Windows 2003 and subsequent Home Network issues

Discussion in 'Server Networking' started by Pikk, Nov 24, 2004.

  1. Pikk

    Pikk Guest

    I've recently upgraded our company domain server to 2003 server and use
    this for DNS as well. Prior to this, we ran NT 4. Now several of us have
    laptops (including myself) and home wireless/wired networks. All of which
    worked flawlessly before the server upgrade. Now...when myself or others try
    to connect to their home workgroups (to XP or Win2k boxes), we're getting
    the error. "There are no logon servers available to service the logon
    request". This happens whether I try to connect to a Win2K box or an XP box.
    Both machines are on a wired/wireless b network using a Linksys Broadband
    Router. Others that are having the same problem use Linksys as well as other
    brands...same problem occurs. I assume this is a DNS issue. Also worthy of
    noting is that we all run IpSec thru FreeSwan for our VPN and this of course
    works fine. In any event...I've tried everything to try and fix this and
    still no luck. I'm going a little nuts trying to resolve this. Strangely
    enough though...I used "Net Use" once and it did work for one of my machines
    but now...not anymore. Same error at the DOS prompt every time.

    Am I missing something??

    Please, need help! :(

    TIA,
    Pikk
     
    Pikk, Nov 24, 2004
    #1
    1. Advertisements

  2. can you ping the DNS server by ip? if yes, can you ping it by name? What do
    you get if using nslookup?

    --
    For more and other information, go to http://www.ChicagoTech.net

    Don't send e-mail or reply to me except you need consulting services.
    Posting on MS newsgroup will benefit all readers and you may get more help.

    Bob Lin, MS-MVP, MCSE & CNE
    Networking, Internet, Routing, VPN, Anti-Virus, Tips & Troubleshooting on
    http://www.ChicagoTech.net
    Networking Solutions, http://www.chicagotech.net/networksolutions.htm
    VPN Solutions, http://www.chicagotech.net/vpnsolutions.htm
    VPN Process and Error Analysis, http://www.chicagotech.net/VPN process.htm
    VPN Troubleshooting, http://www.chicagotech.net/vpn.htm
    This posting is provided "AS IS" with no warranties.
     
    Robert L [MS-MVP], Nov 24, 2004
    #2
    1. Advertisements

  3. Pikk

    Bill Grant Guest

    If your machine is configured to log into a domain and it is connected to
    an IP network, it will try to do a domain login. So the delay you see is
    caused by the machine trying to find the DNS server to get the location of
    the login server.

    Search Help for info on hardware profiles. You may need to set up a
    different hardware profile for your home and office setup. There are also
    third party software solutions such as netswitcher www.netswitcher.com
     
    Bill Grant, Nov 25, 2004
    #3
  4. Pikk

    Bill Grant Guest

    If you are running XP, you could also look at the alternate config option
    on your NIC.
     
    Bill Grant, Nov 25, 2004
    #4
  5. Pikk

    Pikk Guest

    Bill

    Thanks for the reply. I have to admit...I'm very new to DNS and Win2K3
    so bear with me. This email may get a little long but I really need helpt o
    fix this. My boss is threatening to hire an outside consutant for this now.
    It appears that his wireless access at the airport fails now too. :(
    Anyway...following is a breakdown of what my configuration is and whatI've
    tried. I hope this is not too long.

    Basically...what I said in my first email, stands. Last night I tried a new
    HW profile to no avail. Same logon server error. I've also tried netswitcher
    and this failed also. As well, I created a new lmhosts file and this...of
    course, didn't work either. It appears to me that maybe I'm missing
    something on my server. Or maybe our machine names screw it up. If I could
    at least get it working when logged into the VPN...that'd be fine. But even
    this fails to allow us to browse our home and/or "outside wireless" networks
    although, access to our server and exchange mail works.

    Here's my configuration.

    Laptop w/ Win2K Pro. SP3 (all remote users...same config)
    Machine connects to a Win2K3 Server that runs DNS and DHCP, at the office.
    Machine names are "laptop.hq.mydomain.com"
    IP config is standard...use DHCP and I add the Win2K3 server's IP for DNS
    (which I think I need to change)
    lmhosts file used for remote access to certian servers...mainly the Exchange
    box.
    My new lmhosts (I created last night for testing), looks like this
    ....
    205.207.240.129 srv2k3
    205.207.240.129 "srv2k3 \0x1b" #PRE
    205.207.240.129 srv2k3 #PRE #DOM:srv2k3 #DII DC
    ....

    My old lmhosts looks like this.
    ....
    205.207.240.129 srv2k3 #PRE #DOM:server
    205.207.240.179 unity #PRE #DOM server
    205.207.240.129 srv2k3 #PRE
    205.207.240.157 wdemo
    ....
    nslookup returns this when I run it at work. ???
    DNS request timed out.
    timeout was 2 seconds.
    *** Can't find server name for address 205.207.240.129: Timed out
    *** Default servers are not available
    Default Server: UnKnown
    Address: 205.207.240.129

    Anyway...that's all for now. Again, sorry for the huge reply.

    Thanks Tons!!

    P'
     
    Pikk, Nov 25, 2004
    #5
  6. Pikk

    Alan D. Guest

    Are you trying to log on to your company domain from outside of your
    companies LAN? Or are you simply trying to use the laptop for general
    purpose use while away from the company headquarters?
     
    Alan D., Nov 25, 2004
    #6
  7. Pikk

    Pikk Guest

    Yes...well a bit of both.

    All of us that have the issue run laptops. Under the old setup (NT 4.0 PDC),
    we had no problems. When we are away from the network (home or on the road),
    we run IpSec to FreeSwan for a VPN into the office. This gives my users and
    myself access to Exchange and Goldmine server. This actually still works
    except when trying to connect from certain access points like the airports
    wireless zones. In any event, the problem follows us home too. I can no
    longer gain access to my home network since the server upgrade. I get "No
    logon servers available..." errors when I try. Same for all others.

    So, to sum up...we use our LT's for VPN and for connecting across our home
    networks.

    Thanks for your time!

    P :)
     
    Pikk, Nov 25, 2004
    #7
  8. Pikk

    Alan D. Guest

    When you are away from the office, when logging in to your laptop, are you
    using your normal domain account, or an alternate "local computer" account?
     
    Alan D., Nov 26, 2004
    #8
  9. Pikk

    Pikk Guest

    Hi Alan

    I use my normal domain account. I have to do this because I want to be able
    to connect to my Exchange server (via ourVPN). It's an interesting question
    because my home network access is fine when I login locally on my laptop as
    administrator...so as I suspect other users will work as well. Problem
    is...we need to access the Exchange server and run Outlook. Logging in
    locally creates another set of problems where that's concerned.

    P
     
    Pikk, Nov 28, 2004
    #9
  10. Pikk

    Bill Grant Guest

    With NT, you find the login server by its Netbios name. With AD, you
    find it through DNS.

    If you want to do a domain login from your home network, your client will
    need to have some way of finding the corporate DNS server. (If it can't,
    there will be a long delay.) That is where the SRV records to identify the
    logon server are stored. Is the VPN up when you try to login, or do you need
    to log in first?
     
    Bill Grant, Nov 29, 2004
    #10
  11. Pikk

    Pikk Guest

    Bill

    Actually...we're not trying to do a domain login from the home network. We
    are simply trying to get onto our home networks. Logging into the domain is
    not the problem. The problem is that when I'm at home, connected to my
    router via my LT (logged in with my domain account)...I can't get on to my
    home network. I get logon server errors. VPN works fine on most
    networks...including home. And if I login locally on my laptop with the
    admin account...I can see my home network fine.

    I know..it's rather confusing. :)

    THnx

    P
     
    Pikk, Nov 29, 2004
    #11
  12. Pikk

    Bill Grant Guest

    I don't really find that bit confusing. If you are logged into your work
    domain, you will not have valid credentials for your home network (and vice
    versa). That is how it is supposed to work.
     
    Bill Grant, Nov 29, 2004
    #12
  13. Pikk

    Pikk Guest

    Hi Bill

    Well, I beg to differ but perhaps this is how it works in the Win2K3 world.
    It certainly worked fine when we were running NT 4.0 Server. So I'm assuming
    it's a name resolution problem with DNS.
     
    Pikk, Nov 30, 2004
    #13
  14. Pikk

    Bill Grant Guest

    It would work OK in a pre-W2000 setup if the workgroup name and the
    Netbios name of the domain were the same. In fact it would probably still
    work OK now under those circumstances. A domain login would be all you need
    to do.

    The whole point of all this is that a username is linked to both the
    password and the logon entity. A logon to a local machine/workgroup does not
    give a user the right to access domain resources. The reverse is also true.
    A logon to a domain does not give you access to workgroup resources.

    If you want to access local resources while logged onto the domain, you
    will need to make your domain credentials acceptable locally by modifying
    the local user accounts database. Then to access local resources, you do not
    need to do a local login. Your domain login credentials will be accepted
    locally.
     
    Bill Grant, Dec 1, 2004
    #14
  15. Pikk

    Bill Grant Guest

    This whole matter is really too complex for a newsgroup discussion. But
    here are a few tips. It is simplified and certainly doesn't cover everything
    involved!

    Workgroups and domains work very differently. With a workgroup, there is
    no central database for users. Users log on locally. To access resources on
    another workgroup machine, the target machine checks your logon machine for
    credentials using IPC.

    Domains have a central database and clients are authenticated against
    that (domain login). Resource access is then controlled by the domain
    database. You cannot belong to two domains, but access across domains can be
    allowed using domain trusts. There is no way to extend this to workgroups
    because of the lack of a central authority in a workgroup.

    You can access domain resouces without actually doing a domain login as
    long as your actual login credentials are valid in the domain. That is the
    basis for the workgroup name matching the domain name method described in a
    previous post.
     
    Bill Grant, Dec 2, 2004
    #15
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.