Jump to content
RESET Forums (homeservershow.com)

Windows Server 2012 Release Candidate Essentials remote client loses its Internet connection, here's your DNS-related fix.


tinkererguy
 Share

Recommended Posts

If you find a PC has trouble connecting to the Internet after you've installed the connector, here's the likely reason why (it changes your DNS to point to your server, and a service makes that change over and over again). So here's the fix:

http://tinkertry.com/whs2012e-dns-fix

 

Curious about others thoughts on this?

Link to comment
Share on other sites

Haven;t installed it yet but is the new server the only DNS server on the LAN or can you revert back to something like an unTangle box?

Link to comment
Share on other sites

I read your article. I was kind of chuckling reading the first part about changing the IP4 settings. I was thinking, "This is pretty basic stuff." Then I got to the part about the LAN service :) Thanks for the info.

Link to comment
Share on other sites

Guys, you need to be very, very careful about changing client DNS settings in a domain environment. When the server is setup as a domain controller, it will configure itself as a DNS server and also setup a number of DNS zones corresponding to the domain name you have chosen. Within this zone will be a number of, what are called, SRV or service records, these are entries which tell the client computers the address of the server which is running certain roles.

 

For example, when you log in to a PC on a domain, among other things the PC needs to know the address of the server which is responsible for authenticating the user - the client use a DNS lookup to find this out and it can only do so if the DNS server it is using hosts the proper zones.

 

So imagine I set up a server called Server1 with an IP address of 192.168.100.1 and a domain name of MYDOMAIN.LOCAL. I attach a client PC to the network using the connector tool and it sets up the PC to use 192.168.100.1 as its DNS server. When I try to log in, the PC looks to the DNS server to find the addresses of the server(s) which hold the other services - in practice this will all be the same physical server but remember that active directory domain systems are almost infinitely scalable, the system is geared to allow for many redundant servers each holding different roles. If you leave it as set up by the connector then everything should work ok.

 

Now suppose I want to use say Google's DNS server on 8.8.8.8, if I manually change the settings on my PCs as per the article and then try to log on, the PC basically says to Google's DNS server, tell me the IP address of the server responsible for the MYDOMAIN.LOCAL logins. Naturally Google's DNS won't know this and eventually times out - the PC then starts sending out broadcasts to find this information out but this slows down the whole login process. In the home environment this 'probably' won't be too much of an issue, but in the corporate environment, misconfigured DNS entries is the number one, two and three reason for slow logins and other 'odd' things.

 

 

Just a thought.

 

John

Edited by jem101
Link to comment
Share on other sites

I believe he was referring to remote machines. There is now way for an external client to know the address of the localized DNS Server without some help and quite possibly this is why you can only connect to the server and no other client PC's.

 

I haven't gotten into this yet on a server build but it does sound like an interesting problem to attack.

Link to comment
Share on other sites

I assume WSE2012 domains will operate much the same as WS2003 ones do, as far as allowing client PCs to get to the internet is concerned? A few years ago I had a 2003 domain and I found that the DNS Wizard did a great job of setting up the DNS Server and finding and configuring the path to the internet. I'm hoping WSE2012 will do at least as good a job.

Link to comment
Share on other sites

If WSE2012 follows the same scripting practices as were used in the SBS product line, it's really point and click. Kind of fool proof, I didn't say idiot proof mind you!

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...