SBS Config Problems

I've recently been asked to take-on support of an old SBS 2003
installation (SP2). So far I've found that:
a) Its a single NIC configuration but I cant configure that because
b) CEICW wont run - It shows the introduction screen but when you
click on Next it disappears - nothing in any log I can find.
c) DHCP wasnt included when the config was built, so still runs on a
Broadband Router, which means
d) The SBS is setup as 192.168.1.2 but each network computer is
configured to use that as primary DNS resolver, with 192.168.1.1 (the
router) as secondary.

Plus there are other items of hardware (e.g. tills and other dedicated
hardware applications) configured on the same LAN subnet.

Can I assume that if I get CEICW running that I'll be able to sort the
sinlge NIC out to get some secuirty back into the LAN?

Help with CEICW much appreciated.

JohnK

Best to start with the SBS BPA and see what it finds:

www.sbsbpa.com

As for the wizards, make sure SBS SP1 is installed (note: not Windows SP1 or
SP2 but SBS SP1) - the BPA should point it out if it is not there. The logs
for the wizards are located in C:\Program Files\Microsoft Windows Small
Business Server\Support

For DHCP you may want to turn off the broadband router DHCP and enable DHCP
on the server (do they have a firewall?). Just make sure the clients point
to the SBS server for DNS and setup your DNS forwarders (hopefully using the
CEICW if you can fix it).

--
Allan Williams




John Kappler wrote:
> I've recently been asked to take-on support of an old SBS 2003
> installation (SP2). So far I've found that:
> a) Its a single NIC configuration but I cant configure that because
> b) CEICW wont run - It shows the introduction screen but when you
> click on Next it disappears - nothing in any log I can find.
> c) DHCP wasnt included when the config was built, so still runs on a
> Broadband Router, which means
> d) The SBS is setup as 192.168.1.2 but each network computer is
> configured to use that as primary DNS resolver, with 192.168.1.1 (the
> router) as secondary.
>
> Plus there are other items of hardware (e.g. tills and other dedicated
> hardware applications) configured on the same LAN subnet.
>
> Can I assume that if I get CEICW running that I'll be able to sort the
> sinlge NIC out to get some secuirty back into the LAN?
>
> Help with CEICW much appreciated.
>
> JohnK

Thanks for that - will try BPA today.

ISTR that you cant enable DHCP on an already configured 2003 SBServer
- it can only be done at build time when it checks for other DHCP
devices and then decides for itself whether to install.

I'm fairly certain they dont have a proper Firewall but want to get
CEICW running so I can check settings - the original build was clearly
botched by someone who didnt know or couldnt be bothered to understand
SBS.

On Jan 18, 7:12*am, John Kappler <wor...@gmail.com> wrote:
> Thanks for that - will try BPA today.
>
> ISTR that you cant enable DHCP on an already configured 2003 SBServer
> - it can only be done at build time when it checks for other DHCP
> devices and then decides for itself whether to install.
>
> I'm fairly certain they dont have a proper Firewall but want to get
> CEICW running so I can check settings - the original build was clearly
> botched by someone who didnt know or couldnt be bothered to understand
> SBS.

BPA did indeed point out the lack of SP1. Installed that and the
wizards now run okay - Thank-you,

Just to finally understand the single NIC configuration with DHCP done
elsewhere: the DHCP router is set to 192.168.1.1 and the SBserver to
192.168.1.2. All the client PCs are set to fixed IP, with 192.168.1.1
as Gateway and DNS servers as 1) 192.168.1.2 and 2) 192.168.1.1.
I assume this is correc?

Thanks,

JohnK

On Tue, 18 Jan 2011 23:11:50 -0800 (PST)
John Kappler <> wrote:

> On Jan 18, 7:12Â*am, John Kappler <wor...@gmail.com> wrote:
> > Thanks for that - will try BPA today.
> >
> > ISTR that you cant enable DHCP on an already configured 2003
> > SBServer
> > - it can only be done at build time when it checks for other DHCP
> > devices and then decides for itself whether to install.
> >
> > I'm fairly certain they dont have a proper Firewall but want to get
> > CEICW running so I can check settings - the original build was
> > clearly botched by someone who didnt know or couldnt be bothered to
> > understand SBS.
>
> BPA did indeed point out the lack of SP1. Installed that and the
> wizards now run okay - Thank-you,
>
> Just to finally understand the single NIC configuration with DHCP done
> elsewhere: the DHCP router is set to 192.168.1.1 and the SBserver to
> 192.168.1.2. All the client PCs are set to fixed IP, with 192.168.1.1
> as Gateway and DNS servers as 1) 192.168.1.2 and 2) 192.168.1.1.
> I assume this is correc?
>
>
It will work most of the time, but it contains the classic SBS (indeed
AD) booby trap. The router will not contain a replica of the SBS DNS
zone files, so will not know about the workstations. In an SBS network,
there must be no DNS server listed anywhere other than the SBS itself
(internal NIC if it has two). If the SBS is slow in responding, the
client should wait for it, rather than pick up incomplete information.
While there are good reasons to use additional DNS servers, there are
even better reasons not to.

As a separate issue, I have failed to be impressed by router DNS
caches/servers on more than one occasion. They don't run BIND, or even
djbdns, because of space issues. I would use only serious DNS servers as
forwarders to the SBS, either the ISP's or OpenDNS or both.

DHCP isn't a big issue, as long as it gives out the same information as
the SBS would, particularly the DNS server. I don't to be honest know
how important the subsidiary information is, but I'd always recommend
using the SBS DHCP. As to fixed IP addresses for the workstations, if
you need to do that, the best way is by reservation in the DHCP server,
leaving the clients on full automatic. If you buy a new computer, you
just plug it up and turn it on. If you need to change the network
address, just do it with the SBS wizard and reboot everything, no need
to reconfigure everywhere.

By the way, this newsgroup was officially abandoned six months ago. and
you should now look at:

http://social.technet.microsoft.com/...server/threads

where you will find all the old familiar names.

--
Joe

Joe,

Thanks for that answer - I've added that link so will go there in
future (it took me ages to get back on here because my ISP's link to
news feeds doesnt work so I couldnt use my old agent, plus I havent
done much SBS for a year or so)

I'll persevere with trying to sort this LAN and its addressing but as
I said before I dont think they'll want to take the time and effort to
get DHCP working on the SBServer. Ho-hum.

JohnK