RE: DHCP
- From: v-yanniw@xxxxxxxxxxxxxxxxxxxx ("Jenny wu [MSFT]")
- Date: Tue, 18 Oct 2005 09:29:36 GMT
Hi Roger,
Thanks for posting here!
For your description, I understand that the issue to be: the DHCP server in
SBS stops leasing out IP addresses. There are no event log errors related
to DHCP. If I'm off-base on that, let me know.
I. For your now scenario, I suggest you rerun CEICW again to refresh
network connection configuration. It will help me help us create the
necessary ISA Firewall access rules and System policies to enable desired
traffic in the SBS network. To run the wizard, click Start ' Programs '
Administrative tools ' Server Management. In showed up 'Server Management'
console, click 'To Do List' in 'Standard Management', and then click on
'Connect to the Internet' to start CEICW. You can refer to the KB 825763 to
configure network connection.
825763 How to configure Internet access in Windows Small Business Server
2003
http://support.microsoft.com/?id=825763
Note, if you receive any error when running CEICW, please make a note to
me.
II. If CEICW completes successfully, but the problem still occurs, please
go into the ISA console to create and apply a Firewall access rule with the
parameters listed below:
Type Access Rule
Action Allow
>From
Network Set All Networks (and Local Host)
To
Network Local Host
Protocols Specified Protocols
DHCP (reply)
DHCP (request)
Applies to all content
Users All Users
Then restart ISA and IIS and try to test to see if the issue be fixed.
III. Make sure DHCP server is authorized, and there are no other DHCP
servers on the network.
1. Click Start, click Programs, click Administrative Tools, and then click
DHCP.
NOTE: You must be logged on to the server with an account that is a member
of the Enterprise Administrators group.
2. In the console tree of the DHCP snap-in, select the new DHCP server. If
there is a red arrow in the bottom-right corner of the server object, the
server has not yet been authorized.
3. Right-click the server, and then click Authorize.
4. After a few moments, right-click the server again and then click
Refresh. The server should display a green arrow in the bottom-right Corner
to indicate that the server has been authorized.
Please refer to the following article for more related information:
300429.KB.EN-US HOW TO: Install and Configure a DHCP Server in an Active
Directory
http://support.microsoft.com/default.aspx?scid=KB;EN-US;300429
If the issue still exists, please perform the following steps:
1. Open the DHCP snap-in.
2. Right-click DHCP and click Manage Authorized Servers. Make sure only one
DHCP server is listed there. If there are incorrect servers listed there,
please unauthorize them.
3. Right-click the DHCP scope under the DHCP server and click deactivate.
4. After that, re-active the DHCP scope again.
5. Stop and restart the DHCP service. Test if the clients can now obtain
the DHCP address.
In addition, make sure that there are no clients in the network providing
DHCP services. Such faulty devices can come from Internet Connection
Sharing (ICS) in Windows 98/2000 computers, router devices, etc.
IV. If the DHCP server (such as the SBS server) has more network NICs, make
sure that the DHCP sever only bind to the internal NIC.
1. In DHCP manager, right click on the server, select properties, and check
bindings.
2. You may see that both the internal and the external NICs are listed.
Remove the binding to the external NIC leaving only the internal NIC.
3. Make sure the DHCP scope is properly configured.
V. Refresh the time service to synchronize time with time server.
The w32time service problem may prevent client from properly accessing your
domain resources. Please try to start the Windows Time service (w32time)
and see if the issue can be resolved.
A. Let''s open a command prompt and run the following commands to stop and
restart w32time service:
*****net stop w32time
*****net start w32time
Also check if you have a hardware router/firewall in front of your SBS
server, if so, please open Registry Editor (regedit), go to
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Parameters\Type
, change the value from whatever to Nt5DS and restart the W32Time service.
Maue sure the service''s startup type is set to automatic.
A. Check if the workstation is syncing time with the SBS 2003 server and if
not, run the following command:
net time /setsntp:<SBS_Server_Name>
NOTE: Replace <SBS_Server_Name> with the real server name of the SBS 2003
server.
After doing the above steps, reboot the client workstations and then try to
logon the domain. Then try to test, how about the result?
For more info:
816042 How to configure the Windows Time service on a Windows Server
2003-based
http://support.microsoft.com/?id=816042
If the issue persists, let us do some tests to isolate the issue:
1. What IP address do the clients get currently? What error message do you
get when you run ipconfig /release and ipconfig /renew?
2. Could you help me catch a screen shot when the issue happened for
further analyze?
3. Do the all workstation can no get appropriate IP or some specific PC?
4. Please help me collect the ISA configuration information and the ISA Web
Proxy and Firewall service logs for analyze:
1). Use the ISAinfo utility to collect the ISA configuration information:
a. Download the file from the following URL:
http://www.isatools.org/isainfo/ISAInfo.zip
b. Extract all files to a folder on ISA server
c. Double click Isainfo.js. This will generate 2 files
ISAInfo2004-<computer-name>.log and ISAInfo2004-<computer-name>.xml in the
current folder.
d. Please send these files to me at feijj@xxxxxxxxxxxxx
2). Gather the ISA Web Proxy and Firewall service logs when reproducing the
problem:
Enable the full Web Proxy/firewall logging option:
a. Open ISA 2004 management console.
b. Expand the server node and highlight ''Monitoring''.
c. In the right pane, switch to the ''Logging'' tab, make sure the ''Task
Pane'' is showed there.
d. In the ''Task Pane'', click ''Configure Web Proxy Logging'' under
''Logging Tasks'', and then switch the ''log storage format'' from ''MSDE
database'' (default) to ''File''.
e. Switch to the ''Fields'' tab, and then click ''Select All''.
f. Click OK, and then click ''Apply'' to save changes and update the
configuration.
g. Click ''Configure Firewall Logging''. Do step d~f to enable the full
logging options for firewall logging.
Prepare to take the trace:
a. Temporarily stop the Firewall service to clear the current existing W3C
logs: Monitoring->Services tab, and then right click ''Microsoft Firewall''
to choose ''Stop''.
b. Go to the log saving directory and clean any existing .W3C logs. By
default, the logs will be saved to ''C:\Program Files\Microsoft ISA
Server\ISALogs''. (Some MDF may not be able to deleted, that''s normal.)
c. Go back to the ISA 2004 management console, and then Start the stopped
''Microsoft Firewall'' service.
Reproduce the problem:
a. Go to the external client computer. Try to access the RWW web site.
b. Go back to the ISA server. Stop the ''Microsoft Firewall'' service. Open
Windows Explorer, navigate to the ISA log file folder. Collect the recent
w3c files. Save them to a zip package as ''isalogs.zip''. Start the
''Microsoft Firewall'' Service.
c. Send the zip packages to me at v-yanniw@xxxxxxxxxxxxx
I appreciate your time and efforts to perform test and collect information.
I am happy to be assistance of you and look forward to your reply!
Have a nice day!
Best Regards,
Jenny Wu
Microsoft CSS Online Newsgroup Support
Get Secure! - www.microsoft.com/security
======================================================
This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the corresponding
newsgroups so that they can be resolved in an efficient and timely manner.
You can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
When opening a new thread via the web interface, we recommend you check the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.
Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In doing
so, it will ensure your issues are resolved in a timely manner.
For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.
Any input or comments in this thread are highly appreciated.
======================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
>From: "Roger Crawford" <rcrawford@xxxxxxxxxxxxxx>
>Subject: DHCP
>Date: Mon, 17 Oct 2005 06:16:06 -0500
>Lines: 18
>X-Priority: 3
>X-MSMail-Priority: Normal
>X-Newsreader: Microsoft Outlook Express 6.00.2900.2670
>X-RFC2646: Format=Flowed; Original
>X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2670
>Message-ID: <ejU4sww0FHA.2792@xxxxxxxxxxxxxxxxxxxx>
>Newsgroups: microsoft.public.windows.server.sbs
>NNTP-Posting-Host: cetn-static-01-035.dsl.iowatelecom.net 69.66.29.35
>Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!tk2msftngp13.phx.gbl
>Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windows.server.sbs:161991
>X-Tomcat-NG: microsoft.public.windows.server.sbs
>
>Ok I am going to post this again as this is not the issue Chad was having
>when he installed SP1 on SBS 2003 but we are up to 3 locations now where
we
>had installed SP1 for SBS 2003 and after 1 month or so DHCP quit working.
If
>it was going to be the Chad problem it would have stopped right away from
>the start but that is not the case at these locations as they have been
>running fine up until the last week or so. I am not seeing any errors in
the
>logs for the DHCP but the clients just plain don't get a IP when they go
to
>renew. I have tried uninstalling DHCP and reinstalling with no luck. I
see
>in the Real Time monitoring of ISA where DHCP requests are being blocked
>from the Internal to Local Host but it doesn't matter what Rule I put in
it
>is not being allowed to happen. I have heard of one other having this
issue
>but they just unintalled DHCP and reinstalled and then they was fine but
>that did not work in this case.
>
>Roger Crawford
>HTS
>
>
>
.
- References:
- DHCP
- From: Roger Crawford
- DHCP
- Prev by Date: Re: Intermittant GPO failure to apply
- Next by Date: Re: resizeing OS partition on a dynamic disk
- Previous by thread: DHCP
- Next by thread: BDC removal
- Index(es):
Relevant Pages
|
|
