Jump to content
Compatible Support Forums
Sign in to follow this  
dtav

New PC in Active Directory

Recommended Posts

HI,

I have a small network with 1 W2k server and 2 w2kpro work stations. Active directory enabled on the server, DHCP active and DNS active with DNS forwarding for internet connection.

Connected via a ADSL router. The router has DHCP disabled, with the relay option selected to pass DHCP requests to the server. NAT is SUA only.

 

My problem is this: all was fine till one day recently, one of the WS collapsed on me. continuous blue screen crashes, and refused to boot half the time. So, I replaced the hard drive with a new 160GB seagate. Formatted everything, put the old drive back in as a slave, (+CD/DVD ROM) put it all back together again, and re-installed w2kpro.

Everything OK so far. Then I deleted the old user and computer from AD. Created a new user account, added it to the PC, and everthing should be OK. But, although I have successfully logged on, and I can see the network, and the other PCs, something is wrong.

I updated with SP4, and updated the NIC driver. (all machines have 1 realtek NIC)

 

So the problem is internet access. When loading IE, initially it goes fast, and the dialogue says, web site found, waiting for reply, then it starts loading, but gradually slows down and stops before completing the page. Same on any site.

 

The same happens when trying to access shared folders on the network. Initially, I can open shared folders on the server,but the deper I go into the file structure, the slower it gets. I cant transfer files over the network.

 

The other WS is fine, and Ive looked in detail at the configuration of the 2 user accounts, and I cant find any difference between them in active directory.

Any ideas?

Thanks in advance

DT

Share this post


Link to post
Share on other sites

Does the rebuilt box have a different icon (such as a warning) in AD Users and Computers? Did you check the logs on the client for errors, such as "Could not process GPO" or "Could not locate Domain Controller"? Are you positive that the NIC is getting an IP and it is being registered in DNS?

Share this post


Link to post
Share on other sites

tahnks. There's no icon in AD users & computers. The computer name appears correctly in the computers folder. In DHCP it also appears correctly with the full domain name, and the assigned IP with the lease of 7 days

In DNS, the individual pcs do not appear.

I haven't checked the event viewer fully yet. I'll do that and come back.

I was focussing on possible hardware issues with the new hard drive.

cheers

DT

Share this post


Link to post
Share on other sites

Make sure that your PCs are getting the right DNS server (namely, the domain controller hosting your DNS zone). In addition, make sure that you are using secure updates for that zone (it will need to be AD integrated, and not simply "primary"). If they are DHCP and not getting the right DNS IP, check the scope (or server) options on your DHCP server.

Share this post


Link to post
Share on other sites

Also, dr_grey, stop drumming up business for your site. You are using the same link for all posts, and that link has no information on it other than a need for registration.

Share this post


Link to post
Share on other sites

Dr_Grey..this site you suggest offers no information about my problem, and it asks me to pay for a potential solution. There is nothing to suggest that the members are any more competent to resolve problems than anywhere else. NT compatible is by far the best technical forum on the net with thousands of members compared to a few hundred or less in most others. Furthermore, im a firm believer in the exchange of assistance and knowledge as the best way to resolve my own problems and those of others.

Share this post


Link to post
Share on other sites

Thanks Clutch,

Im slightly confused about your answer though.

First, here's a breakdown of the IPconfig result:

My server is 192.168.1.1

iget

Host name....correct

Primary DNS sufix...domain.domain..........correct

node type................mixed.?? (dont know what that means)

IP routing enabled........no..(is that right?)

WINS proxy enabled.........no

search list for DNS suffix....domain.domain

DOMAIN

Ethernet adaptor

Specific suffix DNS connection.....DOMAIN

Desription..................realtek bla bla bla

 

Ethernet NIC

Physical adress...........00-08- etc

DHCP enabled ...........yes

Automatic config enabled......yes

IP address..........192.168.1.120...(address this machine always gets)

subnet mask....255.255.255.0

gateway.......ip of router

dhcp SERVER 192.168.1.1

DNS server 192.168.1.1

 

All seems correct to me..can you shed any light on this?

 

"make sure that you are using secure updates for that zone (it will need to be AD integrated, and not simply "primary""

 

I dont understand this. Where do I access this setting ?

 

Another point: If I access the folders/drives on the server, I can see them, but its very slow as I explained before. If I try to access the ws FROM the server, I get an error "access denied" or "network path not found"

Although the icon for the machine appears in "my network places"

 

I checked through the event viewer, and there are some alerts that refer to the trust relationship failing.

 

Thanks for your help..

DT

Share this post


Link to post
Share on other sites

There's another issue that might be the source of the trouble, which is that the new hard drive is still showing as 137GB when in fact it is 160GB. According to Seagate documentation, and MS, the full drive capacity should be recognised once the OS is updated with sp4.

This has not happened. Maybe this is causing the puter to not function properly

Share this post


Link to post
Share on other sites

The drive issue could simply require an update of the motherboard's BIOS, so I would look into that.

 

Your issues with browsing look a lot like your client is not registering itself with DNS. You should see a record for your client in your DNS console. Make sure you have dynamic up[censored] enabled in DNS by:

 

1. Open up your DNS console

2. Expand "Forward Lookup Zones"

3. Expand your AD DNS zone (i.e. mydomain.com) and select properties

4. Look at "Type", and if it isn't AD-Integrated, then click "Change" and adjust it

5. Change "Dynamic Updates" to "Secure Only"

 

After this is done, either reboot the machines on your network (might be the best idea) or use "ipconfig /registerdns" on your workstations, and "net stop netlogon" followed by "net start netlogon" on your server. If you choose to reboot all of the machines, shut down your workstations, and reboot the server. Then, start your workstations a few minutes after the server is started.

Share this post


Link to post
Share on other sites

THanks clutch,

sorry to say that when I checked all these things (first time id been there) they were already as you said. So no luck there.

DT

Share this post


Link to post
Share on other sites

Originally posted by dtav:

Quote:
In DNS, the individual pcs do not appear.

 

This is a problem. If those PCs do not appear in DNS, then you are sunk. Try adding static records for them ("A" Host) and set the IPs and TCP properties statically on the clients as well.

 

Share this post


Link to post
Share on other sites

When looking at the DNS console, and after expanding "forward Lookup zones", all 3 pcs are there with the name "pcname.domain.domain"

 

Ive done an ipconfig on the server, and a curios result appeared, in that there wqas no dns name or computer name, only the ip addresses.

The server is configured with a static IP, subnet and gateway in the TCP/IP properties. DNS server is pointing to itself (ie 192.168.1.1)

Is this right?

 

Basically Im fed up with this after so many hours trying to sort it out. Isnt there any more radical way to resolve it?

I initially installed AD for interest and self education, but its turning out to be a pain in the A***.

What happens if you un-install AD

The server would revert to a stand alone server I suppose, but would all the DNS and DHCP and security settings be reset.

This is what I need to do I think. eliminate all the old configuration and start again.

Share this post


Link to post
Share on other sites

Honestly, AD is not meant to be super easy to install, but rather a scalable method of managing many objects in an enterprise. You might want to redo everything, and follow some how-tos regarding AD.

 

Now, did you try using static entries for the clients? Try that first, as I mentioned before, and see what happens.

Share this post


Link to post
Share on other sites

Hi

Thanks for your advise so far.

So, as I said I was getting fed up with this business so I flushed DNS following your/and MS instructions, removed the computer from AD on the server. Then, on the offending PC, I have re-formatted the drive, and now installed a new copy of Windows XP pro. ( was still concerned about not recognising the full size of the new drive, and there were no BIOS updates available for my PC , HP pavillion,)

So I joined the domain, updateed the NIC driver, disabled the XP firewall (I read that it can interfere with LAN connections)

Installed office etc etc.

Then with breath held hit the IE icon.

Gues what...just the same

IE starts to load a page, but doesnt complete the connection

Frustrating or what!

BTW, the other PC on my little LAN works fine. Even better after the DNS flushing.

So it has to be a problem with

A) The NIC or cable

B) the router (acting as Hub)

 

cant be the PC..everything new and it even recognises the full drive size now!)

cant be the server, because both it and the other PC both work fine.

 

When exploring the LAN I can navigate around the computers OK.

any ideas?

Share this post


Link to post
Share on other sites

I´m pretty sure I have tried this, done so many things its hard to remember! I logged in as administrator on the local machine, and put in the direct IP, subnet and gateway settings, and it was the same. One thing just occurred to me, I didn't change the DNS settings. I could change them to the DNS server of my ISP and then in theory the puter should bypass the server altogether. I'll try it.

 

Meanwhile, to re-cap, I have been reading up on all the links you posted regarding AD. Thanks, loads of useful information, and sometimes its hard to find what you want on the windows web pages. So Im now confident that AD is correctly configured.

 

If it still doesnt work with the above test, then we must be dealing with an NIC or cable issue, dont you think?

 

The symptoms are no internet access, and if I use windows explorer to navigate the file structure in one of the other PCs (either the server or the other workstation, I can see them both perfectly,) after 2 or three levels windows explorer freezes.

 

DT

Share this post


Link to post
Share on other sites

Possibly hardware issue, but remember that NONE of the systems in your AD (including the DCs) should have any DNS server IP other than that of your AD DNS server(s). If you enter your ISP's DNS servers in your clients, and you are not using fully routed (commercial) IPs your clients will not resolve your domain controllers and will eventually bomb out.

Share this post


Link to post
Share on other sites

SOLVED!!

A new NIC card, and everything works fine.

I guess sometimes we dont see the wood for the trees. The LAN is now working correctly with AD providing IPs through DHCP and DNS resolution.

If anyone reading this wants help deploying Active Directory, I'm now a Guru haha

Thanks for all your help Clutch

cheers,

DT

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×