCAP5-DCD/DTA/DCA, VCP-5/DT, MCSA: 2008, MCITP: EA, MCTS x5, ITIL v3, MCSA: M, MS in Telecom Engg
    #22
    I have tried to set it to bridging and host-only. Neither works. Now server1 and server2 cannot even ping each other.
    VCDX: DCV - Round 2 rescheduled (by VMware) for December 2017.

    Blog >> http://virtual10.com
    Reply With Quote Quote  

  24. Senior Member
    Join Date
    Mar 2007
    Posts
    12,308
    #23
    Just manually configure their TCP/IP information and put them on their own virtual segment. Are you using VMWare Server or Workstation (can't remember)? Or, keep them as bridged and disable or edit your firewall on your host machine. It might be preventing them from obtaining DHCP information or communicating in other ways (since they have to go out and back in through your host machine). If you set them to bridged, do they obtain TCP/IP settings? Are you configuring them manually? Sorry if I missed any of that. I went through this rather quickly.
    Reply With Quote Quote  

  25. VCDX in 2017 Essendon's Avatar
    Join Date
    Sep 2007
    Location
    Melbourne
    Posts
    4,489

    Certifications
    VCIX-NV, VCAP5-DCD/DTA/DCA, VCP-5/DT, MCSA: 2008, MCITP: EA, MCTS x5, ITIL v3, MCSA: M, MS in Telecom Engg
    #24
    Quote Originally Posted by dynamik
    Just manually configure their TCP/IP information and put them on their own virtual segment. Are you using VMWare Server or Workstation (can't remember)? Or, keep them as bridged and disable or edit your firewall on your host machine. It might be preventing them from obtaining DHCP information or communicating in other ways (since they have to go out and back in through your host machine). If you set them to bridged, do they obtain TCP/IP settings? Are you configuring them manually? Sorry if I missed any of that. I went through this rather quickly.
    I'll post exact configurations:

    server1:

    IP : 192.168.0.101
    Mask: 255.255.255.0
    Def gateway: none set
    Pref DNS : 192.168.0.101

    server3:

    IP : 192.168.2.129
    Mask: 255.255.255.0
    Def gateway : 192.168.2.2
    Pref DNS : 192.168.2.129

    Now the host OS (server01) also has two VMware network adapters.

    VMnet8:
    IP : 192.168.2.1
    Mask: 255.255.255.0
    Def gateway : none set
    Pref DNS: none set

    VMnet1:

    IP: 192.168.121.1
    Mask: 255.255.255.0
    Def gateway : none set
    pref DNS : none set

    In addition, VMnet0 is set to "Bridged to an automatically chosen adapter".

    ATM, the networking is set to host-only.
    VCDX: DCV - Round 2 rescheduled (by VMware) for December 2017.

    Blog >> http://virtual10.com
    Reply With Quote Quote  

  26. Senior Member
    Join Date
    Mar 2007
    Posts
    12,308
    #25
    Do you have DHCP setup on those VMNETs, is that why they have IP/Subnet information? You don't need any of that. Just put them all on VMNet 7 and manually configure them to be on the same subnet, such as

    Server 1:
    192.168.0.1
    255.255.255.0

    Server 2 (or is it 3?):
    192.168.0.2
    255.255.255.0

    You don't even need a default gateway on either of them if they're just talking to each other on the same subnet. Later, you can install a second NIC, figure out how to get your bridged connection to work (I'm thinking it's a firewall or TCP/IP config issue), and install RRAS to route traffic through that NIC. It'll be a blast

    Just do what I said for the time being though.
    Reply With Quote Quote  

+ Reply to Thread
Page 1 of 2 1 2 Last

Social Networking & Bookmarks