| Author | Messages | |
AlRose
Posts:47
 | | 04/12/2010 3:16 PM |
| Hi <activedir@mail.activedir.org> everyone,
I know this is a bit OT but i already ask the question on the technet forum
and couldnt get a reply. Here is my problem:
I have setup a WDS server on a Windows 2008R2 server. I have been able to
deploy servers but all my attempt to join computers to the domain failed.
I think the reason is that i have problem with my DHCP scope. The dhcp
server is set locally on my WDS server. The WDS server has two NICs. The
first one is configured on my AD domain and i have shared this network
connection. The second NIC is configured on my deployment VLAN and thats
were the DHCP server is listening.
The weird thing is that when i install the DHCP server i cannot manage it at
all. The server shows up with a name like hostname.mshome.net i can restart
it but i cannot configure the scope at all. So my clients get a dhcp
address, i can deploy images but i cannot configure the scope so they can
get a valid default gateway, hence they cant talk with any DC and any
attempt to join the domain fails.
I tried reinstalling DHCP even though i can give the default gateway during
role installation, the configuration fails.
Why this mshome.net domain
Thanks
| | | |
| Parzival
Posts:108
| | 04/12/2010 3:30 PM |
| Hi,
Based on your information, I could think of the following..
Did you authorize the DHCP server?
Make sure to bind the DHCP server to the right NIC, do this by opening the the server in DHCP, open properties of IPv4, advanced and select bindings..
Are Both NIC's in the same subnet? What is the subnet the dhcp is leasing and can you from that subnet reach the domain controllers? What if you give a DHCP requestor a manual IP address, can you then add the system to the domain?
Are you joining the domain by just Netbios name? or FQDN of the domain, and are they resolvable from your DHCP subnet? Did you also give DNS IP addresses in the scope?
Try to first install the DHCP server without the 2nd NIC enabled, then configure and finally enable the 2nd NIC and replace the binding config..
_R
From: activedir-owner@mail.activedir.org [mailto:activedir-owner@mail.activedir.org] On Behalf Of Al Rose
Sent: Monday, April 12, 2010 4:16 PM
To: activedir@mail.activedir.org
Subject: [ActiveDir] [OT] WDS 2008 and DHCP
Hi<mailto:activedir@mail.activedir.org> everyone,
I know this is a bit OT but i already ask the question on the technet forum and couldnt get a reply. Here is my problem:
I have setup a WDS server on a Windows 2008R2 server. I have been able to deploy servers but all my attempt to join computers to the domain failed.
I think the reason is that i have problem with my DHCP scope. The dhcp server is set locally on my WDS server. The WDS server has two NICs. The first one is configured on my AD domain and i have shared this network connection. The second NIC is configured on my deployment VLAN and thats were the DHCP server is listening.
The weird thing is that when i install the DHCP server i cannot manage it at all. The server shows up with a name like hostname.mshome.net<http://hostname.mshome.net> i can restart it but i cannot configure the scope at all. So my clients get a dhcp address, i can deploy images but i cannot configure the scope so they can get a valid default gateway, hence they cant talk with any DC and any attempt to join the domain fails.
I tried reinstalling DHCP even though i can give the default gateway during role installation, the configuration fails.
Why this mshome.net<http://mshome.net> domain
Thanks
| | | |
| AlRose
Posts:47
| | 04/12/2010 3:53 PM |
| I tried to reinstall the DHCP server without binding yet NICs. This is the
error message i receive:
DHCP Server: Installation succeeded with errors
<Error>: Attempt to configure DHCP Server failed with error code 0x80074E54.
The scope parameters are incorrect. Either the scope already exists or its
subnet address and mask is inconsistent with the subnet address and mask of
an existing scope. Please refer to the full log at:
'C:\Users\etcapacc\AppData\Local\Temp\2\ServerManager.log'
The error in ServerManager.log:
4568: 2010-04-12 16:45:48.196 [DHCP] Begin
DhcpCreateSubnet, subnetAddress = 176294144, subnetInfo = {Subnet Address =
176294144, Subnet Mask = 4294967040, Subnet Name = Deployment VLAN, Primary
Host = {Ip Address = 176294398, Net Bios Name = 0, Host Name = 0}, Subnet
State = DhcpSubnetEnabled}
4568: 2010-04-12 16:45:48.196 [DHCP] Error (Id=0) End DhcpCreateSubnet,
error code = 20052
Apparently problem with scope.
I have a NIC with IP 10.130.9.254 thats were the DHCP should listen, the
other IP is 10.130.12.x it is my production VLAN and DHCP should NOT listen
there.
I try to create the following scope:
DHCP Server
Network Connection Bindings None
IPv4 DNS Settings
DNS Parent Domain eu.acme.com
DNS Servers 10.130.12.120, 10.130.12.100
WINS Servers 10.130.12.100, 10.130.12.120
Scopes
*Name* *Deployment VLAN*
Default Gateway 10.130.9.254
Subnet Mask 255.255.255.0
IP Address Range 10.130.9.1 - 10.130.9.100
Subnet Type Wired (lease duration will be 8 days)
Activate Scope Yes
DHCPv6 Stateless Mode Enabled
IPv6 DNS Settings
DNS Parent Domain eu.acme.com
DNS Servers fec0:0:0:ffff::1, fec0:0:0:ffff::2
DHCP Server Authorization Authorize using credentials associated with
NT-WITCH\etcapacc
On Mon, Apr 12, 2010 at 4:29 PM, Roelf Zomerman
<roelf.zomerman@avanade.com>wrote:
> Hi,
>
>
>
>
>
> Based on your information, I could think of the following..
>
>
>
> Did you authorize the DHCP server?
>
>
>
> Make sure to bind the DHCP server to the right NIC, do this by opening the
> the server in DHCP, open properties of IPv4, advanced and select bindings..
>
>
>
> Are Both NIC’s in the same subnet? What is the subnet the dhcp is leasing
> and can you from that subnet reach the domain controllers? What if you give
> a DHCP requestor a manual IP address, can you then add the system to the
> domain?
>
>
>
> Are you joining the domain by just Netbios name? or FQDN of the domain, and
> are they resolvable from your DHCP subnet? Did you also give DNS IP
> addresses in the scope?
>
>
>
> Try to first install the DHCP server without the 2nd NIC enabled, then
> configure and finally enable the 2nd NIC and replace the binding config..
>
>
>
> _R
>
>
>
> *From:* activedir-owner@mail.activedir.org [mailto:
> activedir-owner@mail.activedir.org] *On Behalf Of *Al Rose
> *Sent:* Monday, April 12, 2010 4:16 PM
> *To:* activedir@mail.activedir.org
> *Subject:* [ActiveDir] [OT] WDS 2008 and DHCP
>
>
>
> Hi <activedir@mail.activedir.org> everyone,
>
>
>
>
>
> I know this is a bit OT but i already ask the question on the technet forum
> and couldnt get a reply. Here is my problem:
>
>
>
>
>
> I have setup a WDS server on a Windows 2008R2 server. I have been able to
> deploy servers but all my attempt to join computers to the domain failed.
>
> I think the reason is that i have problem with my DHCP scope. The dhcp
> server is set locally on my WDS server. The WDS server has two NICs. The
> first one is configured on my AD domain and i have shared this network
> connection. The second NIC is configured on my deployment VLAN and thats
> were the DHCP server is listening.
>
> The weird thing is that when i install the DHCP server i cannot manage it
> at all. The server shows up with a name like hostname.mshome.net i can
> restart it but i cannot configure the scope at all. So my clients get a dhcp
> address, i can deploy images but i cannot configure the scope so they can
> get a valid default gateway, hence they cant talk with any DC and any
> attempt to join the domain fails.
>
> I tried reinstalling DHCP even though i can give the default gateway during
> role installation, the configuration fails.
>
> Why this mshome.net domain
>
>
>
> Thanks
>
| | | |
| Thomas Vuylsteke
Posts:215
| | 04/13/2010 7:46 AM |
| What do you mean with "The first one is configured on my AD domain and i have shared this network connection"
I can see that you have a VLAN with normal domain connectivity (DNS/AD) and you have a VLAN where you DHCP and Deployment services are active. If you do not have DNS/AD available in the deployment VLAN, and if the deployment VLAN is non-routeable (cannot reach "production vlan"), then you will have to move the server after deployment to the production lan and assign them a static IP or let them have a DHCP address from the production DHCP.
I don't know whether sharing your network connection means you configured "internet connection sharing" (is that possible on a windows 2008 R2 server OS?"), that would explain why you're DHCP goes nuts. ICS would configure you're "deployment" NIC to be listening for DHCP as well and would hand out addresses without a default gateway. I can imagine it would also set the DNS suffix to "mshome.net"
So I think it would be good for you to explain what you mean with "shared this network connection"
Success!
Regards,
Thomas
From: activedir-owner@mail.activedir.org [mailto:activedir-owner@mail.activedir.org] On Behalf Of Al Rose
Sent: maandag 12 april 2010 16:52
To: activedir@mail.activedir.org
Subject: Re: [ActiveDir] [OT] WDS 2008 and DHCP
Sensitivity: Confidential
I tried to reinstall the DHCP server without binding yet NICs. This is the error message i receive:
DHCP Server: Installation succeeded with errors
<Error>: Attempt to configure DHCP Server failed with error code 0x80074E54. The scope parameters are incorrect. Either the scope already exists or its subnet address and mask is inconsistent with the subnet address and mask of an existing scope.
Please refer to the full log at: 'C:\Users\etcapacc\AppData\Local\Temp\2\ServerManager.log'
The error in ServerManager.log:
4568: 2010-04-12 16:45:48.196 [DHCP] Begin DhcpCreateSubnet, subnetAddress = 176294144, subnetInfo = {Subnet Address = 176294144, Subnet Mask = 4294967040, Subnet Name = Deployment VLAN, Primary Host = {Ip Address = 176294398, Net Bios Name = 0, Host Name = 0}, Subnet State = DhcpSubnetEnabled}
4568: 2010-04-12 16:45:48.196 [DHCP] Error (Id=0) End DhcpCreateSubnet, error code = 20052
Apparently problem with scope.
I have a NIC with IP 10.130.9.254 thats were the DHCP should listen, the other IP is 10.130.12.x it is my production VLAN and DHCP should NOT listen there.
I try to create the following scope:
DHCP Server
Network Connection Bindings
None
IPv4 DNS Settings
DNS Parent Domain
eu.acme.com<http://eu.acme.com>
DNS Servers
10.130.12.120, 10.130.12.100
WINS Servers
10.130.12.100, 10.130.12.120
Scopes
Name
Deployment VLAN
Default Gateway
10.130.9.254
Subnet Mask
255.255.255.0
IP Address Range
10.130.9.1 - 10.130.9.100
Subnet Type
Wired (lease duration will be 8 days)
Activate Scope
Yes
DHCPv6 Stateless Mode
Enabled
IPv6 DNS Settings
DNS Parent Domain
eu.acme.com<http://eu.acme.com>
DNS Servers
fec0:0:0:ffff::1, fec0:0:0:ffff::2
DHCP Server Authorization
Authorize using credentials associated with NT-WITCH\etcapacc
On Mon, Apr 12, 2010 at 4:29 PM, Roelf Zomerman <roelf.zomerman@avanade.com<mailto:roelf.zomerman@avanade.com>> wrote:
Hi,
Based on your information, I could think of the following..
Did you authorize the DHCP server?
Make sure to bind the DHCP server to the right NIC, do this by opening the the server in DHCP, open properties of IPv4, advanced and select bindings..
Are Both NIC's in the same subnet? What is the subnet the dhcp is leasing and can you from that subnet reach the domain controllers? What if you give a DHCP requestor a manual IP address, can you then add the system to the domain?
Are you joining the domain by just Netbios name? or FQDN of the domain, and are they resolvable from your DHCP subnet? Did you also give DNS IP addresses in the scope?
Try to first install the DHCP server without the 2nd NIC enabled, then configure and finally enable the 2nd NIC and replace the binding config..
_R
From: activedir-owner@mail.activedir.org<mailto:activedir-owner@mail.activedir.org> [mailto:activedir-owner@mail.activedir.org<mailto:activedir-owner@mail.activedir.org>] On Behalf Of Al Rose
Sent: Monday, April 12, 2010 4:16 PM
To: activedir@mail.activedir.org<mailto:activedir@mail.activedir.org>
Subject: [ActiveDir] [OT] WDS 2008 and DHCP
Hi<mailto:activedir@mail.activedir.org> everyone,
I know this is a bit OT but i already ask the question on the technet forum and couldnt get a reply. Here is my problem:
I have setup a WDS server on a Windows 2008R2 server. I have been able to deploy servers but all my attempt to join computers to the domain failed.
I think the reason is that i have problem with my DHCP scope. The dhcp server is set locally on my WDS server. The WDS server has two NICs. The first one is configured on my AD domain and i have shared this network connection. The second NIC is configured on my deployment VLAN and thats were the DHCP server is listening.
The weird thing is that when i install the DHCP server i cannot manage it at all. The server shows up with a name like hostname.mshome.net<http://hostname.mshome.net/> i can restart it but i cannot configure the scope at all. So my clients get a dhcp address, i can deploy images but i cannot configure the scope so they can get a valid default gateway, hence they cant talk with any DC and any attempt to join the domain fails.
I tried reinstalling DHCP even though i can give the default gateway during role installation, the configuration fails.
Why this mshome.net<http://mshome.net/> domain
Thanks
| | | |
| AlRose
Posts:47
| | 04/13/2010 8:16 AM |
| HI Thomas,
You got things right actually, the first NIC on the WDS server is
configured with an IP address of 10.130.12.x which is the VLAN where we have
our DCs/DNS/DHCP production servers.
As you mentionned i have enabled ICS on that NIC (yes you can on win2008).
The second NIC is configured with another VLAN (deployment VLAN) 10.130.9.x
and there's nothing else on that VLAN than the clients talking to WDS. Thats
why i wanted to share my "prod"NIC so i could allow clients to talk to DCs
when deployment is done and i want the machine to be joined to the domain.
Hope i am clear 
On Tue, Apr 13, 2010 at 8:44 AM, Thomas Vuylsteke <
Thomas.Vuylsteke@realdolmen.com> wrote:
> What do you mean with “*The first one is configured on my AD domain and i
> have shared this network connection*”
>
>
>
> I can see that you have a VLAN with normal domain connectivity (DNS/AD) and
> you have a VLAN where you DHCP and Deployment services are active. If you do
> not have DNS/AD available in the deployment VLAN, and if the deployment VLAN
> is non-routeable (cannot reach “production vlan”), then you will have to
> move the server after deployment to the production lan and assign them a
> static IP or let them have a DHCP address from the production DHCP.
>
>
>
> I don’t know whether sharing your network connection means you configured
> “internet connection sharing” (is that possible on a windows 2008 R2 server
> OS?”), that would explain why you’re DHCP goes nuts. ICS would configure
> you’re “deployment” NIC to be listening for DHCP as well and would hand out
> addresses without a default gateway. I can imagine it would also set the DNS
> suffix to “mshome.net”
>
>
>
> So I think it would be good for you to explain what you mean with “shared
> this network connection”
>
>
>
> Success!
>
> Regards,
>
> Thomas
>
>
>
> *From:* activedir-owner@mail.activedir.org [mailto:
> activedir-owner@mail.activedir.org] *On Behalf Of *Al Rose
> *Sent:* maandag 12 april 2010 16:52
>
> *To:* activedir@mail.activedir.org
> *Subject:* Re: [ActiveDir] [OT] WDS 2008 and DHCP
> *Sensitivity:* Confidential
>
>
>
> I tried to reinstall the DHCP server without binding yet NICs. This is the
> error message i receive:
>
> DHCP Server: Installation succeeded with errors
>
> <Error>: Attempt to configure DHCP Server failed with error code
> 0x80074E54. The scope parameters are incorrect. Either the scope already
> exists or its subnet address and mask is inconsistent with the subnet
> address and mask of an existing scope.
>
> Please refer to the full log at:
> 'C:\Users\etcapacc\AppData\Local\Temp\2\ServerManager.log'
>
>
>
> The error in ServerManager.log:
>
>
>
> 4568: 2010-04-12 16:45:48.196 [DHCP] Begin
> DhcpCreateSubnet, subnetAddress = 176294144, subnetInfo = {Subnet Address =
> 176294144, Subnet Mask = 4294967040, Subnet Name = Deployment VLAN, Primary
> Host = {Ip Address = 176294398, Net Bios Name = 0, Host Name = 0}, Subnet
> State = DhcpSubnetEnabled}
> 4568: 2010-04-12 16:45:48.196 [DHCP] Error (Id=0) End DhcpCreateSubnet,
> error code = 20052
>
> Apparently problem with scope.
>
>
>
> I have a NIC with IP 10.130.9.254 thats were the DHCP should listen, the
> other IP is 10.130.12.x it is my production VLAN and DHCP should NOT listen
> there.
>
>
>
> I try to create the following scope:
>
> DHCP Server
>
> Network Connection Bindings
>
> None
>
>
>
> IPv4 DNS Settings
>
>
>
> DNS Parent Domain
>
> eu.acme.com
>
>
>
> DNS Servers
>
> 10.130.12.120, 10.130.12.100
>
>
>
> WINS Servers
>
> 10.130.12.100, 10.130.12.120
>
>
>
> Scopes
>
>
>
> *Name*
>
> *Deployment VLAN*
>
>
>
> Default Gateway
>
> 10.130.9.254
>
>
>
> Subnet Mask
>
> 255.255.255.0
>
>
>
> IP Address Range
>
> 10.130.9.1 - 10.130.9.100
>
>
>
> Subnet Type
>
> Wired (lease duration will be 8 days)
>
>
>
> Activate Scope
>
> Yes
>
>
>
> DHCPv6 Stateless Mode
>
> Enabled
>
>
>
> IPv6 DNS Settings
>
>
>
> DNS Parent Domain
>
> eu.acme.com
>
>
>
> DNS Servers
>
> fec0:0:0:ffff::1, fec0:0:0:ffff::2
>
>
>
> DHCP Server Authorization
>
> Authorize using credentials associated with NT-WITCH\etcapacc
>
> On Mon, Apr 12, 2010 at 4:29 PM, Roelf Zomerman <
> roelf.zomerman@avanade.com> wrote:
>
> Hi,
>
>
>
>
>
> Based on your information, I could think of the following..
>
>
>
> Did you authorize the DHCP server?
>
>
>
> Make sure to bind the DHCP server to the right NIC, do this by opening the
> the server in DHCP, open properties of IPv4, advanced and select bindings..
>
>
>
> Are Both NIC’s in the same subnet? What is the subnet the dhcp is leasing
> and can you from that subnet reach the domain controllers? What if you give
> a DHCP requestor a manual IP address, can you then add the system to the
> domain?
>
>
>
> Are you joining the domain by just Netbios name? or FQDN of the domain, and
> are they resolvable from your DHCP subnet? Did you also give DNS IP
> addresses in the scope?
>
>
>
> Try to first install the DHCP server without the 2nd NIC enabled, then
> configure and finally enable the 2nd NIC and replace the binding config..
>
>
>
> _R
>
>
>
> *From:* activedir-owner@mail.activedir.org [mailto:
> activedir-owner@mail.activedir.org] *On Behalf Of *Al Rose
> *Sent:* Monday, April 12, 2010 4:16 PM
> *To:* activedir@mail.activedir.org
> *Subject:* [ActiveDir] [OT] WDS 2008 and DHCP
>
>
>
> Hi <activedir@mail.activedir.org> everyone,
>
>
>
>
>
> I know this is a bit OT but i already ask the question on the technet forum
> and couldnt get a reply. Here is my problem:
>
>
>
>
>
> I have setup a WDS server on a Windows 2008R2 server. I have been able to
> deploy servers but all my attempt to join computers to the domain failed.
>
> I think the reason is that i have problem with my DHCP scope. The dhcp
> server is set locally on my WDS server. The WDS server has two NICs. The
> first one is configured on my AD domain and i have shared this network
> connection. The second NIC is configured on my deployment VLAN and thats
> were the DHCP server is listening.
>
> The weird thing is that when i install the DHCP server i cannot manage it
> at all. The server shows up with a name like hostname.mshome.net i can
> restart it but i cannot configure the scope at all. So my clients get a dhcp
> address, i can deploy images but i cannot configure the scope so they can
> get a valid default gateway, hence they cant talk with any DC and any
> attempt to join the domain fails.
>
> I tried reinstalling DHCP even though i can give the default gateway during
> role installation, the configuration fails.
>
> Why this mshome.net domain
>
>
>
> Thanks
>
>
>
| | | |
| Thomas Vuylsteke
Posts:215
| | 04/13/2010 11:32 AM |
| Well, If I'm correct ICS is a form of "NAT'ing" (network address translation), and that is not really supported and/or recommended by MS.
http://support.microsoft.com/kb/978772
It might be wise to revise why you need an isolated lan for deployment. Perhaps an idea is to have one domain controller (of the production environment) present in the deployment VLAN, and by means of acls or firewall rules allow that one to communicate with the production network. Then you can join machines in the deployment vlan to the DC present over there.
However, withouth knowing the requirements of the dedicated deployment vlan, it's hard to find a solution.
Thomas Vuylsteke
System Engineer Server Technology
thomas.vuylsteke@realdolmen.com<mailto:thomas.vuylsteke@realdolmen.com>
Direct +32 (0)2 362 55 55
<http://www.realdolmen.com/>
This e-mail message and any attachment are intended for the sole use of the recipient(s) named above and may contain information which is confidential and/or protected by intellectual property rights. Any use of the information contained herein (including, but not limited to, total or partial reproduction, communication or distribution in any form) by other persons than the designated recipient(s) is prohibited. If you have received this e-mail in error, please notify the sender either by telephone (+32 2 362 55 55) or by e-mail and delete the material from any computer. Please note that neither RealDolmen nor the sender accept any responsibility for viruses and it is your responsibility to scan or otherwise check this email and any attachments. RealDolmen is nor responsible for the correct and complete transfer of the contents of the sent e-mail, neither for the receipt o
________________________________
From: activedir-owner@mail.activedir.org [activedir-owner@mail.activedir.org] On Behalf Of Al Rose [arose107@gmail.com]
Sent: Tuesday, April 13, 2010 09:14
To: activedir@mail.activedir.org
Subject: Re: [ActiveDir] [OT] WDS 2008 and DHCP
HI Thomas,
You got things right actually, the first NIC on the WDS server is configured with an IP address of 10.130.12.x which is the VLAN where we have our DCs/DNS/DHCP production servers.
As you mentionned i have enabled ICS on that NIC (yes you can on win2008).
The second NIC is configured with another VLAN (deployment VLAN) 10.130.9.x and there's nothing else on that VLAN than the clients talking to WDS. Thats why i wanted to share my "prod"NIC so i could allow clients to talk to DCs when deployment is done and i want the machine to be joined to the domain.
Hope i am clear
On Tue, Apr 13, 2010 at 8:44 AM, Thomas Vuylsteke <Thomas.Vuylsteke@realdolmen.com<mailto:Thomas.Vuylsteke@realdolmen.com>> wrote:
What do you mean with “The first one is configured on my AD domain and i have shared this network connection”
I can see that you have a VLAN with normal domain connectivity (DNS/AD) and you have a VLAN where you DHCP and Deployment services are active. If you do not have DNS/AD available in the deployment VLAN, and if the deployment VLAN is non-routeable (cannot reach “production vlan”), then you will have to move the server after deployment to the production lan and assign them a static IP or let them have a DHCP address from the production DHCP.
I don’t know whether sharing your network connection means you configured “internet connection sharing” (is that possible on a windows 2008 R2 server OS?”), that would explain why you’re DHCP goes nuts. ICS would configure you’re “deployment” NIC to be listening for DHCP as well and would hand out addresses without a default gateway. I can imagine it would also set the DNS suffix to “mshome.net<http://mshome.net/>”
So I think it would be good for you to explain what you mean with “shared this network connection”
Success!
Regards,
Thomas
From: activedir-owner@mail.activedir.org<mailto:activedir-owner@mail.activedir.org> [mailto:activedir-owner@mail.activedir.org<mailto:activedir-owner@mail.activedir.org>] On Behalf Of Al Rose
Sent: maandag 12 april 2010 16:52
To: activedir@mail.activedir.org<mailto:activedir@mail.activedir.org>
Subject: Re: [ActiveDir] [OT] WDS 2008 and DHCP
Sensitivity: Confidential
I tried to reinstall the DHCP server without binding yet NICs. This is the error message i receive:
DHCP Server: Installation succeeded with errors
<Error>: Attempt to configure DHCP Server failed with error code 0x80074E54. The scope parameters are incorrect. Either the scope already exists or its subnet address and mask is inconsistent with the subnet address and mask of an existing scope.
Please refer to the full log at: 'C:\Users\etcapacc\AppData\Local\Temp\2\ServerManager.log'
The error in ServerManager.log:
4568: 2010-04-12 16:45:48.196 [DHCP] Begin DhcpCreateSubnet, subnetAddress = 176294144, subnetInfo = {Subnet Address = 176294144, Subnet Mask = 4294967040, Subnet Name = Deployment VLAN, Primary Host = {Ip Address = 176294398, Net Bios Name = 0, Host Name = 0}, Subnet State = DhcpSubnetEnabled}
4568: 2010-04-12 16:45:48.196 [DHCP] Error (Id=0) End DhcpCreateSubnet, error code = 20052
Apparently problem with scope.
I have a NIC with IP 10.130.9.254 thats were the DHCP should listen, the other IP is 10.130.12.x it is my production VLAN and DHCP should NOT listen there.
I try to create the following scope:
DHCP Server
Network Connection Bindings
None
IPv4 DNS Settings
DNS Parent Domain
eu.acme.com<http://eu.acme.com/>
DNS Servers
10.130.12.120, 10.130.12.100
WINS Servers
10.130.12.100, 10.130.12.120
Scopes
Name
Deployment VLAN
Default Gateway
10.130.9.254
Subnet Mask
255.255.255.0
IP Address Range
10.130.9.1 - 10.130.9.100
Subnet Type
Wired (lease duration will be 8 days)
Activate Scope
Yes
DHCPv6 Stateless Mode
Enabled
IPv6 DNS Settings
DNS Parent Domain
eu.acme.com<http://eu.acme.com/>
DNS Servers
fec0:0:0:ffff::1, fec0:0:0:ffff::2
DHCP Server Authorization
Authorize using credentials associated with NT-WITCH\etcapacc
On Mon, Apr 12, 2010 at 4:29 PM, Roelf Zomerman <roelf.zomerman@avanade.com<mailto:roelf.zomerman@avanade.com>> wrote:
Hi,
Based on your information, I could think of the following..
Did you authorize the DHCP server?
Make sure to bind the DHCP server to the right NIC, do this by opening the the server in DHCP, open properties of IPv4, advanced and select bindings..
Are Both NIC’s in the same subnet? What is the subnet the dhcp is leasing and can you from that subnet reach the domain controllers? What if you give a DHCP requestor a manual IP address, can you then add the system to the domain?
Are you joining the domain by just Netbios name? or FQDN of the domain, and are they resolvable from your DHCP subnet? Did you also give DNS IP addresses in the scope?
Try to first install the DHCP server without the 2nd NIC enabled, then configure and finally enable the 2nd NIC and replace the binding config..
_R
From: activedir-owner@mail.activedir.org<mailto:activedir-owner@mail.activedir.org> [mailto:activedir-owner@mail.activedir.org<mailto:activedir-owner@mail.activedir.org>] On Behalf Of Al Rose
Sent: Monday, April 12, 2010 4:16 PM
To: activedir@mail.activedir.org<mailto:activedir@mail.activedir.org>
Subject: [ActiveDir] [OT] WDS 2008 and DHCP
Hi<mailto:activedir@mail.activedir.org> everyone,
I know this is a bit OT but i already ask the question on the technet forum and couldnt get a reply. Here is my problem:
I have setup a WDS server on a Windows 2008R2 server. I have been able to deploy servers but all my attempt to join computers to the domain failed.
I think the reason is that i have problem with my DHCP scope. The dhcp server is set locally on my WDS server. The WDS server has two NICs. The first one is configured on my AD domain and i have shared this network connection. The second NIC is configured on my deployment VLAN and thats were the DHCP server is listening.
The weird thing is that when i install the DHCP server i cannot manage it at all. The server shows up with a name like hostname.mshome.net<http://hostname.mshome.net/> i can restart it but i cannot configure the scope at all. So my clients get a dhcp address, i can deploy images but i cannot configure the scope so they can get a valid default gateway, hence they cant talk with any DC and any attempt to join the domain fails.
I tried reinstalling DHCP even though i can give the default gateway during role installation, the configuration fails.
Why this mshome.net<http://mshome.net/> domain
Thanks
| | | |
| AlRose
Posts:47
| | 04/13/2010 5:44 PM |
| Finally got it working. I disabled ICS and installed RRAS with 2 NAT
interfaces. Now my clients in the deployment VLAN can talk to the DCs and
the DHCP server is configurable again.
Thanks for putting me on the right track.
On Tue, Apr 13, 2010 at 12:26 PM, Thomas Vuylsteke <
Thomas.Vuylsteke@realdolmen.com> wrote:
> Well, If I'm correct ICS is a form of "NAT'ing" (network address
> translation), and that is not really supported and/or recommended by MS.
>
> http://support.microsoft.com/kb/978772
>
> It might be wise to revise why you need an isolated lan for deployment.
> Perhaps an idea is to have one domain controller (of the production
> environment) present in the deployment VLAN, and by means of acls or
> firewall rules allow that one to communicate with the production network.
> Then you can join machines in the deployment vlan to the DC present over
> there.
>
> However, withouth knowing the requirements of the dedicated deployment
> vlan, it's hard to find a solution.
>
>
> *Thomas Vuylsteke*
> *System Engineer Server Technology*
> thomas.vuylsteke@realdolmen.com
>
> Direct +32 (0)2 362 55 55
> <http://www.realdolmen.com/>
>
>
>
> This e-mail message and any attachment are intended for the sole use of the
> recipient(s) named above and may contain information which is confidential
> and/or protected by intellectual property rights. Any use of the information
> contained herein (including, but not limited to, total or partial
> reproduction, communication or distribution in any form) by other persons
> than the designated recipient(s) is prohibited. If you have received this
> e-mail in error, please notify the sender either by telephone (+32 2 362 55
> 55) or by e-mail and delete the material from any computer. Please note that
> neither RealDolmen nor the sender accept any responsibility for viruses and
> it is your responsibility to scan or otherwise check this email and any
> attachments. RealDolmen is nor responsible for the correct and complete
> transfer of the contents of the sent e-mail, neither for the receipt o
> ------------------------------
> *From:* activedir-owner@mail.activedir.org [
> activedir-owner@mail.activedir.org] On Behalf Of Al Rose [
> arose107@gmail.com]
> *Sent:* Tuesday, April 13, 2010 09:14
>
> *To:* activedir@mail.activedir.org
> *Subject:* Re: [ActiveDir] [OT] WDS 2008 and DHCP
>
> HI Thomas,
>
> You got things right actually, the first NIC on the WDS server is
> configured with an IP address of 10.130.12.x which is the VLAN where we have
> our DCs/DNS/DHCP production servers.
> As you mentionned i have enabled ICS on that NIC (yes you can on win2008).
> The second NIC is configured with another VLAN (deployment VLAN) 10.130.9.x
> and there's nothing else on that VLAN than the clients talking to WDS. Thats
> why i wanted to share my "prod"NIC so i could allow clients to talk to DCs
> when deployment is done and i want the machine to be joined to the domain.
>
> Hope i am clear
> On Tue, Apr 13, 2010 at 8:44 AM, Thomas Vuylsteke <
> Thomas.Vuylsteke@realdolmen.com> wrote:
>
>> What do you mean with “*The first one is configured on my AD domain and i
>> have shared this network connection*”
>>
>>
>>
>> I can see that you have a VLAN with normal domain connectivity (DNS/AD)
>> and you have a VLAN where you DHCP and Deployment services are active. If
>> you do not have DNS/AD available in the deployment VLAN, and if the
>> deployment VLAN is non-routeable (cannot reach “production vlan”), then you
>> will have to move the server after deployment to the production lan and
>> assign them a static IP or let them have a DHCP address from the production
>> DHCP.
>>
>>
>>
>> I don’t know whether sharing your network connection means you configured
>> “internet connection sharing” (is that possible on a windows 2008 R2 server
>> OS?”), that would explain why you’re DHCP goes nuts. ICS would configure
>> you’re “deployment” NIC to be listening for DHCP as well and would hand out
>> addresses without a default gateway. I can imagine it would also set the DNS
>> suffix to “mshome.net”
>>
>>
>>
>> So I think it would be good for you to explain what you mean with “shared
>> this network connection”
>>
>>
>>
>> Success!
>>
>> Regards,
>>
>> Thomas
>>
>>
>>
>> *From:* activedir-owner@mail.activedir.org [mailto:
>> activedir-owner@mail.activedir.org] *On Behalf Of *Al Rose
>> *Sent:* maandag 12 april 2010 16:52
>>
>> *To:* activedir@mail.activedir.org
>> *Subject:* Re: [ActiveDir] [OT] WDS 2008 and DHCP
>> *Sensitivity:* Confidential
>>
>>
>>
>> I tried to reinstall the DHCP server without binding yet NICs. This is the
>> error message i receive:
>>
>> DHCP Server: Installation succeeded with errors
>>
>> <Error>: Attempt to configure DHCP Server failed with error code
>> 0x80074E54. The scope parameters are incorrect. Either the scope already
>> exists or its subnet address and mask is inconsistent with the subnet
>> address and mask of an existing scope.
>>
>> Please refer to the full log at:
>> 'C:\Users\etcapacc\AppData\Local\Temp\2\ServerManager.log'
>>
>>
>>
>> The error in ServerManager.log:
>>
>>
>>
>> 4568: 2010-04-12 16:45:48.196 [DHCP] Begin
>> DhcpCreateSubnet, subnetAddress = 176294144, subnetInfo = {Subnet Address =
>> 176294144, Subnet Mask = 4294967040, Subnet Name = Deployment VLAN, Primary
>> Host = {Ip Address = 176294398, Net Bios Name = 0, Host Name = 0}, Subnet
>> State = DhcpSubnetEnabled}
>> 4568: 2010-04-12 16:45:48.196 [DHCP] Error (Id=0) End DhcpCreateSubnet,
>> error code = 20052
>>
>> Apparently problem with scope.
>>
>>
>>
>> I have a NIC with IP 10.130.9.254 thats were the DHCP should listen, the
>> other IP is 10.130.12.x it is my production VLAN and DHCP should NOT listen
>> there.
>>
>>
>>
>> I try to create the following scope:
>>
>> DHCP Server
>>
>> Network Connection Bindings
>>
>> None
>>
>>
>>
>> IPv4 DNS Settings
>>
>>
>>
>> DNS Parent Domain
>>
>> eu.acme.com
>>
>>
>>
>> DNS Servers
>>
>> 10.130.12.120, 10.130.12.100
>>
>>
>>
>> WINS Servers
>>
>> 10.130.12.100, 10.130.12.120
>>
>>
>>
>> Scopes
>>
>>
>>
>> *Name*
>>
>> *Deployment VLAN*
>>
>>
>>
>> Default Gateway
>>
>> 10.130.9.254
>>
>>
>>
>> Subnet Mask
>>
>> 255.255.255.0
>>
>>
>>
>> IP Address Range
>>
>> 10.130.9.1 - 10.130.9.100
>>
>>
>>
>> Subnet Type
>>
>> Wired (lease duration will be 8 days)
>>
>>
>>
>> Activate Scope
>>
>> Yes
>>
>>
>>
>> DHCPv6 Stateless Mode
>>
>> Enabled
>>
>>
>>
>> IPv6 DNS Settings
>>
>>
>>
>> DNS Parent Domain
>>
>> eu.acme.com
>>
>>
>>
>> DNS Servers
>>
>> fec0:0:0:ffff::1, fec0:0:0:ffff::2
>>
>>
>>
>> DHCP Server Authorization
>>
>> Authorize using credentials associated with NT-WITCH\etcapacc
>>
>> On Mon, Apr 12, 2010 at 4:29 PM, Roelf Zomerman <
>> roelf.zomerman@avanade.com> wrote:
>>
>> Hi,
>>
>>
>>
>>
>>
>> Based on your information, I could think of the following..
>>
>>
>>
>> Did you authorize the DHCP server?
>>
>>
>>
>> Make sure to bind the DHCP server to the right NIC, do this by opening the
>> the server in DHCP, open properties of IPv4, advanced and select bindings..
>>
>>
>>
>> Are Both NIC’s in the same subnet? What is the subnet the dhcp is leasing
>> and can you from that subnet reach the domain controllers? What if you give
>> a DHCP requestor a manual IP address, can you then add the system to the
>> domain?
>>
>>
>>
>> Are you joining the domain by just Netbios name? or FQDN of the domain,
>> and are they resolvable from your DHCP subnet? Did you also give DNS IP
>> addresses in the scope?
>>
>>
>>
>> Try to first install the DHCP server without the 2nd NIC enabled, then
>> configure and finally enable the 2nd NIC and replace the binding config..
>>
>>
>>
>>
>> _R
>>
>>
>>
>> *From:* activedir-owner@mail.activedir.org [mailto:
>> activedir-owner@mail.activedir.org] *On Behalf Of *Al Rose
>> *Sent:* Monday, April 12, 2010 4:16 PM
>> *To:* activedir@mail.activedir.org
>> *Subject:* [ActiveDir] [OT] WDS 2008 and DHCP
>>
>>
>>
>> Hi <activedir@mail.activedir.org> everyone,
>>
>>
>>
>>
>>
>> I know this is a bit OT but i already ask the question on the technet
>> forum and couldnt get a reply. Here is my problem:
>>
>>
>>
>>
>>
>> I have setup a WDS server on a Windows 2008R2 server. I have been able to
>> deploy servers but all my attempt to join computers to the domain failed.
>>
>> I think the reason is that i have problem with my DHCP scope. The dhcp
>> server is set locally on my WDS server. The WDS server has two NICs. The
>> first one is configured on my AD domain and i have shared this network
>> connection. The second NIC is configured on my deployment VLAN and thats
>> were the DHCP server is listening.
>>
>> The weird thing is that when i install the DHCP server i cannot manage it
>> at all. The server shows up with a name like hostname.mshome.net i can
>> restart it but i cannot configure the scope at all. So my clients get a dhcp
>> address, i can deploy images but i cannot configure the scope so they can
>> get a valid default gateway, hence they cant talk with any DC and any
>> attempt to join the domain fails.
>>
>> I tried reinstalling DHCP even though i can give the default gateway
>> during role installation, the configuration fails.
>>
>> Why this mshome.net domain
>>
>>
>>
>> Thanks
>>
>>
>>
>>
>
| | | |
|
|