3

I have a win server 2k3 machine as a domain controller and a dhcp server. All of the wired machines work fine connecting to the domain controller and authenticating but the users that connect to the wireless router (and get their IPs from there) can't find the domain controller and access any of its resources.

So I ask, how do you get a computer to locate a domain controller on a network when it connects to a router on that network?

edit>the client is a win7 pro machine.

edit 2>I had a chance to try this out yesterday and it occurs to me that I left out an important piece of information: The router is the internet access as well.

Turning DHCP off on the router was no good; I could get all of the users logged onto the network and authenticated with the DC, but there was no internet. I did it the other way around and enabled DHCP on the router and disabled it on the server.

It works, every machine is on the internet, but I suspect that users aren't authenticating with the DC. I think this is the case because:

  1. I can't login to my machine with a different user account than one that has logged on to here in the past
  2. The "Network" name is just called "Network" in the network and sharing center (it was domainName.local before)
  3. Shared resources are sporadically unavailable.

I find it odd though because I can still access those resources (after a restart).

Steven Evers
  • 673
  • 5
  • 9
  • 23
  • "Domain" isn't the correct terminology here, BTW. Network would be more accurate. – EEAA Oct 31 '09 at 23:23
  • It would make your problem pretty clear to people if you filled in the IP addresses and dhcp settings of the things you are running. There is more likely than not a basic network understanding issue with how things are setup. – sclarson Nov 10 '09 at 15:23

5 Answers5

9

I'm guessing you have the wireless router still configured as a router. You need to turn off dhcp on that device and then just connect it to the rest of your network via one of its switch ports. This will turn it into a wireless bridge (instead of a router). After doing this, wireless clients will get their dhcp information from your 2k3 server and should have no connectivity issues.

**Edit after OP added additional information:

This is now sounding like a DNS problem. In an AD domain, clients use DNS to locate domain controllers. From what it sounds, you now have DHCP turned off on the server and turned on on your router. This is fine - you just need to make sure that your DHCP options are set up right.

Since your router is providing your NAT/internet access, you need to make sure that it's setting its own IP address as the default gateway. I'm guessing it's already doing that, as most consumer-grade routers don't allow you to change this value. Also, you'll need to make sure that it's giving out the IP address of your AD server as the primary DNS server. Without doing this, your clients won't be able to look up the IP address of the DC. A follow-on to this is that you'll need to make sure DNS is configured properly on your DC. In the default state, when clients send a DNS request to the server, the server will only be able to give an answer for domains that it knows about. In your case, this will be the domain of your AD. In order to get "full" DNS functionality out of that server, you'll need to specify a DNS forwarder in the DC's DNS server configuration. For this value, enter the IP address(s) of your ISP's dns servers. After doing this, your DC will be able to forward DNS queries it doesn't know the answer to on to your ISP's DNS server.

EEAA
  • 109,363
  • 18
  • 175
  • 245
  • This is my home network so I don't get a lot of time to fiddle with it after work. I'm going to give this a go on the weekend and I'll let you know how it went/mark it as correct. Thanks for the input ErikA. – Steven Evers Nov 04 '09 at 15:38
2

ErikA's answer was correct but left out a key part, which was why you had no internet access when you implemented it. Since the router in question is between the domain controller and the internet, the domain controller needs to point to that router as the default gateway. That said, assuming that active directory/dhcp/dns are all configured correctly on the server, here is what should be done.

  1. Give the router a static IP address on the network.
  2. Turn off DNS/DHCP on the router. If the router has an access point mode, that would be optimal.
  3. Have the domain controller point to the router's IP address as the default gateway.
Valvaris
  • 174
  • 1
  • 3
1

If there is routing between the DC and the wireless router, you can just set the DNS server in the router to be the DC.

If there is no routing, you need do do as Erik has said.

MDMarra
  • 100,734
  • 32
  • 197
  • 329
  • 1
    Right now there is: a router/modem <-> switch <-> server/workstations. There is one laptop that connects to the router via wireless. – Steven Evers Nov 08 '09 at 20:54
  • If you have routing configured between the subnets, then you can just make the DNS server that the subnet be the AD DNS server in router's settings. – MDMarra Nov 08 '09 at 21:22
1

Does the wireless router DHCP give out the correct DNS servers, ie the IP for your domain controllers and not the IP to itself? If not, that's the first thing to fix.

Second, having two DHCP servers might be a bit of a problem - deactivate one of the and have the other one doing the work solo.

Third, ErikA's answer is the neatest way to go...

Oskar Duveborn
  • 10,760
  • 3
  • 33
  • 48
0

Most likely your router works as firewall between AD and client.

Try to add rule allowing all traffic to and from the server. In my case I also had to allow Netbios over TCP.

alexm
  • 458
  • 3
  • 11