Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

AD DC Cannot be Contacted - Windows Server 2008 R2


  • Please log in to reply
20 replies to this topic

#1 333OnlyHalfEvil

333OnlyHalfEvil

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:10:53 AM

Posted 20 March 2015 - 10:22 AM

Hi everyone,

 

I'm trying to get a windows server machine up and running for the first time. I installed the Windows Server 2008 R2 operating system on the machine. Then I added the roles: Active Directory Domain Services, DHCP, and DNS. The problem I'm having is when I go to connect client machines to the domain (I've tried with a Windows 7 client and a Windows 8.1 client) I get the following error:

2220831698_da9eda4419.jpg?v=0

I'm totally stuck at solving this problem and I've been stuck for weeks now. I've done so many searches and tried so many different things that I ran out of things to try. I've tried multiple things that have worked for other people and they're not working for me. I don't know what I'm doing wrong :(

 

I'd describe what I've tried already but, being someone who's never installed a server before, I'd like to see how you gurus go about troubleshooting something like this and also what you have to say about it. I feel like this should be really easy. 

 

How should I go about solving this problem?

 

Thanks in advance for you time and concern.



BC AdBot (Login to Remove)

 


m

#2 Sneakycyber

Sneakycyber

    Network Engineer


  • BC Advisor
  • 6,034 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ohio
  • Local time:12:53 PM

Posted 21 March 2015 - 05:19 PM

Make sure your client's DNS address is pointing to your server.

Chad Mockensturm 

Systems and Network Engineer

Certified CompTia Network +, A +


#3 sflatechguy

sflatechguy

  • BC Advisor
  • 2,164 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:53 PM

Posted 21 March 2015 - 07:51 PM

And doublecheck the DHCP server's settings to make sure it is providing clients with the proper DNS address that points to the server.



#4 333OnlyHalfEvil

333OnlyHalfEvil
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:10:53 AM

Posted 25 March 2015 - 12:24 AM

Thanks for the replies.

 

Sneakycyber: Thanks for the suggestion but I believe this didn't work. I went to server command prompt and typed ipconfig and found its IPv4 address. Then I went to network connections on the client, right-clicked the network adapter and clicked properties, highlighted IPv4 and clicked properties again, then i clicked "use the following DNS server" and typed in the server's IPv4 address. Let me know if you meant something different.

 

BC Advisor: Thanks for the suggestion and I'm not sure if it didn't work or not. I don't know how to change the DHCP server's settings to provide clients with the specified proper DNS address that points to the server (I'm assuming you mean the same IPv4 address of the server described in the comment to Sneakycyber above?). I ended up just reinstalling it and in the wizard I made sure the IPv4 addresses were set to the same as the server when it was asking for default DNS, DHCP, WINS. Is that the same thing you're talking about? Is there a way to change these settings after the role is already installed?

 

 

I still can't get the clients to connect but believe I may have found the problem. While I was trying your suggestions, on a client machine, when I was right-clicking the network adapter, I went to status instead of properties. There, it said the DNS address was set to the server but the DHCP address was set to a different IPv4 address (my router). I did some searching but I can't seem to find a way to get it to point to my server instead of the router. Does this sound like the problem? I can't seem to find out how to change it.

 

Thanks again



#5 sflatechguy

sflatechguy

  • BC Advisor
  • 2,164 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:53 PM

Posted 25 March 2015 - 07:21 AM

If your router is set to serve as a DHCP server and the Windows Server is also providing the DHCP service, that would be a problem. Use either the router or the server for DHCP -- otherwise, both will start handing out IP addresses and configuration info, which will cause confusion on your network. The situation you described is due to the fact that the client is getting it's IP address from the router, not the server.

 

If you decide to let the router provide DHCP configuration, uninstall the DHCP role on the server. The router will provide the IP addresses; don't configure the router to provide DNS configuation for the clients. Then, in the client machines, configure the DNS server to point to the IP address of the Windows server, and make sure the DNS on the router points to a public DNS server or servers -- or else no one will be able to resolve anything on the Internet.

 

If you decide to use the Windows server for DHCP, set the router to provide static IP addresses -- in this case, have it provide one IP address, for the Windows server. The DNS on the router still needs to point to public DNS servers. Then, on the DHCP server, make sure the range of IP addresses it hands out does not include the IP address for the server. It sounds like you configured DNS properly in the wizard, as long as the primary DNS address is the IP address of the Windows server. Unless you have a WINS server running, you don't need to configure that.

 

You can doublecheck the settings by going to the Scope Options on the DHCP server and look to see which IP address is set for 006 DNS servers. It should be the IP address of the Windows server; so if you've configured DHCP properly, this is the DNS server address clients will automatically receive when they get their IP config info from DHCP.



#6 kBWarrior

kBWarrior

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:53 PM

Posted 25 March 2015 - 11:00 AM

Please post screenshots or copy/paste of the following:

 

1) an ipconfig /all from your AD/DHCP server

2) an ipconfig /all from a machine that you are trying to join to the domain.



#7 333OnlyHalfEvil

333OnlyHalfEvil
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:10:53 AM

Posted 25 March 2015 - 08:36 PM

Thanks for the replies.

 

So, I'm understanding this as the DHCP server is responsible for getting a "piece" of the internet from the ISP and assigns IP addresses to any device on its network that requests one. Coming along with this IP address is a pointer to a DNS server which is responsible for translating the IP addresses assigned by the DHCP server into an actual name that we prefer to use like mycomputer.mydomain.local or something like that. Am I understanding that correctly? Also, just to make sure that I'm actually doing what I need to do, my server just needs to be serving dns in order to act as a domain controller and allow clients to connect to it so I can start managing them, right?



#8 sflatechguy

sflatechguy

  • BC Advisor
  • 2,164 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:53 PM

Posted 26 March 2015 - 07:23 AM

DHCP assigns IP addresses to computers that need them, because they don't have a static IP address configured. You can "reserve" an IP address for a client or a server in DHCP; it is recommended you do this for servers in particular. This means that IP address will continuously be assigned to that machine -- even if the computer is removed from the network, no other computer will ever be given that IP address until the reservation is removed.

 

DHCP also provides the IP address of a DNS server or servers, so that clients can resolve URLs to IP addresses, and vice versa. You can configure the server to provide just the DNS service and to serve as a domain controller. You can let the router handle all the DHCP functions; just make sure to assign static addresses to all servers that are DNS servers/domain controllers, and make sure those addresses are outside the range of addresses the DHCP server on the router will allocate. You would then manually configure all client computers to point to the DNS server(s) inside your network; the router should be configured with a public DNS server or servers. This can be the DNS provided by your ISP, or any other public DNS like Google (8.8.8.8). Computers will contact your DNS server first for name resolution, and anything that can't be resolved internally will be forwarded to the public DNS servers.

 

Hope that wasn't too convoluted. :)



#9 333OnlyHalfEvil

333OnlyHalfEvil
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:10:53 AM

Posted 26 March 2015 - 11:24 PM

Ok, tried some things and I'm still stuck. Here are some questions:

 

1) Does the windows server machine have to be running DHCP and providing clients with IP addresses in order for said clients to connect to the domain the windows server machine is controlling?

 

2) Setting the server up as a domain controller and connecting computers to its domain is what I need to do in order to manage the computer/users/programs and allow the clients to read/edit files on the server based on their permissions, right?

 

 

As of now, I'd prefer the router to run DHCP and hand out the IP addresses if the answer to question #1 above is a no. I went into the router and made sure the server is getting a reserved IP address that's outside of the range of IP addresses it can hand out to devices on the network. I also double checked that the router's DNS is pointing to a public DNS server and it is (75.75.75.75 which I believe is my ISP's public DNS server). I also uninstalled the DHCP role on the server. Right now, the server is only setup to run the Active Directory Domain Services role and the DNS role.

 

I'm still having trouble getting clients to connect to the domain. What do you think the problem is?

 

Thanks again for the help


Edited by 333OnlyHalfEvil, 27 March 2015 - 01:22 AM.


#10 sflatechguy

sflatechguy

  • BC Advisor
  • 2,164 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:53 PM

Posted 27 March 2015 - 06:56 AM

Ok, tried some things and I'm still stuck. Here are some questions:

 

1) Does the windows server machine have to be running DHCP and providing clients with IP addresses in order for said clients to connect to the domain the windows server machine is controlling?

 

 

No. The only services you require on the domain controller are Active Directory and DNS. You can let the router handle the DHCP function and clients will still be able to connect to the domain. You do need to make sure that the domain controllers and the clients are all on the same network segment -- for example, 192.168.1.0 with a subnet mask of 255.255.255.0. You can tell the router to reserve a static IP address for the domain controller, and hand out IP addresses outside that range, but all the IP addresses have to be on the same network.

 

 

 

2) Setting the server up as a domain controller and connecting computers to its domain is what I need to do in order to manage the computer/users/programs and allow the clients to read/edit files on the server based on their permissions, right?

 

That is absolutely correct.

 

 

 

I'm still having trouble getting clients to connect to the domain. What do you think the problem is?

 

Doublecheck to make sure the domain controller and the clients are all on the same network segment. Using the above example, if the network is 192.168.1.0, the router can be 192.168.1.1, the domain controller can be 192.168.1.3, and the router can be configured to hand out IP addresses in the range of, say, 192.168.1.25 to 192.168.1.254. Make sure the subnet mask is the same for everyone -- as cited in the above example, it should be 255.255.255.0 for the router, the domain controller, and all clients.

Then, just configure the clients' DNS to point to the IP address of the domain controller. That should do it.



#11 333OnlyHalfEvil

333OnlyHalfEvil
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:10:53 AM

Posted 28 March 2015 - 05:54 PM

Yeah, I feel like that stuff is all good. Is there anything else it could be? Also, I'm using a range extender with a different ssid than the router that's handing out dhcp, could that be the problem? All of my devices can see and ping each other though.



#12 sflatechguy

sflatechguy

  • BC Advisor
  • 2,164 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:53 PM

Posted 28 March 2015 - 07:38 PM

Can you ping them by both IP and fully qualified domain name? The SSID shouldn't matter as much as the network address of the range extender.

 

I'd need to know more about your wireless setup, although it is unusual (and not entirely secure) to try and connect two domain controllers via WiFI. Is the first domain controller connected via Ethernet or WiFi? Can you move the DCs, or the first DC and a client you want to joint to the domain, so that you can physically connect them to the router via Ethernet? If the client or the other DC can join the domain that way, then it's almost definitely something in the wireless configuration.



#13 Wand3r3r

Wand3r3r

  • Members
  • 2,027 posts
  • OFFLINE
  •  
  • Local time:10:53 AM

Posted 29 March 2015 - 10:56 PM

"You can let the router handle the DHCP function and clients will still be able to connect to the domain"

 

This is ONLY true if the router can be configured to give the dns entry as that of the dns server. A number of routers can't do this and give the gateway as the dns server.

 

"You can tell the router to reserve a static IP address for the domain controller"

 

True but this is not good practices.  Servers should ALWAYS be assigned static ips and should NEVER use DHCP to get a ip assignment. There isn't a server in the business world that uses dhcp that I have ever seen.

 

"2) Setting the server up as a domain controller and connecting computers to its domain is what I need to do in order to manage the computer/users/programs and allow the clients to read/edit files on the server based on their permissions, right?"

 

Yes and no.  You can do the same on a peer to peer network. You just don't have the same level of control.  Server /client gives you better control.  Since you are clearly learning this stull you might work with peer to peer and then advance to server/client so you have a clear understanding of the differences of both.

 

Physical topology does not appear to be an issue.

 

You were asked for a ipconfig /all from the server and a workstation [post #6].  Did you understand the request?  This would tell us if you are properly configured in a glance.



#14 333OnlyHalfEvil

333OnlyHalfEvil
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:10:53 AM

Posted 02 April 2015 - 12:37 AM

Sorry for not posting the requested ipconfig screenshots. I was trying to figure out what was going on and see if I could figure it out before I did. I can't get the image thing on here to work for some reason so I just posted links.

 

Server ipconfig /all:

http://tinypic.com/r/35mno85/8

 

Client ipconfig /all part 1

http://tinypic.com/r/29y3uk5/8

 

Client ipconfig /all part 2

http://tinypic.com/r/15novug/8

 

What does this stuff tell you? Also, I double-checked the ip address of the range extender and it is also within the same network segment. 



#15 333OnlyHalfEvil

333OnlyHalfEvil
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:10:53 AM

Posted 02 April 2015 - 12:39 AM

Oh, and I'll try to move the server and client into the same room as the router and see if that helps tomorrow probably.






2 user(s) are reading this topic

1 members, 1 guests, 0 anonymous users


    BeckoningChasm