RE: Server 2003 Network problems since IP address change

Hi Meinolf,

In addition to that last post in regards to the ipnat.sys....I was working
over a vpn when I was trying to configure it and I have just read that this
can cause a problem. Strangely today I couldnt connect to any of my remote
desktops over the vpn either.

Regards,
Oliver

"Oliver Maynard" wrote:

Hello Meinolf,

Only the windows firewall is running. I just tried to disable it but when I
try to open it (on the server) I get the error 'Windows firewll cannot run
because another program or service is running that might use the network
address translation compnant (Ipnat.sys)'.

I am not sure where you find the 'network identification' section you
mentioned. If you mean is it listed in the properties of the network adapter
then yes it is.

Thanks again for your help with this....sorry it seems to be such a problem.

Best regards,
Oliver

"Meinolf Weber [MVP-DS]" wrote:

Hello Oliver,

Is there any firewall running on client or server? Is the Primary DNS suffix
added in the system properties, network identification, properties, choose
the "More" button?

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


Hello Meinolf,

Dynamic updates is enabled and set to 'secure only'.

The ipconfig command didnt work and there are fair few errors in the
eventwr in both the server and the client.

The client
------------
Event ID : 11165

The system failed to register host (A) resource records (RRs) for
network
adapter
with settings:
Adapter Name : {AB759FE5-E3DF-4FB9-9156-5552068F7C4B}
Host Name : easy2
Primary Domain Suffix : WSW.local
DNS server list :
192.168.1.1
Sent update to server : <?>
IP Address(es) :
192.168.1.23
The reason the system could not register these RRs was because the
DNS server contacted refused the update request. The reasons for this
might be (a) you are not allowed to update the specified DNS domain
name, or (b) because the DNS server authoritative for this name does
not support the DNS dynamic update protocol.

To register the DNS host (A) resource records using the specific DNS
domain name and IP addresses for this adapter, contact your DNS server
or network systems administrator.

The server
-------------
Error EventID : 6702

DNS server has updated its own host (A) records. In order to ensure
that its DS-integrated peer DNS servers are able to replicate with
this server, an attempt was made to update them with the new records
through dynamic update. An error was encountered during this update,
the record data is the error code.

Error Event ID : 4004

The DNS server was unable to complete directory service enumeration of
zone WSW.local. This DNS server is configured to use information
obtained from Active Directory for this zone and is unable to load the
zone without it. Check that the Active Directory is functioning
properly and repeat enumeration of the zone. The extended error debug
information (which may be empty) is "". The event data contains the
error.

Warning EventID : 4521

The DNS server encountered error 32 attempting to load zone
0.168.192.in-addr.arpa from Active Directory. The DNS server will
attempt to load this zone again on the next timeout cycle. This can be
caused by high Active Directory load and may be a transient condition.

I hope that helps you as it doesnt mean much to me!!

Thanks a lot

"Meinolf Weber [MVP-DS]" wrote:

Hello Oliver,

Do you use dynamic updates on the zone properties?

Also run ipconfig /registerdns on the client, this should register
there entry in DNS zone, a message should appear similar to "takes
about 15 minutes".

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and
confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
Hi Meinolf,

I have removed the reverse lookup and added the new one as you
suggested.

The servers are listed in the forward lookup zones but the clients
aren't.

Yes Gpos are applied to OU's and the users are in the OU's.

Gpresult returns : The user domain\user does not have RSOP data.

Thanks

"Meinolf Weber [MVP-DS]" wrote:

Hello Oliver,

The iprange is not the reason that something does not work as long
as all machines are using the correct subnet. If you say GPO's and
logon script does not run.

Remove the reverse lookupzone on the DNS server for 192.168.0.x
network and create a new one for the 192.168.1.x network.

Are the GPO's linked to the OU where the user/computers are
located?

Did you run gpresult /v on a client machine to see if the GPO is
listed?

Are all servers and clients are listed in the Forward lookup zones
in your DNS server?

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties,
and
confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
Thanks for your suggestions guys.

I have changed the DNS settings as you have both described. GPO's
and logon scripts still do not run. Of the clients I have tried
this morning they all seem to be able to access the server without
prompting for a username and password for access (even tho the
user is logged onto the domain)...but this seems to happen at
strange intervals so I am not confident that it is a closed issue
yet.

Would incorrect dns settings cause the type of issues I am having
do you think? I don't doubt that I had it setup incorrectly...I
just can't understand why clients would be denied access to
network resources based on log on credentials.

The only other solution I can think of is to go back to
192.168.0.x addressing like we had before to see if that makes a
difference. I am limited to what I can do during the working week
due to disruption though.

I really appreciate your input thank you again.
"Meinolf Weber [MVP-DS]" wrote:
Hello Oliver,

The ipconfig output is from the client?

Well, your DNS configuration coming from your DHCP server has
only to provide domain internal ip addresses 192.168.1.2 for DNS
The external addresses 194.72.9.38 and 62.6.40.162, i assume your
ISP's DNS server are wrong at that place.

On the DNS server properties in the DNS management console under
the DNS server properties you have a FORWARDERS tab, here fill in
the ISP's DNS server.

If the ipconfig from the DC looks similar, change that also.

The client should look like:
ip 192.168.1.x
sm 255.255.255.0
dg 192.168.1.1
dns 192.168.1.2
and the server:
ip 192.168.1.2
sm 255.255.255.0
dg 192.168.1.1
dns 192.168.1.2
Also if you do not use IPv6 i would uncheck the setting under the
NIC
properties.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties,
and
confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!!
http://www.blakjak.demon.co.uk/mul_crss.htm
Hi,

it is a AD run domain with a single DC. Previousley the old
router provided the DHCP addressing. When we moved offices we
had BT come and install our phone systems with a new router and
hence the new addresses. This router has proved very troublesome
so I have disabled the dhcp server on it and setup the same
scope it was using on the DC.

ipconfig results :

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : NVIDIA nForce Networking
Controller #5
Physical Address. . . . . . . . . : 00-1E-8C-2E-0F-2E
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . :
fe80::459b:61f5:8668:2c01%24(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.21(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 22 February 2009 14:33:09
Lease Expires . . . . . . . . . . : 22 March 2009 14:33:07
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.2
DNS Servers . . . . . . . . . . . : 194.72.9.38
62.6.40.162
Primary WINS Server . . . . . . . : 192.168.1.2
NetBIOS over Tcpip. . . . . . . . : Enabled
The DC = 192.168.1.2
The router = 192.168.1.1
As per Meinolf Weber [MVP-DS] suggestion, I have just looked
on
the
DC under DNS and under 'Reverse Lookup Zones' there is an entry
for
192.168.0.x Subnet' with a list of pointers to computers and the
old
addresses they used to hold. Could this be something to do with
it?
Thanks for your help guys.
"Newell White" wrote:
"Oliver Maynard" wrote:

Hi, hopefully someone will be able to shed some light on this
problem.

We have just moved offices and broadband providers. With the
move came a change of Ip addresses. we used to run on
192.168.0.1/254 and now we use 192.168.1.1/254.

Since the move I am getting loads of problems with GPO's not
applying to clients anymore and the biggest problem which is
the server refusing access to network drives. I have to
manually un-map the drives and add them again...most the times
using a different username and password as I get the error
'Multiple connections to a server or shared resource by the
same user, using more than one username, are not allowed' or a
similar one which I cannot now replicate.

Is this related to the IP address change? if so I musy have
missed something somewhere when I was updating the server.

Thanks for you help.

More information is needed before anyone can help you.

Is your network a domain or a workgroup?
If a domain, is it AD-integrated zone? More than one DC?
Does 2003 server provide DHCP for your network? Did you destroy
old
scope and create a new one?
Please post ipconfig/all result for server and typical
workstation.
--
Regards,
Newell White



.