Installing Win2k3 with Roles DC - AD - DNS Server for MCSA Exam Prep

Jay Bollyn · ‎01-16-2005

I am preparing for MS Exam 70-270. Since my office network uses Novell, not domains or AD, I would like to install win2k3 on my home Ethernet LAN, for hands-on test prep. I would like to run AD, and the server would have the roles DC and DNS server, among other roles. One server and 2 or 3 clients.

In the past, when I have tried to add the role of DC to an existing win2k3 server in my office network, I was unable to add this role. It seemed I needed some kind of write access to our DNS server, which I do not have. At the time, I did not try to add the role of DNS server to my server.

Since I have complete control and authority on my home network, should I be able to achieve my goal? It would be nice if the server were fully functional, for both Intranet and Internet purposes.

Here is a link to a thread I posted on another Forum, which is related:

http://www.techexams.net/forums/viewtopic.php?t=6490

Thanks for any info.

:-) Jay

check Facebook

Colin_29 · ‎01-16-2005

Jay

I don't see any reason why it won't work. Firstly you install Win2k3 and then promote it to be a domain controller by running DCPROMO. The promotion process will install DNS on the server (if it is not already there). This is a local DNS not one out on the Internet so you will need to either let the server use root hints or point to forwarders in order to achieve your other goal of Internet access.

It is better to let the DCPROMO process create your DNS because if you do it manually then it will not get fully populated with the AD stuff although for exam purposes you may need to do it both ways.

If you get a good book, such as one from the Microsoft Press, it will take you through all the steps.

Colin

Rune J. Winje · ‎01-16-2005

Also another tip when doing this kind of setup is to use virtual machines.

Vmware Workstation is my favourite, but I guess MS Virtual PC will also do the trick (although my tests with this product seems to show a much slower installation and more resource-hungry footprint than Vmware)

Basically if you have enough RAM and CPU and disk you can run 2-4 virtual machines concurrently on the same PC and they can be networked behind a NAT with their own (virtual) network. For example 2 servers and 1 client. This is fairly ideal for reproducing most labs in the 70-270 and other MS exams.

I have even been able to run Ethereal network capturing running on one virtual server to catch inter-forest traffic when looking up a user name in another forest...

Another very nice side-effect is that you can backup your virtual machines which are basically just one big file per machine and thus you have a very easy "fallback" if you mess up the configuration on your virtual machine or want to get back to original to do new labs from scratch.

http://www.vmware.com/products/desktop/ws5_beta.html

http://www.microsoft.com/windows/virtualpc/default.mspx

Cheers,
Rune

Rune J. Winje · ‎01-16-2005

P.S. Regarding your DNS question. Let DCPROMO install DNS. Take care be connected to the network when doing this or the DNS server can be configured as a "root" internet server.

Ref "step 3":
http://support.microsoft.com/default.aspx?scid=kb;en-us;323380

When DNS is up&running for your domain/forest, define a "forwarder" to an external (internet) DNS server, that way you will be able to browse the internet also.
Forwarders-tab -> "All other domains" & Add IP of external DNS.

(step 4 in above linked doc)

A forwarder generally tells DNS "ok, for all name requests other than my own private domain/dns-zone I will ask the DNS server(s) defined as forwarder(s)"

Cheers,
Rune

Norman_21 · ‎01-17-2005

Jay
I think the guys have provided excellent guidance!
However, I would like to add few comments. I think that you should focus more on the FSMO roles as part of the AD. As explained before, DCPROMO will take care of the DNS Server installation but you must have a good understanding of the DNS and that can be achieved using the Multi Media Video Training from Microsoft available for free, download the ISO image from here and burn it into a CD:
http://support.microsoft.com/default.aspx?scid=kb;en-us;330511

As far as using Virtual Machines, it's a very good idea of which I'm using at home too and since I'm mostly familiar with VPC 2004. I will advice you to enable the UNDO DISK setting of the Virtual Machine you'll be running as the Win2K3 or Win2K Server. The UNDO DISK will give you options when you shutdown the Server to either save your changes to the Undo disk, or virtual HD or to delete the changes. If you selected delete changes, all the changes and the setup you made will be gone the next time you boot your server up and the Virtual Machine will start like you've just installed it. This is used in most Labs...
I'm not sure if VmWare has an option like the UNDO Disk?

Please keep asking if you have more questions.

Hope this help

"Attitudes are contagious, is yours worth catching"/ My first point was given by SEP on January 31, 2003

Jay Bollyn · ‎01-20-2005

I think my AD and DC is not setup correctly on my home network. My ISP is comcast.net, so I am using attbi.com as the DNS suffix (attbi was acquired by comcast). Here is a screen capture:

http://www.neiu.edu/~jbollyn/mcsa/ad-problem.jpg

My server's NetBIOS name is P4-SERVER1, and I am running NetBIOS on my home LAN.

According to this doc:

http://www.petri.co.il/how_to_install_active_directory_on_windows_2003.htm

...I *should* be seeing SRV4, as follows:

http://www.petri.co.il/images/ad_check4.jpg

I am able to logon to my LIBDOMAIN1.attbi.com, but I get the long delay at 'preparing network connections', which according to the above link indicates a AD DNS problem.

It seems like my missing SRV4 is a critical error, but I don't know why it is missing, or how to fix it.

Any advice appreciated.

:-) Jay

check Facebook

Norman_21 · ‎01-20-2005

Hello Jay,

Use your own DNS suffex instead of Comcast attbi?

Uninstall DNS and reinstall it again. During the installation, create your own DNS suffex name, e.g):
P4-SERVER1.jay.com

and finish up the DNS setup. When done, Configure DNS Forwarders:
http://support.microsoft.com/default.aspx?scid=kb;en-us;323380#7

Make it easy, do not sweat it my friend.

Return for any more questions

"Attitudes are contagious, is yours worth catching"/ My first point was given by SEP on January 31, 2003

Norman_21 · ‎01-20-2005

In the DNS Forwarders tab, you'll need to enter the Comcast DNS server IP address.
You can look it up using nslookup command or use IPCONFIG at any of the computers in your LAN.

I've seen small business building where they used the Cable Router IP address as the DNS IP address.

Hope this help

"Attitudes are contagious, is yours worth catching"/ My first point was given by SEP on January 31, 2003

Omar Senussi · ‎01-21-2005

Hi Jay,
The only other thing that I can think of to add to the comments from the Top Guns above is to watch out to configure reverse lookup zones. I found that using ip addresses in the range 192.168.254.x gave some persistent error messaage in the event manager for my machine which I had given a fixed IP address to and not seen fit to inform the server... details, if you want to look are at http://forums1.itrc.hp.com/service/forums/bizsupport/questionanswer.do?threadId=770980

Other thanthat.. good luck with the exam(s)

Omar

If you can keep your head whilst all around you are losing theirs... You haven't understood the situation!

Norman_21 · ‎01-21-2005

Jay

I believe that your Cable Router should have the C Class Private IP address by default:

IP Address: 192.168.1.0
Subnet Mask: 255.255.255.0
BroadCast IP: 192.168.1.255

So your LAN will be using above IP range by default including your Server.
As far as DNS reverse lookup zones, the pointer will be your Server IP address and in the DNS Forwarders Tab, you'll enter your ISP DNS IP address or the router IP address which will help the clients to resolve any DNS queries not answered by your DNS Server.

Note that if your Server is a DHCP Server, then do not setup your Router as the DHCP Server. Instead, let the router act as your gateway and setup a DHCP scoupe in your DHCP Server.

Finally, it really depends on your setup and on your ISP too.

Omar,

In your link, you seemed to have a problem with your workstation not the server. Also, one of the peers over there didn't make sense when he said "do not use DNS Server IPs starting with 192.168.x.254"?
It really depends on how you setup your LAN.

Hope this help

"Attitudes are contagious, is yours worth catching"/ My first point was given by SEP on January 31, 2003

Omar Senussi · ‎01-22-2005

Thanks Latif,
I know that the ip address range depends on my config. It was the DHCP configuration that impacted on the DNS.. Yes the client was complaining.. but because the server (DHCP) hadn't been correctly configured for my fixed IP.

If you can keep your head whilst all around you are losing theirs... You haven't understood the situation!

Jay Bollyn · ‎01-22-2005

Thanks to everyone!

I have still been unable to install AD and the DNS server without errors in the System and DNS Server Event Logs. However, using VMware, both the host OS (win2k3 DC) and the guest OS (winXP domain client) are working well enough to allow me to prepare for the 70-270 exam, which is my immediate goal. I will take another look at these errors as I gain experience with AD and DNS server configuration.

When these errors are resolved, I will re-open this thread and append a new summary, so everyone knows which suggestions actually worked.

:-) Jay

check Facebook

Jay Bollyn · ‎01-31-2005

Author's Note: My 22-Jan-2005 msg (above) was a 'close thread' msg.

I believe my DC - AD - DNS server installations (both office and home) are working. I needed to install the DNS server manually. I don't know exactly what was going wrong with DCPROMO, but it simply did not work for me.

I am really enjoying AD, especially the 'list in directory' feature.

:-) Jay

check Facebook

Jay Bollyn · ‎02-14-2005

My above thread was a 'close thread' msg.

It appears my solution was to use static addresses for servers AND clients. Using DHCP seems to cause problems for AD. I will keep this open briefly for comments.

:-) Jay

check Facebook

Norman_21 · ‎02-14-2005

Jay,

It appears that your problem is laying within the DHCP Scope Options?

Make sure the DHCP Service Server/Client is enabled and started at the server level.

At the client level, make sure the DHCP service is started too.

The DHCP Server must have static IP's configured properly for the subnet as well as the default gateway.

Let's assume your Server IP settings as following:
DHCP Server 192.168.1.2
DNS Server IP 192.168.1.2
DNS Domain Name jay.com
WINS Server 192.168.1.2
Gateway 192.168.1.1
Subnet Mask 255.255.255.0

The DHCP Scoups options should have the same settings:
Open the DHCP Snap-In from the Administartive Tools
Under your Server Scoupe>Scoupe Options>
003 Router Standard 192.168.1.1
006 DNS Servers Standard 192.168.1.2
015 DNS Domain Name Standard jay.com
044 WINS/NBNS Servers Standard 192.168.1.2
046 WINS/NBT Node Type Standard 0x8

Refer here for more details:
http://tinyurl.com/6ezx3

Hope this help

"Attitudes are contagious, is yours worth catching"/ My first point was given by SEP on January 31, 2003

Omar Senussi · ‎02-14-2005

Hi Jay,

Just a quick note about the fixed IP clients..

I was getting the errors I referred to above until I set the reservations correctly in DHCP.. by allocating a range for dynamic addresses, and reserving a block for fixed ip.

If you looked in reservations, (block above the scope options referred to by Latif) you'd see entries like

[192.168.1.100] client1.jay.com

If you can keep your head whilst all around you are losing theirs... You haven't understood the situation!

Jay Bollyn · ‎02-15-2005

Thanks guys,

I should have said earlier that my win2k3 server does not currently have the role of DHCP. In the office, we are running bootp on a UNIX server which is not under my control. At home, I have a Linksys BEFSR41 - EtherFast Cable/DSL Router with 4-Port Switch, which is configured as the DHCP server. Later on, I will run DHCP from the win2k3 server instead. This will be prep for exam 70-290.

Here is a link which is similar to my situation:

http://www.ntcompatible.com/thread27394-1.html

Here is a quote from the above link:

"Sounds like you're having DNS lookup problems, check your event log(s). The reason I ask about DHCP is because if the router is supplying DHCP leases, there's no (easy) way to have those address leases added dynamiclly to Active Directory. "

:-) Jay

check Facebook

Norman_21 · ‎02-15-2005

Ok Jay,
Now I know why?
Before you add the DHCP role to your AD, go into the Router and disable the option which makes the Router act as a DHCP Server. This way, the router will act as a Router not a DHCP Server. To do this, if I remember:
Open up the IE
http://192.168.1.1
user name and password to login to the router web based setup
Disable the option of "Act as a DHCP Server"
save your changes and log off

Make sure your Server has the router IP in gateway field of the TCP/IP

Now, install DHCP in your AD DC...

"Attitudes are contagious, is yours worth catching"/ My first point was given by SEP on January 31, 2003

Jay Bollyn · ‎02-16-2005

Thanks Latif,

I will give this a try sometime in the coming weeks. It would be too disruptive for the other family members (network users) on my home network right now.

I was very glad to find the link I posted above, regarding router-assigned DHCP addresses being a problem for AD. I really need to get a better understanding of AD.

Today was session #2 of a 12-part series: TechNet Webcast: Windows Server 2003 Administration Series (Level 100)

http://www.microsoft.com/technet/community/webcasts/default.mspx#ECAA

This series is good exam prep.

:-) Jay

check Facebook

Norman_21 · ‎02-16-2005

No problem at all Brother Jay!
I'll be glad to help and you're doing the right thing. I always believed that educational background is a very important aspect of life.
The Technet WebCasts are the best!!!

Do not hesitate to ask any questions?

"Attitudes are contagious, is yours worth catching"/ My first point was given by SEP on January 31, 2003

Norman_21 · ‎02-16-2005

##It would be too disruptive for the other family members (network users) on my home network right now.##

Don't worry about that. Just setup the DNS and the gateway IP's of their PC's with the Router IP address. Thier setup will be Static temporarly until you get your Server up and running.
It should work!

"Attitudes are contagious, is yours worth catching"/ My first point was given by SEP on January 31, 2003

Omar Senussi · ‎02-16-2005

Hi Guys,
As an adjunct to Latif's suggestions above, It should also be possible to limit the ip range of the dhcp on Linksys to say, a range of 10 ip addresses.. and set up a separate dhcp on your server.. (clearly, with a different scope)
That way you can fiddle around with both dhcp and dns on the server..whilst, as Latif suggested, the existing clients will rely on the router to take the strain.

If you can keep your head whilst all around you are losing theirs... You haven't understood the situation!

Jay Bollyn · ‎02-19-2005

The win2k3 role of DHCP Server was indeed easy to setup and configure. Since the PCs on my home network were using static IP addrs anyway, my router's DHCP server feature was not being used, so I disabled it.

:-) Jay

check Facebook

Norman_21 · ‎02-20-2005

Hey Jay

Glad to hear all is well. I believe there are more to learn about DHCP but it'll be beyond your Exam scope.

Keep us updated
This is a very useful thread for the others!

"Attitudes are contagious, is yours worth catching"/ My first point was given by SEP on January 31, 2003

Jay Bollyn · ‎02-21-2005

Thanks Latif,

I am still having a problem with my home network, but it does not affect my immediate goal of passing 70-270. I will start a new thread for that issue. I have a major system going online Wednesday, so that will take all my time until perhaps Friday.

I think the best threads are focussed and short. When they get too long and digress, everyone gets confused, because they are too hard to follow.

:-) Jay

check Facebook

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Installing Win2k3 with Roles DC - AD - DNS Server for MCSA Exam Prep

Installing Win2k3 with Roles DC - AD - DNS Server for MCSA Exam Prep

Re: Installing Win2k3 with Roles DC - AD - DNS Server for MCSA Exam Prep

Re: Installing Win2k3 with Roles DC - AD - DNS Server for MCSA Exam Prep

Re: Installing Win2k3 with Roles DC - AD - DNS Server for MCSA Exam Prep

Re: Installing Win2k3 with Roles DC - AD - DNS Server for MCSA Exam Prep

Re: Installing Win2k3 with Roles DC - AD - DNS Server for MCSA Exam Prep

Re: Installing Win2k3 with Roles DC - AD - DNS Server for MCSA Exam Prep

Re: Installing Win2k3 with Roles DC - AD - DNS Server for MCSA Exam Prep

Re: Installing Win2k3 with Roles DC - AD - DNS Server for MCSA Exam Prep

Re: Installing Win2k3 with Roles DC - AD - DNS Server for MCSA Exam Prep

Re: Installing Win2k3 with Roles DC - AD - DNS Server for MCSA Exam Prep

Re: Installing Win2k3 with Roles DC - AD - DNS Server for MCSA Exam Prep

Re: Installing Win2k3 with Roles DC - AD - DNS Server for MCSA Exam Prep

Re: Installing Win2k3 with Roles DC - AD - DNS Server for MCSA Exam Prep

Re: Installing Win2k3 with Roles DC - AD - DNS Server for MCSA Exam Prep

Re: Installing Win2k3 with Roles DC - AD - DNS Server for MCSA Exam Prep

Re: Installing Win2k3 with Roles DC - AD - DNS Server for MCSA Exam Prep

Re: Installing Win2k3 with Roles DC - AD - DNS Server for MCSA Exam Prep

Re: Installing Win2k3 with Roles DC - AD - DNS Server for MCSA Exam Prep

Re: Installing Win2k3 with Roles DC - AD - DNS Server for MCSA Exam Prep

Re: Installing Win2k3 with Roles DC - AD - DNS Server for MCSA Exam Prep

Re: Installing Win2k3 with Roles DC - AD - DNS Server for MCSA Exam Prep

Re: Installing Win2k3 with Roles DC - AD - DNS Server for MCSA Exam Prep

Re: Installing Win2k3 with Roles DC - AD - DNS Server for MCSA Exam Prep

Re: Installing Win2k3 with Roles DC - AD - DNS Server for MCSA Exam Prep