Announcement

Collapse
No announcement yet.

No internet access on a domain

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • No internet access on a domain

    I have a set of computers (in an office environment) that won't connect to the internet when the DNS server is set to the IP of the server (so they can get Group Policy properly) If the DNS is set to automatic, the clients are able to access the internet, but they can't print or do anything else managed by the server. Any ideas on why this would happen?

    Server is 2008 (Not R2), Clients are Win7.
    Last edited by craigarn; 17th January 2012, 06:05. Reason: Added more info.

  • #2
    Re: No internet access on a domain

    Where is DHCP coming from???

    Comment


    • #3
      Re: No internet access on a domain

      Can you post an IPCONFIG/ALL from a client and another machine which has access to the internet?
      As said, it sounds like DHCP is b***ered
      Tom Jones
      MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
      PhD, MSc, FIAP, MIITT
      IT Trainer / Consultant
      Ossian Ltd
      Scotland

      ** Remember to give credit where credit is due and leave reputation points where appropriate **

      Comment


      • #4
        Re: No internet access on a domain

        as with Ossian and wullie - if you send us the IPconfig output from the workstations, it would help us.

        However, i'm suspecting that there's no correct heirarchy setup for DNS.. so when the workstations look to the server for DNS, it doesn't forward, or has no root hints, or something else along those lines.
        Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

        Comment


        • #5
          Re: No internet access on a domain

          From the info in post #1, the router is providing DHCP, but the poster then has to change DNS to point to the DC
          If so:
          Forwarding on the DC needs to be checked
          DHCP needs to be moved to the DC and off the router

          More info needed as previously requested
          Tom Jones
          MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
          PhD, MSc, FIAP, MIITT
          IT Trainer / Consultant
          Ossian Ltd
          Scotland

          ** Remember to give credit where credit is due and leave reputation points where appropriate **

          Comment


          • #6
            Re: No internet access on a domain

            Originally posted by craigarn View Post
            I have a set of computers (in an office environment) that won't connect to the internet when the DNS server is set to the IP of the server (so they can get Group Policy properly) If the DNS is set to automatic, the clients are able to access the internet, but they can't print or do anything else managed by the server. Any ideas on why this would happen?

            Server is 2008 (Not R2), Clients are Win7.
            I think your router is issuing dhcp and Dns but when you try to resolve Dns it does not work as it appears either there are two Dns running one for Accessing and file sharing and one for internet.

            Comment


            • #7
              Re: No internet access on a domain

              Here's the ipconfig from the computer that does have internet access (DNS is set to automatic)

              Code:
              Microsoft Windows [Version 6.1.7601]
              Copyright (c) 2009 Microsoft Corporation.  All rights reserved.
               
              C:\Users\Reservations_2>ipconfig /all
               
              Windows IP Configuration
               
                 Host Name . . . . . . . . . . . . : Reservations-TH
                 Primary Dns Suffix  . . . . . . . : ppr.plumaspinesrealty.com
                 Node Type . . . . . . . . . . . . : Hybrid
                 IP Routing Enabled. . . . . . . . : No
                 WINS Proxy Enabled. . . . . . . . : No
                 DNS Suffix Search List. . . . . . : ppr.plumaspinesrealty.com
               
              Ethernet adapter Local Area Connection:
               
                 Connection-specific DNS Suffix  . :
                 Description . . . . . . . . . . . : Generic Marvell Yukon 88E8057 PCI-E Gigab
              it Ethernet Controller
                 Physical Address. . . . . . . . . : 90-FB-A6-1C-92-C7
                 DHCP Enabled. . . . . . . . . . . : Yes
                 Autoconfiguration Enabled . . . . : Yes
                 Link-local IPv6 Address . . . . . : fe80::8543:5377:d921:dbc0%10(Preferred)
                 IPv4 Address. . . . . . . . . . . : 192.168.1.9(Preferred)
                 Subnet Mask . . . . . . . . . . . : 255.255.255.0
                 Lease Obtained. . . . . . . . . . : Saturday, January 21, 2012 1:53:54 PM
                 Lease Expires . . . . . . . . . . : Sunday, January 22, 2012 1:56:31 PM
                 Default Gateway . . . . . . . . . : 192.168.1.1
                 DHCP Server . . . . . . . . . . . : 192.168.1.1
                 DHCPv6 IAID . . . . . . . . . . . : 244382630
                 DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-ED-86-D0-90-FB-A6-1C-92-C7
               
                 DNS Servers . . . . . . . . . . . : 192.168.1.1
                 NetBIOS over Tcpip. . . . . . . . : Enabled
               
              Tunnel adapter isatap.{0EB7AD22-A40D-4CC2-9841-A646807A19C0}:
               
                 Media State . . . . . . . . . . . : Media disconnected
                 Connection-specific DNS Suffix  . :
                 Description . . . . . . . . . . . : Microsoft ISATAP Adapter
                 Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
                 DHCP Enabled. . . . . . . . . . . : No
                 Autoconfiguration Enabled . . . . : Yes
               
              Tunnel adapter Local Area Connection* 9:
               
                 Media State . . . . . . . . . . . : Media disconnected
                 Connection-specific DNS Suffix  . :
                 Description . . . . . . . . . . . : Microsoft 6to4 Adapter
                 Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
                 DHCP Enabled. . . . . . . . . . . : No
                 Autoconfiguration Enabled . . . . : Yes
               
              Tunnel adapter Teredo Tunneling Pseudo-Interface:
               
                 Media State . . . . . . . . . . . : Media disconnected
                 Connection-specific DNS Suffix  . :
                 Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
                 Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
                 DHCP Enabled. . . . . . . . . . . : No
                 Autoconfiguration Enabled . . . . : Yes
               
              C:\Users\Reservations_2>

              And the computer that doesn't work (DNS is set to the DC)

              Code:
              Microsoft Windows [Version 6.1.7601]
              Copyright (c) 2009 Microsoft Corporation.  All rights reserved.
               
              C:\Users\Mark Smith>ipconfig /all
               
              Windows IP Configuration
               
                 Host Name . . . . . . . . . . . . : M70E-2
                 Primary Dns Suffix  . . . . . . . : ppr.plumaspinesrealty.com
                 Node Type . . . . . . . . . . . . : Hybrid
                 IP Routing Enabled. . . . . . . . : No
                 WINS Proxy Enabled. . . . . . . . : No
                 DNS Suffix Search List. . . . . . : ppr.plumaspinesrealty.com
               
              Ethernet adapter Local Area Connection:
               
                 Connection-specific DNS Suffix  . :
                 Description . . . . . . . . . . . : Generic Marvell Yukon 88E8057 PCI-E Gigab
              it Ethernet Controller
                 Physical Address. . . . . . . . . : 90-FB-A6-1C-92-AC
                 DHCP Enabled. . . . . . . . . . . : Yes
                 Autoconfiguration Enabled . . . . : Yes
                 Link-local IPv6 Address . . . . . : fe80::9c69:9434:67b1:9c9c%10(Preferred)
                 IPv4 Address. . . . . . . . . . . : 192.168.1.12(Preferred)
                 Subnet Mask . . . . . . . . . . . : 255.255.255.0
                 Lease Obtained. . . . . . . . . . : Saturday, January 21, 2012 1:53:01 PM
                 Lease Expires . . . . . . . . . . : Sunday, January 22, 2012 1:53:01 PM
                 Default Gateway . . . . . . . . . : 192.168.1.1
                 DHCP Server . . . . . . . . . . . : 192.168.1.1
                 DHCPv6 IAID . . . . . . . . . . . : 244382630
                 DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-ED-96-CC-90-FB-A6-1C-92-AC
               
                 DNS Servers . . . . . . . . . . . : 192.168.1.2
                 NetBIOS over Tcpip. . . . . . . . : Enabled
               
              Tunnel adapter isatap.{1AC199FE-FFBB-4017-81D2-0D32946F8CA7}:
               
                 Media State . . . . . . . . . . . : Media disconnected
                 Connection-specific DNS Suffix  . :
                 Description . . . . . . . . . . . : Microsoft ISATAP Adapter
                 Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
                 DHCP Enabled. . . . . . . . . . . : No
                 Autoconfiguration Enabled . . . . : Yes
               
              Tunnel adapter Local Area Connection* 9:
               
                 Media State . . . . . . . . . . . : Media disconnected
                 Connection-specific DNS Suffix  . :
                 Description . . . . . . . . . . . : Microsoft 6to4 Adapter #2
                 Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
                 DHCP Enabled. . . . . . . . . . . : No
                 Autoconfiguration Enabled . . . . : Yes
               
              Tunnel adapter Teredo Tunneling Pseudo-Interface:
               
                 Media State . . . . . . . . . . . : Media disconnected
                 Connection-specific DNS Suffix  . :
                 Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
                 Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
                 DHCP Enabled. . . . . . . . . . . : No
                 Autoconfiguration Enabled . . . . : Yes
               
              C:\Users\Mark Smith>

              And just for good measure.. ipconfig from the active directory/DNS server.

              Code:
              Microsoft Windows [Version 6.1.7601]
              Copyright (c) 2009 Microsoft Corporation.  All rights reserved.
               
              C:\Users\Administrator.SERVER-THINK>ipconfig /all
               
              Windows IP Configuration
               
                 Host Name . . . . . . . . . . . . : SERVER-THINK
                 Primary Dns Suffix  . . . . . . . : ppr.plumaspinesrealty.com
                 Node Type . . . . . . . . . . . . : Hybrid
                 IP Routing Enabled. . . . . . . . : No
                 WINS Proxy Enabled. . . . . . . . : No
                 DNS Suffix Search List. . . . . . : ppr.plumaspinesrealty.com
               
              Ethernet adapter Local Area Connection:
               
                 Connection-specific DNS Suffix  . :
                 Description . . . . . . . . . . . : Intel(R) 82578DM Gigabit Network Connecti
              on
                 Physical Address. . . . . . . . . : 70-F3-95-00-19-33
                 DHCP Enabled. . . . . . . . . . . : No
                 Autoconfiguration Enabled . . . . : Yes
                 Link-local IPv6 Address . . . . . : fe80::4184:c28a:f8ac:f768%10(Preferred)
                 IPv4 Address. . . . . . . . . . . : 192.168.1.2(Preferred)
                 Subnet Mask . . . . . . . . . . . : 255.255.255.0
                 Default Gateway . . . . . . . . . : 192.168.1.1
                 DHCPv6 IAID . . . . . . . . . . . : 242283413
                 DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-33-C0-78-70-F3-95-00-19-33
               
                 DNS Servers . . . . . . . . . . . : ::1
                                                     127.0.0.1
                 NetBIOS over Tcpip. . . . . . . . : Enabled
               
              Tunnel adapter isatap.{76ED8D91-A29C-4F2C-B975-6DF13314B0F5}:
               
                 Media State . . . . . . . . . . . : Media disconnected
                 Connection-specific DNS Suffix  . :
                 Description . . . . . . . . . . . : Microsoft ISATAP Adapter
                 Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
                 DHCP Enabled. . . . . . . . . . . : No
                 Autoconfiguration Enabled . . . . : Yes
               
              Tunnel adapter Teredo Tunneling Pseudo-Interface:
               
                 Media State . . . . . . . . . . . : Media disconnected
                 Connection-specific DNS Suffix  . :
                 Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
                 Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
                 DHCP Enabled. . . . . . . . . . . : No
                 Autoconfiguration Enabled . . . . : Yes
               
              C:\Users\Administrator.SERVER-THINK>


              The DHCP I can confirm is being provided by a router, but when I set up a little active directory + clients at home (just to test) and my router at home provides DHCP, it works just fine, everyone can get on the internet, so I'm not quite ready to blame the router.

              Comment


              • #8
                Re: No internet access on a domain

                As others have mentioned the recommendation, when an AD instance is implemented on the network, for youto move the DHCP role to the server. Configure your clients to use the DNS services from the DC, and make sure that your DNS server uses either it's root hints, forwards to the iSP DNS servers, or other public DNS servers of your choice.

                It's not that there is a problem with the router, its the overall design you have is not good for AD and your DC's DNS needs proper configuration.

                Plenty of guides on this site.
                JM @ IT Training & Consulting
                http://www.itgeared.com

                Comment


                • #9
                  Re: No internet access on a domain

                  There is no problem with the router for internet access, but when you try accessing the domain, the routers DNS doesnt know about it.

                  Basic process:
                  Install DHCP on DC and set up a scope to assign IP (192.168.1.x), Subnet (255.255.255.0), Default Gateway (192.168.1.1) and DNS (192.168.1.2)
                  Authorise DHCP and Activate Scope
                  Set Forwarders in DNS on your DC to point to any of Router IP, DNS servers for your ISP or OpenDNS (others exist)
                  Confirm DNS tests work and DC can access external sites OK
                  Turn off DHCP on router and renew leases on all clients (changing them to automatic configuration if not already done)

                  That will give you standard behaviour and everything should work
                  Tom Jones
                  MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
                  PhD, MSc, FIAP, MIITT
                  IT Trainer / Consultant
                  Ossian Ltd
                  Scotland

                  ** Remember to give credit where credit is due and leave reputation points where appropriate **

                  Comment


                  • #10
                    Re: No internet access on a domain

                    Originally posted by Ossian View Post
                    There is no problem with the router for internet access, but when you try accessing the domain, the routers DNS doesnt know about it.

                    Basic process:
                    Install DHCP on DC and set up a scope to assign IP (192.168.1.x), Subnet (255.255.255.0), Default Gateway (192.168.1.1) and DNS (192.168.1.2)
                    Authorise DHCP and Activate Scope
                    Set Forwarders in DNS on your DC to point to any of Router IP, DNS servers for your ISP or OpenDNS (others exist)
                    Confirm DNS tests work and DC can access external sites OK
                    Turn off DHCP on router and renew leases on all clients (changing them to automatic configuration if not already done)

                    That will give you standard behaviour and everything should work


                    Got there before me again lol.

                    BTW we need a whisky smilie

                    Comment


                    • #11
                      Re: No internet access on a domain

                      Originally posted by wullieb1 View Post


                      Got there before me again lol.

                      BTW we need a whisky smilie
                      Well, you know what they say... If you ain't fast, you're last
                      As to whisky smilies, too much choice
                      :singlemalt:
                      :talisker:
                      :antiquary: (worth trying if you see it)
                      But definitely NOT :famousgrouse:
                      Tom Jones
                      MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
                      PhD, MSc, FIAP, MIITT
                      IT Trainer / Consultant
                      Ossian Ltd
                      Scotland

                      ** Remember to give credit where credit is due and leave reputation points where appropriate **

                      Comment

                      Working...
                      X