SBS2003 ICW will not run

Discussion in 'Windows Small Business Server' started by Jerry, Apr 27, 2004.

  1. Jerry

    Jerry Guest

    Just did a fresh stripped-down install of SBS2003 Premium
    edition (did not install ISA, Exchange, etc, no windows
    updates applied yet). This machine has two NICs, both with
    static IP addr. There is a DHCP scope defined and
    associated only with the client side NIC (DHCP is not
    bound to the upstream NIC). I can get to the internet
    using the upstream NIC (am using the machine to post this)
    but when I try to run the ICW, it returns "The wizard
    cannot set the DHCP scope options. Ensure the DHCP server
    service is running (it is!).

    The remainder of the message says that I can alternatively
    disable DHCP and then configure the client addresses. I
    also tried disabling DHCP service, but get the same
    error.

    Setting aside the question as to why the wizard would
    think that it needs to set any DHCP options in the first
    place, is this likely to cause any problems with ISA or
    another firewall running on this server, or does it only
    affect the browser and email accounts on the server itself?

    I can get where I need to go on the server by adding each
    website to the trusted list, which is a PITA, but I can
    live with that if there isn't a fix/workaround.
     
    Jerry, Apr 27, 2004
    #1
    1. Advertisements

  2. Can you post the ipconfig/all please?
     
    Marina Roos [SBS-MVP], Apr 28, 2004
    #2
    1. Advertisements

  3. Jerry

    Jerry Guest

    Here it is...

    Microsoft Windows [Version 5.2.3790]
    (C) Copyright 1985-2003 Microsoft Corp.

    C:\>ipconfig /all

    Windows IP Configuration

    Host Name . . . . . . . . . . . . : sbs2003
    Primary Dns Suffix . . . . . . . : cbc.local
    Node Type . . . . . . . . . . . . : Hybrid
    IP Routing Enabled. . . . . . . . : No
    WINS Proxy Enabled. . . . . . . . : No
    DNS Suffix Search List. . . . . . : cbc.local

    Ethernet adapter mainboard NIC 192.168.7.100:

    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Realtek RTL8139
    Family PCI Fast Ethernet
    NIC
    Physical Address. . . . . . . . . : 00-20-ED-19-14-A6
    DHCP Enabled. . . . . . . . . . . : No
    IP Address. . . . . . . . . . . . : 192.168.7.100
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Default Gateway . . . . . . . . . : 192.168.7.1
    DNS Servers . . . . . . . . . . . : 192.168.7.100
    209.193.72.2
    Primary WINS Server . . . . . . . : 192.168.7.100

    Ethernet adapter PCI NIC10.10.10.1:

    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : D-Link DFE-530TX
    PCI Fast Ethernet Adapte
    r (rev.A)
    Physical Address. . . . . . . . . : 00-50-BA-04-A4-33
    DHCP Enabled. . . . . . . . . . . : No
    IP Address. . . . . . . . . . . . : 10.10.10.1
    Subnet Mask . . . . . . . . . . . : 255.0.0.0
    Default Gateway . . . . . . . . . :
    DNS Servers . . . . . . . . . . . : 192.168.7.100
     
    Jerry, May 4, 2004
    #3
  4. Hi Jerry,

    Sorry, just noticed your reply.

    DNS on your servernic(s) should *only* point to your server-IP, so delete
    that 209-address. The internal nic should have a blanc gateway (assuming the
    192 is your internal nic).
    The external nic should have its gateway pointing to your router-IP.

    Check bindingorder and make sure the internal nic is on top. Now try to run
    the ceicw wizard again.

    --
    Regards,

    Marina
    Microsoft SBS-MVP

     
    Marina Roos [SBS-MVP], May 6, 2004
    #4
  5. Jerry

    Guest Guest

    Hi Marina,

    The 209 DNS address is the one for the ISP. How can I get
    to the internet for the server if its internet side NIC is
    not configured to use the ISP's DNS? Does it automatically
    locate the ISP's DNS?

    The 192 NIC is the ROTW NIC, the 10.10... NIC is the
    client side/internal NIC.

    Will try your suggestions in the morning, unless I hear
    back from you before then.

    Jerry
     
    Guest, May 6, 2004
    #5
  6. DNS-server on SBS will take care of getting dns requests out to the
    internet. If you have run the CEICW wizard, it has asked you about the ISP
    DNS-numbers. Those numbers will be put in the tab Forwarders of your
    DNS-server.
    If the 10-IP is your internal nic, than DNS should point to your server-IP.
    It should also have that IP on tab WINS (advanced TCP/IP properties).
    Your external nic should not have a wins -address and have the DNS pointing
    to your server-IP.

    Make the changes, and rerun CEICW.

    --
    Regards,

    Marina
    Microsoft SBS-MVP

     
    Marina Roos [SBS-MVP], May 7, 2004
    #6
  7. Jerry

    Jerry Guest

    Marina,

    I'm pretty sure I've got it set per your suggestions
    (ipconfig /all below), but I still get the "wizard cannot
    set dhcp scope options" error. DHCP is running, and a
    scope is defined for the client side. I'm still not sure
    why the wizard would care about dhcp. Is this an erroneous
    error message? Does this mean that the wizard cannot be
    run in the case where you don't want to use dhcp?

    The 192 net is the internet side, and the 10 net is the
    client side.

    What should I try next?

    C:\>ipconfig /all

    Windows IP Configuration

    Host Name . . . . . . . . . . . . : sbs2003
    Primary Dns Suffix . . . . . . . : cbc.local
    Node Type . . . . . . . . . . . . : Hybrid
    IP Routing Enabled. . . . . . . . : Yes
    WINS Proxy Enabled. . . . . . . . : No
    DNS Suffix Search List. . . . . . : cbc.local

    Ethernet adapter mainboard NIC 192.168.7.100:

    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Realtek RTL8139
    Family PCI Fast Ethernet
    NIC
    Physical Address. . . . . . . . . : 00-20-ED-19-14-A6
    DHCP Enabled. . . . . . . . . . . : No
    IP Address. . . . . . . . . . . . : 192.168.7.100
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Default Gateway . . . . . . . . . : 192.168.7.1
    DNS Servers . . . . . . . . . . . : 192.168.7.100

    Ethernet adapter PCI NIC10.10.10.1:

    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : D-Link DFE-530TX
    PCI Fast Ethernet Adapte
    r (rev.A)
    Physical Address. . . . . . . . . : 00-50-BA-04-A4-33
    DHCP Enabled. . . . . . . . . . . : No
    IP Address. . . . . . . . . . . . : 10.10.10.1
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Default Gateway . . . . . . . . . :
    DNS Servers . . . . . . . . . . . : 192.168.7.100
    Primary WINS Server . . . . . . . : 192.168.7.100

    C:\>
     
    Jerry, May 7, 2004
    #7
  8. Hi Jerry,

    Your external nic should have the server-IP in its DNS (so that would be
    10.10.10.1).
    You internal nic should have DNS and WINS set to the server-IP (also
    10.10.10.1)

    You have switched it around now.

    So recap:
    Internal
    IP: 10.10.10.1
    DNS :10.10.10.1

    External:
    IP: 192.168.7.100
    GW: 192.168.7.1
    DNS 10.10.10.1

    --
    Regards,

    Marina
    Microsoft SBS-MVP

     
    Marina Roos [SBS-MVP], May 7, 2004
    #8
  9. Jerry

    Jerry Guest

    Marina,

    Sorry, I was confused about what you meant by server IP -
    you mean client side IP, or DHCP server IP? Does this
    somehow become the master IP address of the server, as
    opposed to the internet side NIC? Sorry if it is a dumb
    question - I am from the unix server world.

    Anyways, I made the changes you requested, and still get
    the same error when I try to run the ICW. Ipconfig is
    shown below. Note that the 209... address secondary DNS
    server was added to the ROTW NIC _after_ I tried running
    the ICW. I had to add it back in because I couldn't get to
    the internet anymore with 10.10.10.1 as the sole DNS.

    What should I try next? What is the risk of manually
    configuring DNS, etc and forgetting about the ICW?


    C:\>ipconfig /all

    Windows IP Configuration

    Host Name . . . . . . . . . . . . : sbs2003
    Primary Dns Suffix . . . . . . . : cbc.local
    Node Type . . . . . . . . . . . . : Hybrid
    IP Routing Enabled. . . . . . . . : Yes
    WINS Proxy Enabled. . . . . . . . : No
    DNS Suffix Search List. . . . . . : cbc.local

    Ethernet adapter mainboard NIC 192.168.7.100:

    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Realtek RTL8139
    Family PCI Fast Ethernet
    NIC
    Physical Address. . . . . . . . . : 00-20-ED-19-14-A6
    DHCP Enabled. . . . . . . . . . . : No
    IP Address. . . . . . . . . . . . : 192.168.7.100
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Default Gateway . . . . . . . . . : 192.168.7.1
    DNS Servers . . . . . . . . . . . : 10.10.10.1
    209.193.72.2

    Ethernet adapter PCI NIC10.10.10.1:

    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : D-Link DFE-530TX
    PCI Fast Ethernet Adapt
    r (rev.A)
    Physical Address. . . . . . . . . : 00-50-BA-04-A4-33
    DHCP Enabled. . . . . . . . . . . : No
    IP Address. . . . . . . . . . . . : 10.10.10.1
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Default Gateway . . . . . . . . . :
    DNS Servers . . . . . . . . . . . : 10.10.10.1
    Primary WINS Server . . . . . . . : 10.10.10.1

    C:\>
     
    Jerry, May 7, 2004
    #9
  10. Hi Jerry,

    Welcome to windows ;) BTW, no dumb question, but you might get some dumb
    answers ;-)

    Your server-IP is the static IP you put in the IP-field of the networkcard,
    tcp/ip properties. That is the so called internal nic. This internal nic
    connects to a hub/switch where the other workstations are connecting to too.
    So assuming the 10.10.10.1 is the IP of your internal nic, that nic is
    configured properly.
    The external nic however (the one that is connecting to the outside world
    through a router e.g.) is not set right.
    DNS should *only* point to your internal nic-IP (10.10.10.1) Furtermore,
    only TCP/IP should be checked on the nic-properties, all others (file and
    printersharing, client of ms networks etc.) should be unchecked.

    Check the networkbindings in Network Connections, Advanced, advanced, and
    make sure the internal nic is on top.

    Then rerun the ICW-wizard and show us the results.
    You don't want to change things manually at this point. You will use the
    wizard.


    --
    Regards,

    Marina
    Microsoft SBS-MVP

     
    Marina Roos [SBS-MVP], May 7, 2004
    #10
  11. Jerry

    Jerry Guest

    Marina,

    Responses in-line, below...
    Ok, but both of my server's NICs have static addresses
    assigned. In MS parlance, is the "server-ip" always the
    client side NIC?

    This internal nic
    (10.10.10.1)

    I know. As I said, I couldn't get to the internet to post
    this message until I added the 209 address back in.

    Furtermore,
    unchecked.

    For security purposes, correct?
    I had already done that, after you first suggested it.
     
    Jerry, May 7, 2004
    #11
  12. Hi Jerry,

    Inline:

    --
    Regards,

    Marina
    Microsoft SBS-MVP

    Let's forget the word clientside.
    The internal nic has the static IP for the server (10.10.10.1 is your
    server-IP) and connects to the hub/switch which has the other connections to
    the workstations.
    Internal network : internal nic
    Delete that 209 address in the DNS-field and let it only point to your
    server-IP 10.10.10.1.
    Yes, and because it is not needed. The internal nic does have all those
    options checked though.
    Ok. So rerun it and check the DNS field on your external nic afterwards. Do
    you get any errors when running that wizard?

    Marina
     
    Marina Roos [SBS-MVP], May 7, 2004
    #12
  13. Jerry,

    BTW: are you using the server to get this message posted? That is a bad
    habit you know. Better use a workstation.
    If you are using outlook express on the server, it explains why you can't
    get posted to the internet. Just try the wizard and then try to get on the
    internet from the server with just plain Internet Explorer. If that works,
    we'll get to the next step: getting the workstations on the internet.
     
    Marina Roos [SBS-MVP], May 7, 2004
    #13
  14. Jerry

    Jerry Guest

    Marina,

    After deleting the 209 DNS address, unchecking the non-tcp
    stuff on the 192 NIC, ensuring that the internal NIC is
    first in the binding list, etc, the wizard still will not
    run, aborting after the same error message referencing the
    dhcp scope options.

    Jerry

     
    Jerry, May 7, 2004
    #14
  15. Hi Jerry,

    Can you give me the details about the dhcp-setup? The scope, the exclusions,
    the options in Scope options?

    --
    Regards,

    Marina
    Microsoft SBS-MVP

     
    Marina Roos [SBS-MVP], May 7, 2004
    #15
  16. Jerry

    Jerry Guest

    Marina,

    Responses in-line...



    Can't do Windows update without Internet Explorer...
    I had been using Internet Explorer on the server to post
    to this thread, but I'm now using a workstation. I was not
    using Outlook Express or Outlook.

    Just try the wizard and then try to get on the
    Explorer.

    The wizard still fails; same message.

    If that works,
     
    Jerry, May 7, 2004
    #16
  17. can you post the icwlog.file?
     
    Marina Roos [SBS-MVP], May 7, 2004
    #17
  18. Hi Jerry,

    Did you see my other post about getting the dhcp-details for me?

    --
    Regards,

    Marina
    Microsoft SBS-MVP
     
    Marina Roos [SBS-MVP], May 8, 2004
    #18
  19. Jerry

    Jerry Guest

    No file by that name on the machine. I did a search on
    icw*.*

    Jerry
     
    Jerry, May 10, 2004
    #19
  20. Jerry

    Jerry Guest

    No, for some reason, that post did not/does not appear in
    the search results, but here is the info...

    Server Properties...

    General tab
    DHCP audit logging enabled

    DNS tab
    dynamic dns updates = disabled

    Advanced tab
    binding = 10.10.10.1
    rest = defaults

    Scope Properties...

    General tab
    start IP addr 10.10.10.2
    end IP addr 10.10.10.100
    subnet mask 255.255.255.0
    lease duration = default (8hr)

    DNS tab
    dynamic dns updates = disabled

    Advanced tab
    DHCP only

    All other values = defaults

     
    Jerry, May 10, 2004
    #20
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.