Hyper-V
#Setup
*main physical PC is using the IP address (192.168.2.2)
*Installed Windows Server 2012 R2
*DC is using (192.168.2.13 – 255.255.255.0) via external switch
*Guest PCs (Windows 7 pro x64)
*Firewall is off for Guest
*Guest has already joined the domain and current ip is dhcp using external switch (192.168.2.14 – 255.255.255.0)
*Both can ping each other and the host pc
*Installed AD DC and configured it successfully on DC
*Installed DHCP, DNS roles and configured it successfully
#What I'm trying to achieve
AD DC with working DHCP and DNS
#Problem
scope with 192.168.5.1-192.168.5.20 sub 255.255.255.0 not working, means client pc not receiving ip address from scope, it's getting a dhcp ip (192.168.2.14) from the external switch
DHCP log is creating error events 1035, 1036, 1045, and 10020
#I already did
*Release and renew ip many times
*Set static ip for DC and loopback dns
*Change vSwitch for both DC & client PC to internal & private but they're not working and getting APIPA ip addresses so i revert back to external switch
*Checked for DHCP administrators and dhcp users groups and they are already there
*Adding administrator user and normal user credentials to DHCP administrators and user groups
*Unauthorize and reauthorize scope
*Deactivate and reactivate scope
*DNS configured correctly
*Deleting the DHCP file from AD Sites and services and then reauthorize the scope
*Turn off firewall for DC
*I even installed new windows server 2016 and reconfigured everything
*Many many restarts server and DHCP service but no luck
Errors 1035, 1036 is successfully gone but 1045 is still there, also 10020 is here but i don't use ipv6 so I don't care about it.
Do you have a static IP on the DC that you are wishing to use as the DHCP server that is on the 192.168.5.0 subnet? There must be an interface on the network that you wish to hand out IPs on.
The only other way around this would be to add a route on your external switch (If Layer 3 capable) and add a DHCP Helper if that is an option on your particular switch.
Related
I am trying to login to a newly created sql server in azure.
Before connection, I am adding my client ip programmatically using azure-python sdk.
Once my client ip is added, I try to login to database.
ProgrammingError: ('42000', "[42000] [Microsoft][ODBC Driver 17 for SQL Server][SQL Server]Cannot open server 'x' requested by the login. Client with IP address 'yyy.yy.yy.yy' is not allowed to access the server. To enable access, use the Windows Azure Management Portal or run sp_set_firewall_rule on the master database to create a firewall rule for this IP address or address range. It may take up to five minutes for this change to take effect. (40615) (SQLDriverConnect)")
This ip is different from the public ip that I get in my machine. What is the reason? I am connected to my company vpn.
I used this to retrieve my client ip - https://checkip.amazonaws.com/ - xxx.xx.xx.xx
Also, used the add client ip in azure - this gives the same result as xxx.xx.xx.xx.
What is the ip yyy.yy.yy.yy here? How can I retrieve this so that I will be able to whitelist this programmatically?
My suspicion is that you are connecting to your Azure service via your VPN tunnel, not your primary interface; therefore you would not be presenting your public IP to the Azure service. The IP you are fetching from your checkip URL is your public IP.
You can verify this by checking the output of route print in a Windows terminal or simply route in Linux. While your VPN is active, you should see the subnet of your Azure service listed with an interface that does not match your LAN IP. Something like this:
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.12 25
172.31.0.0 255.255.0.0 10.168.0.100 10.168.44.64 1
In the above example, the first row shows my LAN interface as the default route (192.168.2.12) which will be used for everything (0.0.0.0); except when I'm trying to get to 172.31.0.0/16 (my "azure service", hypothetically). In which case the 10.168.44.64 interface is used, which in this case is a VPN interface.
The default interface that uses 192.168.2.12 would present my public IP to services online that do not match the VPN rule, for example, your checkip URL.
If this is the case, then you'll want to add that subnet specified by the route command for your VPN interface, or the exact IP, depending on your requirements. In this example it would be 10.168.0.100.
If you wanted to do it programmatically, then you'd have to fetch the current IP of your VPN interface.
I am joining Linux and Windows instances to an AD domain (). The machines are joining fine to the domain and I can use ssh/RDP using the AD credentials to login to the machines post domain join.
I can also get all the computer objects (host names) by running Get-ADComputer -Filter * on a windows server and providing the domain credentials. The issue is that, the host names for Linux based computers are not resolving to an IP address. Whereas all Windows hosts are resolving fine.
nslookup <windows-host> is returning host's FQDN and the IP address.
nslookup <linux-host> is returning Non-existent domain.
P.S: All these resources (windows and Linux hosts) are in the same network, using same DHCP/DNS server and can communicate to each other with no issues. Also I can resolve and connect to the AD domain from all these hosts
Any idea why this could be happening and how to resolve this ?
My use case is to get the IPs of all the computer objects in my AD domain.
Normally when using DHCP Windows will attempt to register its own A and possibly PTR records in the configured DNS, not sure about Linux. You may configure your DHCP server to update DNS for the clients (instead of leaving it to the clients themselves), i.e.:
To configure a DHCP server to register and to update client information with its configured DNS servers, follow these steps:
Open the DHCP properties for the server
Click DNS, click Properties, click to select the Enable DNS dynamic updates according to the settings below check box, and then click Always dynamically update DNS A and PTR records.
Source: https://learn.microsoft.com/en-us/troubleshoot/windows-server/networking/configure-dns-dynamic-updates-windows-server-2003
The other day I was trying to RDC from my work laptop to work desktop using my PC's hostname but it could find the desktop. Later on I tried with my desktop's IP which worked. Both the time I was on premise and was connected to the network physically.
I could RDC every other computer in our network.
After my research, I checked firewall was disabled, flushed and re-registered dns etc. Everything seems to be in order. However, when I tried to do reverse DNS lookup it didnt work for my desktop.
After that my IT guy and I checked everything on the AD server and there was no entry for my hostname or the IP. So we manually added the dns record which didnt work either.
Following is the note from IT:
AD / DHCP on a server on a different subnet DNS on another server on
the above subnet
The Pc is on a VLAN again different subnet. The Cisco Switch controls
the VLAN but talks to DHCP server for scope
Even adding the A host on forward lookup manually can’t resolve using
hostname for ping / mstsc. Both work for IP so deff DNS issue.
Tried to ipconfig /release and renew after giving a different PC the
IP address that was originally assigned to this one thinking it would
force DNS to update.
There is no entry for the IP or the Hostname in DNS even when the IP
changed after a renew. The firewall on the PC is off. However there is
the entry in the DHCP address lease table.
Tried flushDNS and ReregisterDNS.
If anyone could point me to the right direction here I would be grateful. Also, if you need further information please let me know.
Thanks
This is not the correct forum for this question. However, I can point you in the right direction.
Your correct that this is a DNS issue (so it seems).
The entry that is missing is from the host you are trying to reach (not the client that your trying this from).
Make sure all of the systems are using the same DNS servers. Make sure the DHCP Client Service is running (even if IP address is hard coded) as that is what actually records the the host name and IP address in DNS.
It sounds like you have the routing set up or you would not be able to do it by IP address.
Is the DNS zone in AD set up to allow dynamic updates? Do you have the domain name being sent out via DHCP?
Windows will (but not always) try to find a host by DNS and will fall back to a broadcast for the PC name. This might be why it works from one VLAN, and not from another.
I make a web site to my local. I set bindings local.com and www.local.com. I add hosts xml to
127.0.0.1 local.com
127.0.0.1 www.local.com
So, I can connet on my pc like
local.com,
www.local.com,
192.168.1.35
But another pc on my network can't conenct with friendly name
www.local.com,
local.com,
But same pc can connet with ip
192.168.1.35
How can that another pc connect with friendly name ?
IP Addresses are the numerical identification for each device on a computer network.
Named Addresses invented, because remembering each device Address's turned to a difficult job.
So someone must know's which names must be converted to which IP Address.
DNS Servers are responsible to do this translation. But you done that locally. Actually you don't have a DNS Server on your local System, So you can't tell to others that "WWW.Something.COM" is my Address.
If you didn't connected to the internet, you must establish a DNS Server or done this task manually in all clients:
https://helpdeskgeek.com/networking/edit-hosts-file/
Running a DNS Server is another task. you can search for DNS Server applications like https://simpledns.com/ or you can setup a DNS Server using Windows Server. for both scenarios you need to tell to your clients to add your DNS Server Address to their network Adapter settings.
or If you are connected to the Internet, you can Use a NoIP to register a free Address:
https://www.noip.com/
you then need to download an application (In Noip.com) to monitor IP changes, it will monitors your IP address and it changes and then tells to NOIP.com to translate your address into your current IP address.
Actually NOIP will registers your address globally around the Internet network and each one who can access to the internet is able to reach to your address.
I have configured a virtual network and have a DNS server (by doing DCPromo on a VM). Somewhere I read that this DNS server being "first" in the network will get a IP address of x.x.x.4, So I assumed that, spinned three more machines and then joined them to the domain. When doing the joining, I choose in the network adapter setting 10.0.0.4 as the DNS server but left the IP addresses empty so that DHCP can assign them.
When I reboot my DNS server, I see that the machines I assigned to the domain have all lost their DNS address (resolves some arbitrary 169 series) and I forced to re-enter the domain DNS server again.
Am I not supposed to rebooting DNS in Azure?
If I do have to reboot (say windows update), does that mean that I have to reconfigure ALL the machines to the DNS server addresses AGAIN?
Cheers
VJ