small test network help

Discussion in 'Server Networking' started by Frank, May 30, 2004.

  1. Frank

    Frank Guest

    Small test network at home. 1 W2k dc and 2 xp pro clients i netgear 5 port
    switch( no internet involved). right off the bat I get "the system cannot
    not log you on now because the domain grcc is not available". I know this is
    pretty generic, but all I can find at MS is procedure for reinstall 128 bit
    encryption files, seems a bit drastic? Where can I look?
    Thanks
    Frank l
     
    Frank, May 30, 2004
    #1
    1. Advertisements

  2. If you log into one of the XP Pro clients with the local admin account, can
    you ping the DC by name? Got an IP on the right network? What's doing DHCP,
    presuming you use it?
    Is the server multihomed?
    What's your AD DNS setup? All servers and workstations should specify *only*
    the internal AD-integrated DNS server's IP address in their network
    settings. The AD-integrated DNS server should be set up with forwarders to
    your ISP's DNS servers for external resolution. See
    http://support.microsoft.com/default.aspx?scid=kb;en-us;300202 for more
    info.
     
    Lanwench [MVP - Exchange], May 30, 2004
    #2
    1. Advertisements

  3. Frank

    Frank Guest

    I think maybe I worded my questions wrong. When I said ni internet, I meant
    there is no router, or any internet connection involved, I do not want one
    for this setup right now. I will now check all the items you mentioned as
    best I can and post back here.
    Thanks very much
    Frank


    "Lanwench [MVP - Exchange]"
     
    Frank, May 30, 2004
    #3
  4. OK - then you don't need the forwarders in your AD DNS. The rest should
    still apply - post back after you've tried!
     
    Lanwench [MVP - Exchange], May 30, 2004
    #4
  5. Frank

    Frank Guest

    If you log into one of the XP Pro clients with the local admin account, can
    you ping the DC by name?
    No
    assigning IP to 2 winxp clients
    This is where my problem is, I am sure.
    the internal AD-integrated DNS server's IP address in their network
    settings.
    They do.
    Now here are errors from netdiag:
    C:\>netdiag /test:dns


    .......

    Computer Name: MCSA1

    DNS Host Name: mcsa1.grcc.com

    System info : Windows 2000 Server (Build 2195)

    Processor : x86 Family 15 Model 2 Stepping 9, GenuineIntel

    List of installed hotfixes :

    Q147222




    Netcard queries test . . . . . . . : Passed




    Per interface results:


    Adapter : Local Area Connection

    Netcard queries test . . . : Passed



    Global results:




    Domain membership test . . . . . . : Passed




    NetBT transports test. . . . . . . : Passed

    List of NetBt transports currently configured:

    NetBT_Tcpip_{B3E60E3C-B933-4313-915A-8907B5A5BB30}

    1 NetBt transport currently configured.





    DNS test . . . . . . . . . . . . . : Failed

    [WARNING] The DNS entries for this DC are not registered correctly on
    DNS se

    rver '192.168.1.1'. Please wait for 30 minutes for DNS server replication.

    [FATAL] No DNS servers have the DNS records for this DC registered.

    The command completed successfully

    END



    I have waited all day, configuration is screwy, I guess, but I cannot
    correct it. Dumb, I know.



    Here is dcdiag results:



    C:\>dcdiag



    Domain Controller Diagnosis



    Performing initial setup:

    Done gathering initial info.



    Doing initial required tests



    Testing server: Default-First-Site-Name\MCSA1

    Starting test: Connectivity

    3588efed-4788-4d40-807e-938313628378._msdcs.grcc.com's server GUID
    DNS

    name could not be resolved to an

    IP address. Check the DNS server, DHCP, server name, etc

    Although the Guid DNS name

    (3588efed-4788-4d40-807e-938313628378._msdcs.grcc.com) couldn't be

    resolved, the server name (mcsa1.grcc.com) resolved to the IP
    address

    (192.168.1.1) and was pingable. Check that the IP address is

    registered correctly with the DNS server.

    ......................... MCSA1 failed test Connectivity



    Doing primary tests



    Testing server: Default-First-Site-Name\MCSA1

    Skipping all tests, because server MCSA1 is

    not responding to directory service requests



    Running enterprise tests on : grcc.com

    Starting test: Intersite

    ......................... grcc.com passed test Intersite

    Starting test: FsmoCheck

    ......................... grcc.com passed test FsmoCheck



    I will keep looking and searching, but I figured this info would help with
    finding my(proably stupid) problem

    Frank L







    "Lanwench [MVP - Exchange]"
     
    Frank, May 30, 2004
    #5
  6. Inline -
    That sounds bad...
    Can you ping the DC from a workstation by IP address?
    OK - I meant, what is running the DHCP server? Your DC?
    Good :)
    Naw, not a stupid question/problem at all. One generally learns more by
    working with broken stuff!

    1. Is 192.168.1.1 the IP address of your DC/server? I'm reckonin' so....
    2. Do an ipconfig /all on both the server and on a client, and post them
    here - you can pipe to a text file to make this easier. ipconfig /all
    3. What's in your DHCP scope for the domain name setting? It needs to match
    the server's - so it should be workstation.grcc.com since the server is
    mcsa.grcc.com
    4. Any services not started on the DC, such as the DNS client? Any errors in
    the system or app log on the server?

    <snip>
     
    Lanwench [MVP - Exchange], May 31, 2004
    #6
  7. Frank

    Frank Guest

    Hey,
    I appreciate you sticking with me. Another Problem I ues a removable bay to
    swap HD's. One has my regular crap, the other is the w2k server( the server
    has no internet connection so I need to get off the net, swap drives , etc.
    192.168.1.1 is the DC, scope is 192.168.1.3-192.168.1.10 , dhcp seems to be
    working, both xp clients show .3 and .4 as ip's, which match what is in the
    DC for leases. ipconfig shows OK, but I will post.Dns on clients is correct,
    point to server. dns suffix is grcc.com(domain name. server is
    mcsa1.grcc.com. Oh, my DC is also my dns, dhcp, etc, but I guess you knew
    that.I will disconnect now and check the other things you mentioned. I'll be
    back
    Thanks
    Frank
    "Lanwench [MVP - Exchange]"
     
    Frank, May 31, 2004
    #7
  8. Frank

    Frank Guest

    Hi,
    well, I have decided to start all over. I have fallen into a pretty common
    group I fear. I learned (schools and books) how to install and configure W2k
    and dcpromo, etc. I always knew windows really well, desktop support is my
    forte, I guess. I have passed 210,215, 218. I have gotten a job(part time)
    in a club with a small network(W2k DC, 11 clients, mixed mode). I add new
    users, installed MS Mail and added all users to that (outlook), etc. Added a
    few printers and a few new PC's. Anyway, I have forgotten the basics and
    need to re learn. If you do not use it , you lose it, and considering I
    never really had it, oh well. I am going to re format and start all over. I
    see no other solution. Thanks so much for your help and time.
    Regards,
    Frank L
    "Lanwench [MVP - Exchange]"
     
    Frank, May 31, 2004
    #8
  9. Frank

    Frank Guest

    I'm back, I know I took the easy way out, but I needed to get it right.
    Anyway, I have one client Winxp pro that DOES connect and log in the server.
    But still, my laptop gets the same not available error. I also turned up a
    new error:
    An error occured when dns was quired for the srv record used to locate a dc
    for doamin grcc.com.
    no connection could be made because the target machine actively refused it.
    error 0x0000274D WSAECONNREFUSED
    The query was for the SRV record for _ldap_tcp.dc_msdcs.grcc.com
    Since my hp client can ping, logon, etc. I have to believe the problem is
    with my other client. But they are identical as far as ipconfig goes(except
    that the ip is 169 etc.apipa. The only difference is the hp client is a new
    install xp pro and the laptiop(2nd client) has been used by me for the last
    16 months for many reasons, including using the internet with my cable
    modem.
    However the DC shows a lease for the laptop and an ip address? This is
    really frustrating. Sorry for the long post. Any ideas?
    Thanks
    Frank L

    "Lanwench [MVP - Exchange]"
     
    Frank, Jun 2, 2004
    #9
  10. Did you make the Laptop a Domain Member? Domain Membership isn't required
    for it to have a lease in DHCP or a "A" record in DNS, but it does have to
    be a Member to "login" to the Domain.

    Personal Firewall (of any brand) running on the Laptop?

    Did you scan the laptop for virus with AV Software that is verified to be
    up-to-date?

    Did you scan the laptop for Spyware using Ad-Aware (www.lavasoftusa.com) or
    something else similar?


    --

    Phillip Windell [MCP, MVP, CCNA]
    www.wandtv.com


     
    Phillip Windell, Jun 2, 2004
    #10
  11. Frank

    Frank Guest

    I keep it up to date , but I never have run a full scan, I will do so now
    Yes, but I will repeat the scan
    Thanks very much for the reply, I will report back after the scans
    Frank L
     
    Frank, Jun 3, 2004
    #11
  12. Frank

    Frank Guest

    No Luck, ran a full scan in safe mode, ran adaware wioth newsest defs(same
    for AV) I am truly frustrated. Wondering if deleting the user and creating a
    new one on the laptop would do it? I cannot do the studying I would like to
    do with only one client. what a mess.
    Frank L

     
    Frank, Jun 3, 2004
    #12
  13. You don't need any accounts on the Laptop to log into the domain,...you need
    the account to be on the domain if that is what you are loging into.

    It is bad practice to use underscores in the machine names. Switch the
    machine to a Worgroup, remove any underscores from the name, delete the
    machine account in Active Directory if it happens to still be there, then
    rejoin the domain.
     
    Phillip Windell, Jun 3, 2004
    #13
  14. Frank

    GRCC Guest

    Sorry, I meant delete the account on the server. It was late and I was a bit
    dizzy. There are no underscores in the name. laptop is the name of the
    laptop.
    Thanks
    Frank
     
    GRCC, Jun 3, 2004
    #14
  15. Frank

    Roland Hall Guest

    in message : Sorry, I meant delete the account on the server. It was late and I was a
    bit
    : dizzy. There are no underscores in the name. laptop is the name of the
    : laptop.
    : Thanks
    : Frank

    Frank...

    If you get an APIPA address, you have a connectivity issue. You're not
    getting a valid IP address from the DHCP. This could be a physical problem
    (patch cable, port, NIC), NIC driver...

    Remove the IP address assigned to the laptop from DHCP.
    From a command prompt:
    ipconfig /release
    ipconfig /renew

    (even if you have an APIPA, release will give you 0.0.0.0)

    Did you ever say which OS was running on the laptop or did I miss that?
    Are you running anything on the laptop that did not come with the OS, IDS,
    personal firewall, if XP ICF, an entry in your HOSTS file for 192.168.1.1...

    If you still do not get an IP from DHCP, have you tried putting in a static
    IP address and trying to ping the server by name?
    Which brand laptop is this?
    Which SP level are you at for the OS?
    Are there OEM drivers that need to be reapplied after SPs are run, like with
    HP/Compaq [although I find this more so on servers]?

    --
    Roland Hall
    /* This information is distributed in the hope that it will be useful, but
    without any warranty; without even the implied warranty of merchantability
    or fitness for a particular purpose. */
    Online Support for IT Professionals -
    http://support.microsoft.com/servicedesks/technet/default.asp?fr=0&sd=tech
    How-to: Windows 2000 DNS:
    http://support.microsoft.com/default.aspx?scid=kb;EN-US;308201
    FAQ W2K/2K3 DNS:
    http://support.microsoft.com/default.aspx?scid=kb;EN-US;291382
     
    Roland Hall, Jun 4, 2004
    #15
  16. Frank

    Frank Guest

    Yes, I know, I switched the cable twice, tested, it on the other client(OK)
    The Nic connects to the net throught the cable modem fine when I connect it
    there, so It's not the nic. Maybe the port, but I do not know how to check
    or correct that.
    The laptop is getting an IP address since i deleted the account and put it
    back in(new sid) It also has an 8 day lease? How is that possible? Renew
    says times out saying cannot find dhcp server
    Been there, done that. didn't help
    192.168.1.1...
    Yes, I did, xp pro, no firewalls . Didn't know I needed a host file on the
    laptop, thought that was for pre windows2000?
    Dell Inspiron 8100/SP1 and all critical patches, no oem drivers

    Well, I am standing on the edge of the cliff. Wavering :-(
    Reformat and reinstall xp on the laptop Oh no please say it ain't so.
    Frank
     
    Frank, Jun 4, 2004
    #16
  17. Just give the thing a valid static address and other network settings for
    your system. Let it run with that for a few days to make sure everything
    *else* works. Then when you are confident that there are no other issues
    with the machine, then revisit the DHCP issue.

    --

    Phillip Windell [MCP, MVP, CCNA]
    www.wandtv.com


     
    Phillip Windell, Jun 4, 2004
    #17
  18. Frank

    Frank Guest

    I have given it a static Ip address, still cannot ping, etc, etc. I am
    posting various error messages and also ipcongig /all for the server and the
    laptop. It is a bit lengthy, so I am attaching it as a txt file Please
    remember, I started out using dhcp, then deleted the user account on the
    server, recreated it(new sid) now I have used a static IP
    Frank L

     
    Frank, Jun 5, 2004
    #18
  19. Frank

    Frank Guest

    To Roland and Phillip and everyone else here, In case you do not read all of
    this, I must start with my intended ending: I am very sorry if I wasted
    valuable time that you guys could have used to help others. That certainly
    never was my intention, OK!
    I have learned a valuable lesson in the last 2 days, mostly through negative
    results. I learned to read the event logs, investigate error messages ., and
    much more. One of my problems is solved. I CAN now ping back and forth from
    the laptop to the server and the server has issued a valid IP address and
    lease to the laptop (I set it back to DHCP enabled. The PROBLEM :-(, I
    received an error 65 message, MS KB mentioned Zonealarm. I was asked right
    off about firewalls, I said no firewalls. But, I forgot that ZA was
    installed when I used the laptop with the cable modem a week ago. I
    disabled it, but obviously that was not enough. I removed it, and now I can
    at least ping back and forth, I STILL cannot log in, I get the same message
    about the domain not being available. I will now do my best to try and
    figure this out, of course, I would sure love some help
    Thanks so very much,
    Frank L

     
    Frank, Jun 5, 2004
    #19
  20. Frank

    Frank Guest

    Could this be my problem?
    Microsoft Knowledge Base Article - 328570 ( I have applied SP4 to the
    server, still no luck)
    Frank L

     
    Frank, Jun 5, 2004
    #20
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.