Announcement

Collapse
No announcement yet.

Stand Alone Server 2008 in Education Environment Setup Help

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Stand Alone Server 2008 in Education Environment Setup Help

    Hello,

    I am in need of some advice for setting up a Windows Server 2008 machine in our school system as a stand-alone server. As a heads up and an upfront apology, I will say that my knowledge of servers and controlling them in such an environment is next to minimal, but with the funds and staff that we have available here, the task is mine.

    First off, the machine is in production already. We were thrown into that when the server that I inherited with the job and was running Server 03 bit the big one in grand style one day leaving us high and dry. So, what I can do and at what time is rather limited. The machines background is as follows:

    Server 2008 R2 Standard 64-bit SP1
    Xeon E5 @ 2.00 Ghz
    16 GB DDR3 RAM
    2 disk RAID 1 - 280GB HDD (For OS)
    3 disk RAID 5 - 1TB Total for Data
    6 port Ethernet

    Now for the question about setup… We need the following: Active Directory, DNS (presuming), File Services, Application Server, WSUS, DHCP, and Print Server, all of which must be on this one server. I currently have everything setup and working… sort of. I am seeing some issues which are the following:

    When connected using a Windows 7 workstation, as I have not been on a lot of our XP stations to see that the issues are there as well, but we will have connectivity issues with staying connected to the server. Sometimes when a user goes to print, it will say printer unavailable, and shows the printer on the server to be not connected. Other times the users may be trying to access files on their network folder and the same thing occurs. Though I have sync setup for most users so they do not see the downtime, I myself see down time when connected to the machine via MSTSC, where randomly (not too often I might add), but the system will lose connection. More importantly, if a machine has not be logged onto for upwards of 30 + minutes, when attempting to logon, it will show no logon server available for approximately 20 seconds, before the machine then finds our server and allows the users to login. This made for our biggest problem with this server as when the Windows 7 machine went ahead and pulled the users saved profile, it would not have their network folder connected, or visible at all for that matter. This throws a real loop at some users, even though logging off and back on would resolve the issue. Also, when accessing the internet, Win 7 users would then receive DNS error messages in the IE browsers. A quick fix while a solution has been sought was to add the public DNS from Open DNS to their computer and this has resolved their connection issue. Even though for my piece of mind I do not like this option for security.

    I have gotten several warnings and errors from all Roles as of late and have a feeling they are all linked somehow to the fact that the server is handling too much without being either virtualized or having another server setup to run alongside this one.

    If virtualization is the answer, what roles are put on that particular virtual server, and what roles are left to the main server? Our space is currently limited and the virtual server (unless housing the user’s data) will need to be small in order to help us keep our storage size as large as we can without adding to it with upgrades.

    Any help is greatly appreciated in the matter.

    Thanks!

    Richard

  • #2
    Re: Stand Alone Server 2008 in Education Environment Setup Help

    virtualization is not the answer.

    Update all your drivers and all your firmware.
    Is this a branded server (HP/Dell etc) or is it just a whitebox ?

    it sounds more like you have an underlying network issue than specifically an issue with this server.

    next time dns craps out - try pinging te srver by it's IP address.


    could you post an IPconfig /all from one of the workstations?
    Also, from the server.
    Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

    Comment


    • #3
      Re: Stand Alone Server 2008 in Education Environment Setup Help

      Are all the clients domain members? (of the AD domain the server is DC for)
      Tom Jones
      MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
      PhD, MSc, FIAP, MIITT
      IT Trainer / Consultant
      Ossian Ltd
      Scotland

      ** Remember to give credit where credit is due and leave reputation points where appropriate **

      Comment


      • #4
        Re: Stand Alone Server 2008 in Education Environment Setup Help

        Morning,

        This is a HP branded server. HP ProLiant ML350p Gen8 to be exact. All clients are domain computers so yes they are members.

        Here is some tidbits requested plus another tidbit:

        From Workstation:


        Windows IP Configuration
        Host Name . . . . . . . . . . . . : HSComputer
        Primary Dns Suffix . . . . . . . : wisd.local
        Node Type . . . . . . . . . . . . : Hybrid
        IP Routing Enabled. . . . . . . . : No
        WINS Proxy Enabled. . . . . . . . : No
        DNS Suffix Search List. . . . . . : wisd.local
        Ethernet adapter Local Area Connection:
        Connection-specific DNS Suffix . :
        Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
        Physical Address. . . . . . . . . : 1C-6F-65-AD-74-70
        DHCP Enabled. . . . . . . . . . . : No
        Autoconfiguration Enabled . . . . : Yes
        IPv4 Address. . . . . . . . . . . : 10.48.16.193(Preferred)
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 10.48.16.1
        DNS Servers . . . . . . . . . . . : 208.67.222.222
        10.48.16.10
        NetBIOS over Tcpip. . . . . . . . : Enabled




        From Server:


        Windows IP Configuration
        Host Name . . . . . . . . . . . . : WISD
        Primary Dns Suffix . . . . . . . : wisd.local
        Node Type . . . . . . . . . . . . : Hybrid
        IP Routing Enabled. . . . . . . . : No
        WINS Proxy Enabled. . . . . . . . : No
        DNS Suffix Search List. . . . . . : wisd.local
        Ethernet adapter Local Area Connection 7:
        Connection-specific DNS Suffix . :
        Description . . . . . . . . . . . : Local Area Connection 3 - Virtual Network
        Physical Address. . . . . . . . . : 9C-8E-99-4F-0C-7B
        DHCP Enabled. . . . . . . . . . . : No
        Autoconfiguration Enabled . . . . : Yes
        IPv4 Address. . . . . . . . . . . : 10.48.16.13(Preferred)
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . :
        DNS Servers . . . . . . . . . . . : 127.0.0.1
        NetBIOS over Tcpip. . . . . . . . : Enabled
        Ethernet adapter Local Area Connection 6:
        Connection-specific DNS Suffix . :
        Description . . . . . . . . . . . : Local Area Connection 4 - Virtual Network
        Physical Address. . . . . . . . . : 9C-8E-99-4F-0C-78
        DHCP Enabled. . . . . . . . . . . : No
        Autoconfiguration Enabled . . . . : Yes
        IPv4 Address. . . . . . . . . . . : 10.48.16.11(Preferred)
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . :
        DNS Servers . . . . . . . . . . . : 127.0.0.1
        NetBIOS over Tcpip. . . . . . . . : Enabled
        Ethernet adapter Local Area Connection 2:
        Connection-specific DNS Suffix . :
        Description . . . . . . . . . . . : HP Ethernet 1Gb 4-port 331i Adapter #2
        Physical Address. . . . . . . . . : 9C-8E-99-4F-0C-7A
        DHCP Enabled. . . . . . . . . . . : No
        Autoconfiguration Enabled . . . . : Yes
        IPv4 Address. . . . . . . . . . . : 10.48.16.12(Preferred)
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . :
        DNS Servers . . . . . . . . . . . : 127.0.0.1
        NetBIOS over Tcpip. . . . . . . . : Enabled
        Ethernet adapter Local Area Connection:
        Connection-specific DNS Suffix . :
        Description . . . . . . . . . . . : HP Ethernet 1Gb 4-port 331i Adapter
        Physical Address. . . . . . . . . : 9C-8E-99-4F-0C-79
        DHCP Enabled. . . . . . . . . . . : No
        Autoconfiguration Enabled . . . . : Yes
        IPv4 Address. . . . . . . . . . . : 10.48.16.10(Preferred)
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 10.48.16.1
        DNS Servers . . . . . . . . . . . : 127.0.0.1
        NetBIOS over Tcpip. . . . . . . . : Enabled


        A little more that maybe will help from server:

        Network
        You are connected to the internet
        Connected through HP Ethernet 1Gb 4-port 331i Adapter
        IP Address 10.48.16.10
        Subnet mask 255.255.255.0
        Gateway server 10.48.16.1
        Preferred DNS server 127.0.0.1
        DHCP Disabled
        External IP Address ***.***.***.*** (removed)
        Adapter Type Ethernet
        NetBIOS over TCP/IP Enabled via DHCP
        NETBIOS Node Type Hybrid node
        Link Speed 929.8 KBps
        Computer Name
        NetBIOS Name WISD
        DNS Name WISD.wisd.local
        Membership Part of domain
        Domain Name wisd.local
        Remote Desktop
        Enabled
        Console
        State Connected
        RDP-Tcp#0
        State Active
        Domain WOODSONISD
        RDP-Tcp
        State Listen
        WinInet Info
        LAN Connection
        Local system uses a local area network to connect to the Internet
        Local system has RAS to connect to the Internet
        Wi-Fi Info
        Wi-Fi not present
        WinHTTPInfo
        WinHTTPSessionProxyType No proxy
        Session Proxy
        Session Proxy Bypass
        Connect Retries 5
        Connect Timeout (ms) 60,000
        HTTP Version HTTP 1.1
        Max Connects Per 1.0 Servers INFINITE
        Max Connects Per Servers INFINITE
        Max HTTP automatic redirects 10
        Max HTTP status continue 10
        Send Timeout (ms) 30,000
        IEProxy Auto Detect Yes
        IEProxy Auto Config
        IEProxy
        IEProxy Bypass
        Default Proxy Config Access Type No proxy
        Default Config Proxy
        Default Config Proxy Bypass
        Sharing and Discovery
        Network Discovery Enabled
        File and Printer Sharing Enabled
        File and printer sharing service Disabled
        Simple File Sharing Enabled
        Administrative Shares Enabled
        Network access: Sharing and security model for local accounts Classic - local users authenticate as themselves
        Adapters List
        Local Area Connection 3 - Virtual Network
        IP Address 10.48.16.13
        Subnet mask 255.255.255.0
        Gateway server 0.0.0.0
        Local Area Connection 4 - Virtual Network
        IP Address 10.48.16.11
        Subnet mask 255.255.255.0
        Gateway server 0.0.0.0
        HP Ethernet 1Gb 4-port 331i Adapter #2
        IP Address 10.48.16.12
        Subnet mask 255.255.255.0
        Gateway server 0.0.0.0
        HP Ethernet 1Gb 4-port 331i Adapter
        IP Address 10.48.16.10
        Subnet mask 255.255.255.0
        Gateway server 10.48.16.1
        Network Shares
        WSUSTemp C:\Program Files\Update Services\LogFiles\WSUSTemp
        WsusContent e:\WSUS\WsusContent
        UpdateServicesPackages e:\WSUS\UpdateServicesPackages
        SYSVOL C:\Windows\SYSVOL\sysvol
        NETLOGON C:\Windows\SYSVOL\sysvol\wisd.local\SCRIPTS
        students E:\Student Shares
        Faculty E:\Faculty Shares
        KLSHARE E:\Applications\Kaspersky
        Users C:\Users
        TOSHLOUNGE TOSHLOUNGE,LocalsplOnly
        TOSHHSLAB TOSHHSLAB,LocalsplOnly
        HP LaserJet P2015 HP LaserJet P2015 PCL6,LocalsplOnly
        Elementary Lab Elementary Lab,LocalsplOnly
        Current TCP Connections
        C:\Windows\system32\mmc.exe (1640)
        C:\Windows\system32\mmc.exe (304
        Microsoft.ActiveDirectory.WebServices.exe (1844)
        System Process
        System Process
        TeamViewer_Service.exe (3692)
        dfsrs.exe (960)
        dfssvc.exe (4132)
        dns.exe (1444)
        hpsmhd.exe (4224)
        ismserv.exe (218
        javaw.exe (3352)
        klnagent.exe (8316)
        klserver.exe (4580)
        ksnproxy.exe (258
        lsass.exe (684)
        ntfrs.exe (2324)
        services.exe (676)
        spoolsv.exe (180
        squid.exe (3252)
        svchost.exe (316)
        svchost.exe (512)
        svchost.exe (6844)
        svchost.exe (688
        svchost.exe (956)
        svchost.exe (976)
        vmms.exe (4344)
        wininit.exe (580)




        This shows virtual Network connections, which I have recently setup because I setup the role for Hyper-V. But have yet to put a virtual server on the machine because I was waiting to ask around first.

        When our last Server 03 crapped, we had another 03 Server there as well, but it had already been moved to the side and was only for application services. Out of despiration I made it our domain server, added all the roles to it and left it for the week - 2 weeks before we had our new server in. With that, we had no problems. It wasnt until the 08 Server was in place that we have issues, and for the life of me I cannot remember doing anything different from the 03 setup to the 08 setup that should have caused these issues.

        Oh, and I have disabled IPv6 after looking online before coming here to see if I could find a solution some had mentioned that might be a problem.

        Ah, and I forgot I am going to want the Web ISS on the server so that I can run a php helpdesk site throughout the district.
        Last edited by R1CH4RD25; 5th April 2013, 14:33. Reason: Adding more info...

        Comment


        • #5
          Re: Stand Alone Server 2008 in Education Environment Setup Help

          Client appears to have an external DNS server (208.x.x.x) so isn't aware of the DC

          How are the clients getting IP addresses -- suggest you enable DHCP on the server.

          In general, all should use the DNS server for name resolution, with the DNS server using forwarders to the ISPs servers (or google etc) to resolve outside addresses
          Tom Jones
          MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
          PhD, MSc, FIAP, MIITT
          IT Trainer / Consultant
          Ossian Ltd
          Scotland

          ** Remember to give credit where credit is due and leave reputation points where appropriate **

          Comment


          • #6
            Re: Stand Alone Server 2008 in Education Environment Setup Help

            Correct, this client is using the 208.xxx for the DNS, because that is the opendns that I had to set win7 machines too in order for them to not have connection errors when opening IE. If that is not in place, the client machines will have a DNS connection error in IE on a very regular basis. This was the quick fix that I do not like and really the main reason I am here looking for guidance. I dont want the DNS set like that, but otherwise the connection issues really cause problems with clients.

            Clients are getting IPs in one of two ways, either DHCP (Most student client machines), or static (Teacher machines). The reason for static is that the teacher machines have Youtube and other website access that students do not through our regions firewall. If they are restricted, they are in an IP range that is handed out through DHCP.

            Now, maybe I am doing something wrong with the IP assigning. I have my address pool in my DHCP to exclude addresses from distribution, which is the range that I have my teacher machines set to.

            Start IP Address . . . . . . End IP Address . . . . . . . . . Description
            10.48.16.2 . . . . . . . . . . . 10.48.16.255. . . . . . . . . . Address range for Distribution
            10.48.16.2 . . . . . . . . . . . 10.48.16.50. . . . . . . . . . . IP Addresses excluded from distribution (These are server, printer, and NAS IP's)
            10.48.16.170 . . . . . . . . . 10.48.16.200. . . . . . . . . . IP Addresses excluded from distribution (These are faculty/teacher IP's)



            ... Oh, and I have set one of my teachers up with instructions that when they get the error (since I have changed their DNS settings) to run a script that will capture a ping. Waiting on the error to occur with DNS connection for them to run the script and get back with me.
            Last edited by R1CH4RD25; 5th April 2013, 15:51. Reason: BTW...

            Comment


            • #7
              Re: Stand Alone Server 2008 in Education Environment Setup Help

              If you need to specify an external DNS server, something is very wrong with AD -- the integrated DNS on your DC should use root hints or forwarders to resolve external addresses.

              Since the clients use an external DNS, which is unaware of your AD, you will get problems with logons, security and network access -- as a possible fix, add the DC as the first DNS server and opendns as the second, but this should not be seen as a permanent solution.
              Tom Jones
              MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
              PhD, MSc, FIAP, MIITT
              IT Trainer / Consultant
              Ossian Ltd
              Scotland

              ** Remember to give credit where credit is due and leave reputation points where appropriate **

              Comment


              • #8
                Re: Stand Alone Server 2008 in Education Environment Setup Help

                Well, currently if we have that externald DNS setup, be it primary or secondary, we do not have problems what so ever. We are running fine right now, its just if we drop that external DNS that problems tend to occur. Thats what I am looking to rid myself of.

                Comment


                • #9
                  Re: Stand Alone Server 2008 in Education Environment Setup Help

                  first step:
                  Get DNS setup on your server, and get the recursive lookup working
                  (configure your forwarders to opendns if you wish)

                  make sure dns is working on your server - IE, youi can resolve external addresses.

                  once that works, you should be able to point the domain clients to the DC and only te DC, and it should then work.
                  Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

                  Comment


                  • #10
                    Re: Stand Alone Server 2008 in Education Environment Setup Help

                    Originally posted by tehcamel View Post
                    first step:
                    Get DNS setup on your server, and get the recursive lookup working
                    (configure your forwarders to opendns if you wish)

                    make sure dns is working on your server - IE, youi can resolve external addresses.

                    once that works, you should be able to point the domain clients to the DC and only te DC, and it should then work.

                    As soon as a time comes available I will attempt this. I am guessing best means would be to remove all rules and start from scratch with the DNS, then add the other rules after this works correctly?

                    Comment


                    • #11
                      Re: Stand Alone Server 2008 in Education Environment Setup Help

                      Do you mean ROLES rather than RULES?
                      If so, you need to work with AD at the same time as DNS

                      IMHO you should not need to remove roles at all, just fix server DNS then use DHCP to propagate changes to the clients
                      Tom Jones
                      MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
                      PhD, MSc, FIAP, MIITT
                      IT Trainer / Consultant
                      Ossian Ltd
                      Scotland

                      ** Remember to give credit where credit is due and leave reputation points where appropriate **

                      Comment


                      • #12
                        Re: Stand Alone Server 2008 in Education Environment Setup Help

                        Roles yes, sorry.

                        Am currently testing with forwarders being opendns and changing all clients back to point to server only. *Crossing Fingers* Will see what happens.

                        Comment


                        • #13
                          Re: Stand Alone Server 2008 in Education Environment Setup Help

                          Originally posted by R1CH4RD25 View Post
                          Roles yes, sorry.

                          Am currently testing with forwarders being opendns and changing all clients back to point to server only. *Crossing Fingers* Will see what happens.
                          I would use your ISP's DNS servers rather than OpenDNS.

                          Comment


                          • #14
                            Re: Stand Alone Server 2008 in Education Environment Setup Help

                            reason I suggest openDNS is it allows you to track/block dns entries
                            for instance - block all DNS Lookups for itunes..
                            Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

                            Comment


                            • #15
                              Re: Stand Alone Server 2008 in Education Environment Setup Help

                              Alright, I am back with a few updates of my situation, which has grown in complexity if anything.

                              First off, I have setup for our DNS server to be the only DNS server that the client machines point to, and have removed the forwarder for OpenDNS. Thus far, we are not having any issues as previously mentioned with connecting to the internet and viewing websites. However, we are still having issues with the RPC server being available for students to logon to our NComputing systems running Server 2008 R2. (10 sessions on one machine, and 5 on the other)
                              I have also made the following change after reading around on some posts online: I have removed the static IP from the machine itself and instead made a DHCP reservation on the server as to keep the teacher machines the same at all times.
                              Used to however, after 20 seconds the logon would work, now I have to manually logon to the machine itself and ping the server, then it will work. This is also the case for students that have issues connecting to their network shares mid-session. I am finding that it is also doing this for other machines on our network that have mapped network drives. After a period of inactivity to our server, the machine will show to lose connection to the network share, then will regain after a couple of attempts to access or after a ping of the server.
                              Another note, and I know this is not recommended but was needed for a testing session and now apparently has more underlying things then I previously thought, but the firewall is currently set to off for the domain. Otherwise, we have all sorts of problems logging on to the server and accessing the internet, constantly getting DNS errors. The ports are showing to be open on the server when the firewall is on, but still no go. This will have to work for 2 weeks until I can get time to work on the server when students and teachers are gone.

                              I appreciate y’alls help in this matter as I know it is above my current scope.

                              Comment

                              Working...
                              X