Jump to content
RESET Forums (homeservershow.com)

Are there limitations in Windows Server 2012 Essentials R2?


Pete
 Share

Recommended Posts

Software wise / code, is there a difference between 2012 Essentials R2 and Server 2012 Standard R2 in regards to functionality?

 

Out of the box, installing 2012 Essentials R2 by default installs (roles) as a domain controller (AD DS), installs DNS, installs Directory Services and Certificates, installs File Services.

 

Installing Server 2012 Standard R2, out of the box, is just a bare server waiting for roles to be installed.

 

I get this.

 

Here is where my question is.  I have 2012 Essentials R2 installed.  As it is a DC, I have joined a number of computers to my domain.  No problem, however, I did have to modify each computer's network settings to point to the server for DNS (when set with DHCP they could not join the domain saying "no domain controller found"). 

 

So I decided to set up my server with DHCP role, but when trying to install that role I get an error saying it wont install.  Is this a limitation of 2012 Essentials R2?  Do I need to do a new install of 2012 Standard R2 as a DC, add the Essentials role and the others listed above in order for me to have DHCP on my server? 

 

Link to comment
Share on other sites

No I think his problem is the other way round - his existing DHCP 'server' (and I'm going to assume that it is his router) isn't giving out the proper information so that clients on the network can find the authoritative DNS server for the domain.

 

So first things first, on your existing DHCP server find the settings for controlling the 'scope' as it is referred to. Make sure that the one and only entry for DNS Servers is the IP address of your Essentials box. Yes I know it's tempting to also include the IP address of the router or your ISP's DNS settings but just don't.

 

Secondly - yes you certainly can install the DHCP role on a Server 2012 (or 2012 R2) Essentials box. BUT it really, really doesn't like it if it finds an existing DHCP service running on something else on the same network. It's a big no-no (well actually you can do it if you are careful with the scope settings) so much so that Essentials will check to see if it can see another DHCP server first and bail-out from installing the service if it sees one. So try disabling DHCP on your router (or whatever) first and then re-try.

 

John

Link to comment
Share on other sites

Good idea ya'll.  I didnt even think about turning off the DHCP from router "before" trying to install. I was going to turn it off "after", but like you two suggested, it probably bailed once it saw the router was providing services already.  I'll try these at home, and if still a fail, then I'll go with John's suggestion of editing the DNS entry on the router to point to the server.

 

Question about DNS:  my server is providing DNS to my home network, but shouldn't there be an external DNS entry in my server so "IT" can find stuff out on the internet and resolve back to my network?  I've never set up DNS before.  Its just pointing to itself right now. and it seems to be working...

Link to comment
Share on other sites

The article I showed you is how it should be done if you are not going ot join the clients.  You could make the server the Primary DNS and the router the second.  If you need a third, use Google.  8.8.8.8

Link to comment
Share on other sites

Best practice with domain DNS is that the client PCs should only point to the local DNS server, and it is even more important for the domain controller to do the same.

 

DNS servers work on a basis of 'I don't know the answer to that question but I know someone who might!' Your DNS server on the Essentials box knows everything there is to know  If you don't do any other configuration on the DNS server then it will have an internal list of the root DNS servers that it can forward queries to. This is what you effectively done at home and as you point out it seems to be working. The whole system works something like this, and I'll apologise in advance if I've gone a bit overboard with the explanation but the majority of issues I come across with domains tend to be DNS related and knowing how it works can really help pin down future issues.

 

Imagine your internal domain is called mydomain.local and you have a server called server1.mydomain.local (on 192.168.1.1) and two computers called PC1.mydomain.local and PC2.mydomain.local (on 192.168.1.100 and .101). This assumes that the two PCs are joined to the domain and DHCP has been setup with the correct setting to append the domain name properly and that the two PCs and the server all have DNS pointing to the server itself. Often in real life, you don't really notice the domain name being appended on (referred to as the machine's fully-qualified domain name).

 

Your server is the domain controller and as a DNS server for the domain-the important thing is that your DNS server believes (and it is right to do so) that it knows everything there is to know about your domain - in other words it is 'authoritative' for your domain.

 

So on PC1 you enter 'ping server1', the PC appends the mydomain.local to the name, checks the IP address of the DNS server it is supposed to use (192.168.1.1) and forwards the request on. The server checks the request and finds that it is for a machine on the mydomain.local domain and thinks to itself, 'well I know everything about that domain so I'll have a look in my zone record file'. The server checks, finds it has an entry for server1.mydomain.local with an address of 192.168.1.1 which it returns to the PC. The PC now knows the address of server1 and so can ping it. The same happens if you try to ping PC2.

 

Suppose now you enter 'ping www.google.com'? The same thing happens, your PC forwards the request to server1 but this time server1 realises that it is not authoratative for the .com domain so forwards the request onto one of the servers listed in its root hints table. One of these servers responds with something like 'I don't know but here is an address for a server which is responsible for .com' So your server then tries that address and may get a response like 'I don't know about the www bit but here is the address of a server responsible for google.com'. FInally your server tries that address, gets the answer it needs and returns it to your PC which can then ping it. 

 

All sounds very complex but quite elegant in the way it works and luckily all this is hidden from sight and just takes place in the background. The really clever part is that your server, now it knows the address of www.google.com (say 172.194.41.145), remembers it (or caches the result) for a period of time, so if a few minutes later you try again or if someone on PC2 tries to ping www.google.com, your server can respond with the cached answer immediately.

 

Another thing you can try, and opinion varies massively on whether this improves things or not, is that you can add forwarders in to your DNS server, say Google's DNS servers on 8.8.8.8 and 8.8.4.4 or even your ISP's DNS server. Now when it gets a request that it doesn't know, your server simply forwards the request onto these servers where hopefully the results has already been cached and can be returned quickly.

 

Lastly what would happen if I went to PC1 and entered 'ping PC3.mydomain.local'? The request gets sent to server1 but this time when it checks its records for mydomain.local and doesn't find an entry for PC3, it won't look any further. The reason being that it knows it is authoritative for the domain, no other DNS servers can know more than it does about this domain and hence it simply returns a 'no such name' result.

 

John

  • Like 1
Link to comment
Share on other sites

Nice jem101. It's good to have an internet 101 post once in a while.

 

'Course all of what you posted only works as long as the server has the correct Default Gateway IP ;)

Link to comment
Share on other sites

John,

 

Thank you so much.  That explains a lot.  Can you explain how to set up a "forward" record as you mentioned about Google DNS (8.8.8.8, 8.8.4.4), as I had those as my "additional DNS servers" in my TCP/IP settings, but it (server) didn't like it (I think I was getting alerts in the BPA or something like that.  I was thinking it had to go into the DNS settings on the server somewhere.

 

And can you explain the "reverse look up zones" as that is fuzzy too.  I looked at some YouTube videos about it and something about putting an IP address in there, but you only put the 1st 3 octets, and then it is listed "backwards"???  For example, if you put in 192.168.1.0, it comes back as 0.1.168.192 (or something like that).  Very confusing.

 

Thanks Pal.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...