Re: Can someone help me (before I go mad) !!!!
From: Ace Fekay [MVP] (PleaseSubstituteMyActualFirstName&LastNameHere_at_hotmail.com)
Date: 05/04/04
- Next message: anonymous_at_discussions.microsoft.com: "Re: HELP SMTP"
- Previous message: Ace Fekay [MVP]: "Re: OWA over Direcway Satellite Internet"
- In reply to: MoRbID ReAlity: "Re: Can someone help me (before I go mad) !!!!"
- Next in thread: Boris Lokhvitsky: "Re: Can someone help me (before I go mad) !!!!"
- Reply: Boris Lokhvitsky: "Re: Can someone help me (before I go mad) !!!!"
- Messages sorted by: [ date ] [ thread ]
Date: Tue, 4 May 2004 01:11:05 -0400
In news:sp0e90hmvh8c1e6hiu5notcvgek8ojhnns@4ax.com,
MoRbID ReAlity <M_Or_Bid_NoSpam@hotmail.com> posted their thoughts, then I
offered mine
> On Mon, 3 May 2004 11:24:34 -0700, "Boris Lokhvitsky"
> <msexpert@comcast.net> wrote:
>
> 1) I did not have IP Forwarding enabled between the NIC's (NAT via
> RRAS) set that up.
>
> 2) I tried disabling File and Printer Sharing on the Public Interface
> before and Windows did not like that. Says that the Group Policies
> cannot be applied because Sysvol cannot be found. For some silly
> reason Windows requires this to be enabled for the DC to work.
>
> 3/4) Changing the DNS settings made no differences
>
> Re: P.S. I thought WINS was only needed in a NT 4.0 environment
>
> Re: P.P.S -> 192.168.0.0/24 is supposedly a non-routable address and
> Microsoft's documentation says that with "Round Robin" enabled
> responses from the public NIC should always be the Public IP and said
> same for the Private Side. Something is amiss, thanks for pointing
> that out.
>
>
> Re: P.P.P.S -> I agree with the posting of information here, but a
> Whois search will yield the same information. Hope my firewall holds
> up as don't want to be anyone's "puppet"
>
> Lastly:
> Before I did this "Clean Install" I had Win2k Ent and Ex2k running on
> the same box with the same services (DNS, NAT, etc) with no troubles
> whatsoever.
>
> I'm tired and my head hurts, I have 7 servers at work w/100 users and
> hate to come home and do the same thing I do there, I'll just use IMAP
> for now and give this a rest.
>
> Thank you all again, you people are not only knowledgeable but
> extremely kind and helpful
>
> Greg
As Boris said, multihomed DCs, especially with Exchange on it and running
NAT is very problematic. I come across this all the time in various
situations. I have setup many multihomed systems with success, but there is
administrative overhead. I setup my classrooms this way all the time. My
instructor machine is the NAT machine for the classroom. Tell you what, if
you chose a $60.00 Linksys router (if budget is an issue), the difficulties
will go away.
Also, another thing I see *possibly* problematic is that the computer name
is the same as the domain suffix. Assuming the domain NetBIos name is the
same as the suffix, then I'm going to assume possible dupe errors due to it.
Not sure, but usually like to follow a rule that a NetBIOS computer name and
the NetBIOS domain name are unique.
As for WINS and NetBIOS, yes, NetBIOS is required with Exchange.
837391 - Exchange Server 2003 and Exchange 2000 Server require NetBIOS name
resolution for full functionality:
http://support.microsoft.com/default.aspx?scid=837391
As for more information on mutlihomed DNS servers, this issue comes up ALOT
in the DNS newsgroups. Here's what I've come up with and is the general
consensus with the MVPs and engineers in that group. It's proven to work. Be
careful on the steps. Otherwise, I would suggest to use a PC as a member
server as the NAT box.
As for your mutli NICs, I would follow Boris' suggestions. Also, I would
like to suggest:
1. You can continue to use NAT if you like. However, since DNS is also on
this machine, then you will have issues with the LdapIpAddress registering
the public and private IP. This is what will cause issues with GPOs, DFS and
especially with the GC. You'll need to make a registery entry to disable the
LdapIpAddress, the GcIpAddress registration and the hostname registration,
since a simple unchecking the check box in the NIC's properties just won't
work. This is because DNS will register itself to ID itself as the SOA. The
GcIpAddress is most likey what is probably causing your Address List issue,
since it queries the GC for that data, but the other registered public IPs
in your SRVs are a contributing factor. Suggest to follow these steps:
Add the
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters
Registry value: DnsAvoidRegisterRecords
Data type: REG_MULTI_SZ
Value: LdapIpAddress
Value: GcIpAddress
Do this on all DCs and restart netlogon or restart the machine.
This will prevent the DC from adding the domain A records from netlogon.
And you can add multiple Blank Domain A record and the GC address under the
_msdcs folder as you need.
Then follow this article to disable the external NIC's registration:
246804 - Disable Windows 2000 Dynamic DNS Registrations:
http://support.microsoft.com/default.aspx?scid=kb;en-us;246804
2. Also definitely follow Boris' Step # 2. (uncheck all the checkboxes for
F&P and MS Client) and anthing else externally.
3. For the external NIC, I would force 192.168.0.1 as the DNS server so both
are only using the internal DNS.
4. Goto Network Dialup & Connections, Adv menu, Adv settings, ensure that
the external NIC is at the bottom of the binding order.
5. Disable NetBIOS on the external NIC.
--Hope that helps--
-- Regards, Ace Please direct all replies to the newsgroup so all can benefit. This posting is provided "AS-IS" with no warranties and confers no rights. Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP Microsoft Windows MVP - Active Directory HAM AND EGGS: A day's work for a chicken; A lifetime commitment for a pig. -- =================================
- Next message: anonymous_at_discussions.microsoft.com: "Re: HELP SMTP"
- Previous message: Ace Fekay [MVP]: "Re: OWA over Direcway Satellite Internet"
- In reply to: MoRbID ReAlity: "Re: Can someone help me (before I go mad) !!!!"
- Next in thread: Boris Lokhvitsky: "Re: Can someone help me (before I go mad) !!!!"
- Reply: Boris Lokhvitsky: "Re: Can someone help me (before I go mad) !!!!"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
