Server 2003 Network problems since IP address change

Hello Meinolf,

Dynamic updates is enabled and set to 'secure only'.

The ipconfig command didnt work and there are fair few errors in the eventwr
in both the server and the client.

The client
------------

Event ID : 11165

The system failed to register host (A) resource records (RRs) for network
adapter
with settings:

Adapter Name : {AB759FE5-E3DF-4FB9-9156-5552068F7C4B}
Host Name : easy2
Primary Domain Suffix : WSW.local
DNS server list :
192.168.1.1
Sent update to server : <?>
IP Address(es) :
192.168.1.23

The reason the system could not register these RRs was because the DNS
server contacted refused the update request. The reasons for this might be
(a) you are not allowed to update the specified DNS domain name, or (b)
because the DNS server authoritative for this name does not support the DNS
dynamic update protocol.

To register the DNS host (A) resource records using the specific DNS domain
name and IP addresses for this adapter, contact your DNS server or network
systems administrator.

The server
-------------

Error EventID : 6702

DNS server has updated its own host (A) records. In order to ensure that
its DS-integrated peer DNS servers are able to replicate with this server, an
attempt was made to update them with the new records through dynamic update.
An error was encountered during this update, the record data is the error
code.


Error Event ID : 4004

The DNS server was unable to complete directory service enumeration of zone
WSW.local. This DNS server is configured to use information obtained from
Active Directory for this zone and is unable to load the zone without it.
Check that the Active Directory is functioning properly and repeat
enumeration of the zone. The extended error debug information (which may be
empty) is "". The event data contains the error.


Warning EventID : 4521

The DNS server encountered error 32 attempting to load zone
0.168.192.in-addr.arpa from Active Directory. The DNS server will attempt to
load this zone again on the next timeout cycle. This can be caused by high
Active Directory load and may be a transient condition.


I hope that helps you as it doesnt mean much to me!!

Thanks a lot

"Meinolf Weber [MVP-DS]" wrote:

> Hello Oliver,
>
> Do you use dynamic updates on the zone properties?
>
> Also run ipconfig /registerdns on the client, this should register there
> entry in DNS zone, a message should appear similar to "takes about 15 minutes".
>
> Best regards
>
> Meinolf Weber
> Disclaimer: This posting is provided "AS IS" with no warranties, and confers
> no rights.
> ** Please do NOT email, only reply to Newsgroups
> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>
>
> > Hi Meinolf,
> >
> > I have removed the reverse lookup and added the new one as you
> > suggested.
> >
> > The servers are listed in the forward lookup zones but the clients
> > aren't.
> >
> > Yes Gpos are applied to OU's and the users are in the OU's.
> >
> > Gpresult returns : The user domain\user does not have RSOP data.
> >
> > Thanks
> >
> > "Meinolf Weber [MVP-DS]" wrote:
> >
> >> Hello Oliver,
> >>
> >> The iprange is not the reason that something does not work as long as
> >> all machines are using the correct subnet. If you say GPO's and logon
> >> script does not run.
> >>
> >> Remove the reverse lookupzone on the DNS server for 192.168.0.x
> >> network and create a new one for the 192.168.1.x network.
> >>
> >> Are the GPO's linked to the OU where the user/computers are located?
> >>
> >> Did you run gpresult /v on a client machine to see if the GPO is
> >> listed?
> >>
> >> Are all servers and clients are listed in the Forward lookup zones in
> >> your DNS server?
> >>
> >> Best regards
> >>
> >> Meinolf Weber
> >> Disclaimer: This posting is provided "AS IS" with no warranties, and
> >> confers
> >> no rights.
> >> ** Please do NOT email, only reply to Newsgroups
> >> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
> >>> Thanks for your suggestions guys.
> >>>
> >>> I have changed the DNS settings as you have both described. GPO's
> >>> and logon scripts still do not run. Of the clients I have tried this
> >>> morning they all seem to be able to access the server without
> >>> prompting for a username and password for access (even tho the user
> >>> is logged onto the domain)...but this seems to happen at strange
> >>> intervals so I am not confident that it is a closed issue yet.
> >>>
> >>> Would incorrect dns settings cause the type of issues I am having do
> >>> you think? I don't doubt that I had it setup incorrectly...I just
> >>> can't understand why clients would be denied access to network
> >>> resources based on log on credentials.
> >>>
> >>> The only other solution I can think of is to go back to 192.168.0.x
> >>> addressing like we had before to see if that makes a difference. I
> >>> am limited to what I can do during the working week due to
> >>> disruption though.
> >>>
> >>> I really appreciate your input thank you again.
> >>> "Meinolf Weber [MVP-DS]" wrote:
> >>>> Hello Oliver,
> >>>>
> >>>> The ipconfig output is from the client?
> >>>>
> >>>> Well, your DNS configuration coming from your DHCP server has only
> >>>> to provide domain internal ip addresses 192.168.1.2 for DNS The
> >>>> external addresses 194.72.9.38 and 62.6.40.162, i assume your ISP's
> >>>> DNS server are wrong at that place.
> >>>>
> >>>> On the DNS server properties in the DNS management console under
> >>>> the DNS server properties you have a FORWARDERS tab, here fill in
> >>>> the ISP's DNS server.
> >>>>
> >>>> If the ipconfig from the DC looks similar, change that also.
> >>>>
> >>>> The client should look like:
> >>>> ip 192.168.1.x
> >>>> sm 255.255.255.0
> >>>> dg 192.168.1.1
> >>>> dns 192.168.1.2
> >>>> and the server:
> >>>> ip 192.168.1.2
> >>>> sm 255.255.255.0
> >>>> dg 192.168.1.1
> >>>> dns 192.168.1.2
> >>>> Also if you do not use IPv6 i would uncheck the setting under the
> >>>> NIC
> >>>> properties.
> >>>> Best regards
> >>>>
> >>>> Meinolf Weber
> >>>> Disclaimer: This posting is provided "AS IS" with no warranties,
> >>>> and
> >>>> confers
> >>>> no rights.
> >>>> ** Please do NOT email, only reply to Newsgroups
> >>>> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
> >>>>> Hi,
> >>>>>
> >>>>> it is a AD run domain with a single DC. Previousley the old router
> >>>>> provided the DHCP addressing. When we moved offices we had BT come
> >>>>> and install our phone systems with a new router and hence the new
> >>>>> addresses. This router has proved very troublesome so I have
> >>>>> disabled the dhcp server on it and setup the same scope it was
> >>>>> using on the DC.
> >>>>>
> >>>>> ipconfig results :
> >>>>>
> >>>>> Connection-specific DNS Suffix . :
> >>>>> Description . . . . . . . . . . . : NVIDIA nForce Networking
> >>>>> Controller #5
> >>>>> Physical Address. . . . . . . . . : 00-1E-8C-2E-0F-2E
> >>>>> DHCP Enabled. . . . . . . . . . . : Yes
> >>>>> Autoconfiguration Enabled . . . . : Yes
> >>>>> Link-local IPv6 Address . . . . . :
> >>>>> fe80::459b:61f5:8668:2c01%24(Preferred)
> >>>>> IPv4 Address. . . . . . . . . . . : 192.168.1.21(Preferred)
> >>>>> Subnet Mask . . . . . . . . . . . : 255.255.255.0
> >>>>> Lease Obtained. . . . . . . . . . : 22 February 2009 14:33:09
> >>>>> Lease Expires . . . . . . . . . . : 22 March 2009 14:33:07
> >>>>> Default Gateway . . . . . . . . . : 192.168.1.1
> >>>>> DHCP Server . . . . . . . . . . . : 192.168.1.2
> >>>>> DNS Servers . . . . . . . . . . . : 194.72.9.38
> >>>>> 62.6.40.162
> >>>>> Primary WINS Server . . . . . . . : 192.168.1.2
> >>>>> NetBIOS over Tcpip. . . . . . . . : Enabled
> >>>>> The DC = 192.168.1.2
> >>>>> The router = 192.168.1.1
> >>>>> As per Meinolf Weber [MVP-DS] suggestion, I have just looked on
> >>>>> the
> >>>>> DC under DNS and under 'Reverse Lookup Zones' there is an entry
> >>>>> for
> >>>>> 192.168.0.x Subnet' with a list of pointers to computers and the
> >>>>> old
> >>>>> addresses they used to hold. Could this be something to do with
> >>>>> it?
> >>>>> Thanks for your help guys.
> >>>>> "Newell White" wrote:
> >>>>>
> >>>>>> "Oliver Maynard" wrote:
> >>>>>>
> >>>>>>> Hi, hopefully someone will be able to shed some light on this
> >>>>>>> problem.
> >>>>>>>
> >>>>>>> We have just moved offices and broadband providers. With the
> >>>>>>> move came a change of Ip addresses. we used to run on
> >>>>>>> 192.168.0.1/254 and now we use 192.168.1.1/254.
> >>>>>>>
> >>>>>>> Since the move I am getting loads of problems with GPO's not
> >>>>>>> applying to clients anymore and the biggest problem which is the
> >>>>>>> server refusing access to network drives. I have to manually
> >>>>>>> un-map the drives and add them again...most the times using a
> >>>>>>> different username and password as I get the error 'Multiple
> >>>>>>> connections to a server or shared resource by the same user,
> >>>>>>> using more than one username, are not allowed' or a similar one
> >>>>>>> which I cannot now replicate.
> >>>>>>>
> >>>>>>> Is this related to the IP address change? if so I musy have
> >>>>>>> missed something somewhere when I was updating the server.
> >>>>>>>
> >>>>>>> Thanks for you help.
> >>>>>>>
> >>>>>> More information is needed before anyone can help you.
> >>>>>>
> >>>>>> Is your network a domain or a workgroup?
> >>>>>> If a domain, is it AD-integrated zone? More than one DC?
> >>>>>> Does 2003 server provide DHCP for your network? Did you destroy
> >>>>>> old
> >>>>>> scope and create a new one?
> >>>>>> Please post ipconfig/all result for server and typical
> >>>>>> workstation.
> >>>>>> --
> >>>>>> Regards,
> >>>>>> Newell White
>
>
>

Hello Oliver,

Is there any firewall running on client or server? Is the Primary DNS suffix
added in the system properties, network identification, properties, choose
the "More" button?

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


> Hello Meinolf,
>
> Dynamic updates is enabled and set to 'secure only'.
>
> The ipconfig command didnt work and there are fair few errors in the
> eventwr in both the server and the client.
>
> The client
> ------------
> Event ID : 11165
>
> The system failed to register host (A) resource records (RRs) for
> network
> adapter
> with settings:
> Adapter Name : {AB759FE5-E3DF-4FB9-9156-5552068F7C4B}
> Host Name : easy2
> Primary Domain Suffix : WSW.local
> DNS server list :
> 192.168.1.1
> Sent update to server : <?>
> IP Address(es) :
> 192.168.1.23
> The reason the system could not register these RRs was because the
> DNS server contacted refused the update request. The reasons for this
> might be (a) you are not allowed to update the specified DNS domain
> name, or (b) because the DNS server authoritative for this name does
> not support the DNS dynamic update protocol.
>
> To register the DNS host (A) resource records using the specific DNS
> domain name and IP addresses for this adapter, contact your DNS server
> or network systems administrator.
>
> The server
> -------------
> Error EventID : 6702
>
> DNS server has updated its own host (A) records. In order to ensure
> that its DS-integrated peer DNS servers are able to replicate with
> this server, an attempt was made to update them with the new records
> through dynamic update. An error was encountered during this update,
> the record data is the error code.
>
> Error Event ID : 4004
>
> The DNS server was unable to complete directory service enumeration of
> zone WSW.local. This DNS server is configured to use information
> obtained from Active Directory for this zone and is unable to load the
> zone without it. Check that the Active Directory is functioning
> properly and repeat enumeration of the zone. The extended error debug
> information (which may be empty) is "". The event data contains the
> error.
>
> Warning EventID : 4521
>
> The DNS server encountered error 32 attempting to load zone
> 0.168.192.in-addr.arpa from Active Directory. The DNS server will
> attempt to load this zone again on the next timeout cycle. This can be
> caused by high Active Directory load and may be a transient condition.
>
> I hope that helps you as it doesnt mean much to me!!
>
> Thanks a lot
>
> "Meinolf Weber [MVP-DS]" wrote:
>
>> Hello Oliver,
>>
>> Do you use dynamic updates on the zone properties?
>>
>> Also run ipconfig /registerdns on the client, this should register
>> there entry in DNS zone, a message should appear similar to "takes
>> about 15 minutes".
>>
>> Best regards
>>
>> Meinolf Weber
>> Disclaimer: This posting is provided "AS IS" with no warranties, and
>> confers
>> no rights.
>> ** Please do NOT email, only reply to Newsgroups
>> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>>> Hi Meinolf,
>>>
>>> I have removed the reverse lookup and added the new one as you
>>> suggested.
>>>
>>> The servers are listed in the forward lookup zones but the clients
>>> aren't.
>>>
>>> Yes Gpos are applied to OU's and the users are in the OU's.
>>>
>>> Gpresult returns : The user domain\user does not have RSOP data.
>>>
>>> Thanks
>>>
>>> "Meinolf Weber [MVP-DS]" wrote:
>>>
>>>> Hello Oliver,
>>>>
>>>> The iprange is not the reason that something does not work as long
>>>> as all machines are using the correct subnet. If you say GPO's and
>>>> logon script does not run.
>>>>
>>>> Remove the reverse lookupzone on the DNS server for 192.168.0.x
>>>> network and create a new one for the 192.168.1.x network.
>>>>
>>>> Are the GPO's linked to the OU where the user/computers are
>>>> located?
>>>>
>>>> Did you run gpresult /v on a client machine to see if the GPO is
>>>> listed?
>>>>
>>>> Are all servers and clients are listed in the Forward lookup zones
>>>> in your DNS server?
>>>>
>>>> Best regards
>>>>
>>>> Meinolf Weber
>>>> Disclaimer: This posting is provided "AS IS" with no warranties,
>>>> and
>>>> confers
>>>> no rights.
>>>> ** Please do NOT email, only reply to Newsgroups
>>>> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>>>>> Thanks for your suggestions guys.
>>>>>
>>>>> I have changed the DNS settings as you have both described. GPO's
>>>>> and logon scripts still do not run. Of the clients I have tried
>>>>> this morning they all seem to be able to access the server without
>>>>> prompting for a username and password for access (even tho the
>>>>> user is logged onto the domain)...but this seems to happen at
>>>>> strange intervals so I am not confident that it is a closed issue
>>>>> yet.
>>>>>
>>>>> Would incorrect dns settings cause the type of issues I am having
>>>>> do you think? I don't doubt that I had it setup incorrectly...I
>>>>> just can't understand why clients would be denied access to
>>>>> network resources based on log on credentials.
>>>>>
>>>>> The only other solution I can think of is to go back to
>>>>> 192.168.0.x addressing like we had before to see if that makes a
>>>>> difference. I am limited to what I can do during the working week
>>>>> due to disruption though.
>>>>>
>>>>> I really appreciate your input thank you again.
>>>>> "Meinolf Weber [MVP-DS]" wrote:
>>>>>> Hello Oliver,
>>>>>>
>>>>>> The ipconfig output is from the client?
>>>>>>
>>>>>> Well, your DNS configuration coming from your DHCP server has
>>>>>> only to provide domain internal ip addresses 192.168.1.2 for DNS
>>>>>> The external addresses 194.72.9.38 and 62.6.40.162, i assume your
>>>>>> ISP's DNS server are wrong at that place.
>>>>>>
>>>>>> On the DNS server properties in the DNS management console under
>>>>>> the DNS server properties you have a FORWARDERS tab, here fill in
>>>>>> the ISP's DNS server.
>>>>>>
>>>>>> If the ipconfig from the DC looks similar, change that also.
>>>>>>
>>>>>> The client should look like:
>>>>>> ip 192.168.1.x
>>>>>> sm 255.255.255.0
>>>>>> dg 192.168.1.1
>>>>>> dns 192.168.1.2
>>>>>> and the server:
>>>>>> ip 192.168.1.2
>>>>>> sm 255.255.255.0
>>>>>> dg 192.168.1.1
>>>>>> dns 192.168.1.2
>>>>>> Also if you do not use IPv6 i would uncheck the setting under the
>>>>>> NIC
>>>>>> properties.
>>>>>> Best regards
>>>>>> Meinolf Weber
>>>>>> Disclaimer: This posting is provided "AS IS" with no warranties,
>>>>>> and
>>>>>> confers
>>>>>> no rights.
>>>>>> ** Please do NOT email, only reply to Newsgroups
>>>>>> ** HELP us help YOU!!!
>>>>>> http://www.blakjak.demon.co.uk/mul_crss.htm
>>>>>>> Hi,
>>>>>>>
>>>>>>> it is a AD run domain with a single DC. Previousley the old
>>>>>>> router provided the DHCP addressing. When we moved offices we
>>>>>>> had BT come and install our phone systems with a new router and
>>>>>>> hence the new addresses. This router has proved very troublesome
>>>>>>> so I have disabled the dhcp server on it and setup the same
>>>>>>> scope it was using on the DC.
>>>>>>>
>>>>>>> ipconfig results :
>>>>>>>
>>>>>>> Connection-specific DNS Suffix . :
>>>>>>> Description . . . . . . . . . . . : NVIDIA nForce Networking
>>>>>>> Controller #5
>>>>>>> Physical Address. . . . . . . . . : 00-1E-8C-2E-0F-2E
>>>>>>> DHCP Enabled. . . . . . . . . . . : Yes
>>>>>>> Autoconfiguration Enabled . . . . : Yes
>>>>>>> Link-local IPv6 Address . . . . . :
>>>>>>> fe80::459b:61f5:8668:2c01%24(Preferred)
>>>>>>> IPv4 Address. . . . . . . . . . . : 192.168.1.21(Preferred)
>>>>>>> Subnet Mask . . . . . . . . . . . : 255.255.255.0
>>>>>>> Lease Obtained. . . . . . . . . . : 22 February 2009 14:33:09
>>>>>>> Lease Expires . . . . . . . . . . : 22 March 2009 14:33:07
>>>>>>> Default Gateway . . . . . . . . . : 192.168.1.1
>>>>>>> DHCP Server . . . . . . . . . . . : 192.168.1.2
>>>>>>> DNS Servers . . . . . . . . . . . : 194.72.9.38
>>>>>>> 62.6.40.162
>>>>>>> Primary WINS Server . . . . . . . : 192.168.1.2
>>>>>>> NetBIOS over Tcpip. . . . . . . . : Enabled
>>>>>>> The DC = 192.168.1.2
>>>>>>> The router = 192.168.1.1
>>>>>>> As per Meinolf Weber [MVP-DS] suggestion, I have just looked
>>>>>>> on
>>>>>>> the
>>>>>>> DC under DNS and under 'Reverse Lookup Zones' there is an entry
>>>>>>> for
>>>>>>> 192.168.0.x Subnet' with a list of pointers to computers and the
>>>>>>> old
>>>>>>> addresses they used to hold. Could this be something to do with
>>>>>>> it?
>>>>>>> Thanks for your help guys.
>>>>>>> "Newell White" wrote:
>>>>>>>> "Oliver Maynard" wrote:
>>>>>>>>
>>>>>>>>> Hi, hopefully someone will be able to shed some light on this
>>>>>>>>> problem.
>>>>>>>>>
>>>>>>>>> We have just moved offices and broadband providers. With the
>>>>>>>>> move came a change of Ip addresses. we used to run on
>>>>>>>>> 192.168.0.1/254 and now we use 192.168.1.1/254.
>>>>>>>>>
>>>>>>>>> Since the move I am getting loads of problems with GPO's not
>>>>>>>>> applying to clients anymore and the biggest problem which is
>>>>>>>>> the server refusing access to network drives. I have to
>>>>>>>>> manually un-map the drives and add them again...most the times
>>>>>>>>> using a different username and password as I get the error
>>>>>>>>> 'Multiple connections to a server or shared resource by the
>>>>>>>>> same user, using more than one username, are not allowed' or a
>>>>>>>>> similar one which I cannot now replicate.
>>>>>>>>>
>>>>>>>>> Is this related to the IP address change? if so I musy have
>>>>>>>>> missed something somewhere when I was updating the server.
>>>>>>>>>
>>>>>>>>> Thanks for you help.
>>>>>>>>>
>>>>>>>> More information is needed before anyone can help you.
>>>>>>>>
>>>>>>>> Is your network a domain or a workgroup?
>>>>>>>> If a domain, is it AD-integrated zone? More than one DC?
>>>>>>>> Does 2003 server provide DHCP for your network? Did you destroy
>>>>>>>> old
>>>>>>>> scope and create a new one?
>>>>>>>> Please post ipconfig/all result for server and typical
>>>>>>>> workstation.
>>>>>>>> --
>>>>>>>> Regards,
>>>>>>>> Newell White

Hello Meinolf,

Only the windows firewall is running. I just tried to disable it but when I
try to open it (on the server) I get the error 'Windows firewll cannot run
because another program or service is running that might use the network
address translation compnant (Ipnat.sys)'.

I am not sure where you find the 'network identification' section you
mentioned. If you mean is it listed in the properties of the network adapter
then yes it is.

Thanks again for your help with this....sorry it seems to be such a problem.

Best regards,
Oliver

"Meinolf Weber [MVP-DS]" wrote:

> Hello Oliver,
>
> Is there any firewall running on client or server? Is the Primary DNS suffix
> added in the system properties, network identification, properties, choose
> the "More" button?
>
> Best regards
>
> Meinolf Weber
> Disclaimer: This posting is provided "AS IS" with no warranties, and confers
> no rights.
> ** Please do NOT email, only reply to Newsgroups
> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>
>
> > Hello Meinolf,
> >
> > Dynamic updates is enabled and set to 'secure only'.
> >
> > The ipconfig command didnt work and there are fair few errors in the
> > eventwr in both the server and the client.
> >
> > The client
> > ------------
> > Event ID : 11165
> >
> > The system failed to register host (A) resource records (RRs) for
> > network
> > adapter
> > with settings:
> > Adapter Name : {AB759FE5-E3DF-4FB9-9156-5552068F7C4B}
> > Host Name : easy2
> > Primary Domain Suffix : WSW.local
> > DNS server list :
> > 192.168.1.1
> > Sent update to server : <?>
> > IP Address(es) :
> > 192.168.1.23
> > The reason the system could not register these RRs was because the
> > DNS server contacted refused the update request. The reasons for this
> > might be (a) you are not allowed to update the specified DNS domain
> > name, or (b) because the DNS server authoritative for this name does
> > not support the DNS dynamic update protocol.
> >
> > To register the DNS host (A) resource records using the specific DNS
> > domain name and IP addresses for this adapter, contact your DNS server
> > or network systems administrator.
> >
> > The server
> > -------------
> > Error EventID : 6702
> >
> > DNS server has updated its own host (A) records. In order to ensure
> > that its DS-integrated peer DNS servers are able to replicate with
> > this server, an attempt was made to update them with the new records
> > through dynamic update. An error was encountered during this update,
> > the record data is the error code.
> >
> > Error Event ID : 4004
> >
> > The DNS server was unable to complete directory service enumeration of
> > zone WSW.local. This DNS server is configured to use information
> > obtained from Active Directory for this zone and is unable to load the
> > zone without it. Check that the Active Directory is functioning
> > properly and repeat enumeration of the zone. The extended error debug
> > information (which may be empty) is "". The event data contains the
> > error.
> >
> > Warning EventID : 4521
> >
> > The DNS server encountered error 32 attempting to load zone
> > 0.168.192.in-addr.arpa from Active Directory. The DNS server will
> > attempt to load this zone again on the next timeout cycle. This can be
> > caused by high Active Directory load and may be a transient condition.
> >
> > I hope that helps you as it doesnt mean much to me!!
> >
> > Thanks a lot
> >
> > "Meinolf Weber [MVP-DS]" wrote:
> >
> >> Hello Oliver,
> >>
> >> Do you use dynamic updates on the zone properties?
> >>
> >> Also run ipconfig /registerdns on the client, this should register
> >> there entry in DNS zone, a message should appear similar to "takes
> >> about 15 minutes".
> >>
> >> Best regards
> >>
> >> Meinolf Weber
> >> Disclaimer: This posting is provided "AS IS" with no warranties, and
> >> confers
> >> no rights.
> >> ** Please do NOT email, only reply to Newsgroups
> >> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
> >>> Hi Meinolf,
> >>>
> >>> I have removed the reverse lookup and added the new one as you
> >>> suggested.
> >>>
> >>> The servers are listed in the forward lookup zones but the clients
> >>> aren't.
> >>>
> >>> Yes Gpos are applied to OU's and the users are in the OU's.
> >>>
> >>> Gpresult returns : The user domain\user does not have RSOP data.
> >>>
> >>> Thanks
> >>>
> >>> "Meinolf Weber [MVP-DS]" wrote:
> >>>
> >>>> Hello Oliver,
> >>>>
> >>>> The iprange is not the reason that something does not work as long
> >>>> as all machines are using the correct subnet. If you say GPO's and
> >>>> logon script does not run.
> >>>>
> >>>> Remove the reverse lookupzone on the DNS server for 192.168.0.x
> >>>> network and create a new one for the 192.168.1.x network.
> >>>>
> >>>> Are the GPO's linked to the OU where the user/computers are
> >>>> located?
> >>>>
> >>>> Did you run gpresult /v on a client machine to see if the GPO is
> >>>> listed?
> >>>>
> >>>> Are all servers and clients are listed in the Forward lookup zones
> >>>> in your DNS server?
> >>>>
> >>>> Best regards
> >>>>
> >>>> Meinolf Weber
> >>>> Disclaimer: This posting is provided "AS IS" with no warranties,
> >>>> and
> >>>> confers
> >>>> no rights.
> >>>> ** Please do NOT email, only reply to Newsgroups
> >>>> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
> >>>>> Thanks for your suggestions guys.
> >>>>>
> >>>>> I have changed the DNS settings as you have both described. GPO's
> >>>>> and logon scripts still do not run. Of the clients I have tried
> >>>>> this morning they all seem to be able to access the server without
> >>>>> prompting for a username and password for access (even tho the
> >>>>> user is logged onto the domain)...but this seems to happen at
> >>>>> strange intervals so I am not confident that it is a closed issue
> >>>>> yet.
> >>>>>
> >>>>> Would incorrect dns settings cause the type of issues I am having
> >>>>> do you think? I don't doubt that I had it setup incorrectly...I
> >>>>> just can't understand why clients would be denied access to
> >>>>> network resources based on log on credentials.
> >>>>>
> >>>>> The only other solution I can think of is to go back to
> >>>>> 192.168.0.x addressing like we had before to see if that makes a
> >>>>> difference. I am limited to what I can do during the working week
> >>>>> due to disruption though.
> >>>>>
> >>>>> I really appreciate your input thank you again.
> >>>>> "Meinolf Weber [MVP-DS]" wrote:
> >>>>>> Hello Oliver,
> >>>>>>
> >>>>>> The ipconfig output is from the client?
> >>>>>>
> >>>>>> Well, your DNS configuration coming from your DHCP server has
> >>>>>> only to provide domain internal ip addresses 192.168.1.2 for DNS
> >>>>>> The external addresses 194.72.9.38 and 62.6.40.162, i assume your
> >>>>>> ISP's DNS server are wrong at that place.
> >>>>>>
> >>>>>> On the DNS server properties in the DNS management console under
> >>>>>> the DNS server properties you have a FORWARDERS tab, here fill in
> >>>>>> the ISP's DNS server.
> >>>>>>
> >>>>>> If the ipconfig from the DC looks similar, change that also.
> >>>>>>
> >>>>>> The client should look like:
> >>>>>> ip 192.168.1.x
> >>>>>> sm 255.255.255.0
> >>>>>> dg 192.168.1.1
> >>>>>> dns 192.168.1.2
> >>>>>> and the server:
> >>>>>> ip 192.168.1.2
> >>>>>> sm 255.255.255.0
> >>>>>> dg 192.168.1.1
> >>>>>> dns 192.168.1.2
> >>>>>> Also if you do not use IPv6 i would uncheck the setting under the
> >>>>>> NIC
> >>>>>> properties.
> >>>>>> Best regards
> >>>>>> Meinolf Weber
> >>>>>> Disclaimer: This posting is provided "AS IS" with no warranties,
> >>>>>> and
> >>>>>> confers
> >>>>>> no rights.
> >>>>>> ** Please do NOT email, only reply to Newsgroups
> >>>>>> ** HELP us help YOU!!!
> >>>>>> http://www.blakjak.demon.co.uk/mul_crss.htm
> >>>>>>> Hi,
> >>>>>>>
> >>>>>>> it is a AD run domain with a single DC. Previousley the old
> >>>>>>> router provided the DHCP addressing. When we moved offices we
> >>>>>>> had BT come and install our phone systems with a new router and
> >>>>>>> hence the new addresses. This router has proved very troublesome
> >>>>>>> so I have disabled the dhcp server on it and setup the same
> >>>>>>> scope it was using on the DC.
> >>>>>>>
> >>>>>>> ipconfig results :
> >>>>>>>
> >>>>>>> Connection-specific DNS Suffix . :
> >>>>>>> Description . . . . . . . . . . . : NVIDIA nForce Networking
> >>>>>>> Controller #5
> >>>>>>> Physical Address. . . . . . . . . : 00-1E-8C-2E-0F-2E
> >>>>>>> DHCP Enabled. . . . . . . . . . . : Yes
> >>>>>>> Autoconfiguration Enabled . . . . : Yes
> >>>>>>> Link-local IPv6 Address . . . . . :
> >>>>>>> fe80::459b:61f5:8668:2c01%24(Preferred)
> >>>>>>> IPv4 Address. . . . . . . . . . . : 192.168.1.21(Preferred)
> >>>>>>> Subnet Mask . . . . . . . . . . . : 255.255.255.0
> >>>>>>> Lease Obtained. . . . . . . . . . : 22 February 2009 14:33:09
> >>>>>>> Lease Expires . . . . . . . . . . : 22 March 2009 14:33:07
> >>>>>>> Default Gateway . . . . . . . . . : 192.168.1.1
> >>>>>>> DHCP Server . . . . . . . . . . . : 192.168.1.2
> >>>>>>> DNS Servers . . . . . . . . . . . : 194.72.9.38
> >>>>>>> 62.6.40.162
> >>>>>>> Primary WINS Server . . . . . . . : 192.168.1.2
> >>>>>>> NetBIOS over Tcpip. . . . . . . . : Enabled
> >>>>>>> The DC = 192.168.1.2
> >>>>>>> The router = 192.168.1.1
> >>>>>>> As per Meinolf Weber [MVP-DS] suggestion, I have just looked
> >>>>>>> on
> >>>>>>> the
> >>>>>>> DC under DNS and under 'Reverse Lookup Zones' there is an entry
> >>>>>>> for
> >>>>>>> 192.168.0.x Subnet' with a list of pointers to computers and the
> >>>>>>> old
> >>>>>>> addresses they used to hold. Could this be something to do with
> >>>>>>> it?
> >>>>>>> Thanks for your help guys.
> >>>>>>> "Newell White" wrote:
> >>>>>>>> "Oliver Maynard" wrote:
> >>>>>>>>
> >>>>>>>>> Hi, hopefully someone will be able to shed some light on this
> >>>>>>>>> problem.
> >>>>>>>>>
> >>>>>>>>> We have just moved offices and broadband providers. With the
> >>>>>>>>> move came a change of Ip addresses. we used to run on
> >>>>>>>>> 192.168.0.1/254 and now we use 192.168.1.1/254.
> >>>>>>>>>
> >>>>>>>>> Since the move I am getting loads of problems with GPO's not
> >>>>>>>>> applying to clients anymore and the biggest problem which is
> >>>>>>>>> the server refusing access to network drives. I have to
> >>>>>>>>> manually un-map the drives and add them again...most the times
> >>>>>>>>> using a different username and password as I get the error
> >>>>>>>>> 'Multiple connections to a server or shared resource by the
> >>>>>>>>> same user, using more than one username, are not allowed' or a
> >>>>>>>>> similar one which I cannot now replicate.
> >>>>>>>>>
> >>>>>>>>> Is this related to the IP address change? if so I musy have
> >>>>>>>>> missed something somewhere when I was updating the server.
> >>>>>>>>>
> >>>>>>>>> Thanks for you help.
> >>>>>>>>>
> >>>>>>>> More information is needed before anyone can help you.
> >>>>>>>>
> >>>>>>>> Is your network a domain or a workgroup?
> >>>>>>>> If a domain, is it AD-integrated zone? More than one DC?
> >>>>>>>> Does 2003 server provide DHCP for your network? Did you destroy
> >>>>>>>> old
> >>>>>>>> scope and create a new one?
> >>>>>>>> Please post ipconfig/all result for server and typical
> >>>>>>>> workstation.
> >>>>>>>> --
> >>>>>>>> Regards,
> >>>>>>>> Newell White
>
>
>

Hello Oliver,

Have you enabled internet connection sharing on the NIC properties, Advanced
tab?

Rightclick "My Computer", properties, Computer name or network identification,
"Change" button, choose the "More" button?

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


> Hello Meinolf,
>
> Only the windows firewall is running. I just tried to disable it but
> when I try to open it (on the server) I get the error 'Windows firewll
> cannot run because another program or service is running that might
> use the network address translation compnant (Ipnat.sys)'.
>
> I am not sure where you find the 'network identification' section you
> mentioned. If you mean is it listed in the properties of the network
> adapter then yes it is.
>
> Thanks again for your help with this....sorry it seems to be such a
> problem.
>
> Best regards,
> Oliver
> "Meinolf Weber [MVP-DS]" wrote:
>
>> Hello Oliver,
>>
>> Is there any firewall running on client or server? Is the Primary DNS
>> suffix added in the system properties, network identification,
>> properties, choose the "More" button?
>>
>> Best regards
>>
>> Meinolf Weber
>> Disclaimer: This posting is provided "AS IS" with no warranties, and
>> confers
>> no rights.
>> ** Please do NOT email, only reply to Newsgroups
>> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>>> Hello Meinolf,
>>>
>>> Dynamic updates is enabled and set to 'secure only'.
>>>
>>> The ipconfig command didnt work and there are fair few errors in the
>>> eventwr in both the server and the client.
>>>
>>> The client
>>> ------------
>>> Event ID : 11165
>>> The system failed to register host (A) resource records (RRs) for
>>> network
>>> adapter
>>> with settings:
>>> Adapter Name : {AB759FE5-E3DF-4FB9-9156-5552068F7C4B}
>>> Host Name : easy2
>>> Primary Domain Suffix : WSW.local
>>> DNS server list :
>>> 192.168.1.1
>>> Sent update to server : <?>
>>> IP Address(es) :
>>> 192.168.1.23
>>> The reason the system could not register these RRs was because the
>>> DNS server contacted refused the update request. The reasons for
>>> this
>>> might be (a) you are not allowed to update the specified DNS domain
>>> name, or (b) because the DNS server authoritative for this name does
>>> not support the DNS dynamic update protocol.
>>> To register the DNS host (A) resource records using the specific DNS
>>> domain name and IP addresses for this adapter, contact your DNS
>>> server or network systems administrator.
>>>
>>> The server
>>> -------------
>>> Error EventID : 6702
>>> DNS server has updated its own host (A) records. In order to ensure
>>> that its DS-integrated peer DNS servers are able to replicate with
>>> this server, an attempt was made to update them with the new records
>>> through dynamic update. An error was encountered during this
>>> update, the record data is the error code.
>>>
>>> Error Event ID : 4004
>>>
>>> The DNS server was unable to complete directory service enumeration
>>> of zone WSW.local. This DNS server is configured to use information
>>> obtained from Active Directory for this zone and is unable to load
>>> the zone without it. Check that the Active Directory is functioning
>>> properly and repeat enumeration of the zone. The extended error
>>> debug information (which may be empty) is "". The event data
>>> contains the error.
>>>
>>> Warning EventID : 4521
>>>
>>> The DNS server encountered error 32 attempting to load zone
>>> 0.168.192.in-addr.arpa from Active Directory. The DNS server will
>>> attempt to load this zone again on the next timeout cycle. This can
>>> be caused by high Active Directory load and may be a transient
>>> condition.
>>>
>>> I hope that helps you as it doesnt mean much to me!!
>>>
>>> Thanks a lot
>>>
>>> "Meinolf Weber [MVP-DS]" wrote:
>>>
>>>> Hello Oliver,
>>>>
>>>> Do you use dynamic updates on the zone properties?
>>>>
>>>> Also run ipconfig /registerdns on the client, this should register
>>>> there entry in DNS zone, a message should appear similar to "takes
>>>> about 15 minutes".
>>>>
>>>> Best regards
>>>>
>>>> Meinolf Weber
>>>> Disclaimer: This posting is provided "AS IS" with no warranties,
>>>> and
>>>> confers
>>>> no rights.
>>>> ** Please do NOT email, only reply to Newsgroups
>>>> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>>>>> Hi Meinolf,
>>>>>
>>>>> I have removed the reverse lookup and added the new one as you
>>>>> suggested.
>>>>>
>>>>> The servers are listed in the forward lookup zones but the clients
>>>>> aren't.
>>>>>
>>>>> Yes Gpos are applied to OU's and the users are in the OU's.
>>>>>
>>>>> Gpresult returns : The user domain\user does not have RSOP data.
>>>>>
>>>>> Thanks
>>>>>
>>>>> "Meinolf Weber [MVP-DS]" wrote:
>>>>>
>>>>>> Hello Oliver,
>>>>>>
>>>>>> The iprange is not the reason that something does not work as
>>>>>> long as all machines are using the correct subnet. If you say
>>>>>> GPO's and logon script does not run.
>>>>>>
>>>>>> Remove the reverse lookupzone on the DNS server for 192.168.0.x
>>>>>> network and create a new one for the 192.168.1.x network.
>>>>>>
>>>>>> Are the GPO's linked to the OU where the user/computers are
>>>>>> located?
>>>>>>
>>>>>> Did you run gpresult /v on a client machine to see if the GPO is
>>>>>> listed?
>>>>>>
>>>>>> Are all servers and clients are listed in the Forward lookup
>>>>>> zones in your DNS server?
>>>>>>
>>>>>> Best regards
>>>>>>
>>>>>> Meinolf Weber
>>>>>> Disclaimer: This posting is provided "AS IS" with no warranties,
>>>>>> and
>>>>>> confers
>>>>>> no rights.
>>>>>> ** Please do NOT email, only reply to Newsgroups
>>>>>> ** HELP us help YOU!!!
>>>>>> http://www.blakjak.demon.co.uk/mul_crss.htm
>>>>>>> Thanks for your suggestions guys.
>>>>>>>
>>>>>>> I have changed the DNS settings as you have both described.
>>>>>>> GPO's and logon scripts still do not run. Of the clients I have
>>>>>>> tried this morning they all seem to be able to access the server
>>>>>>> without prompting for a username and password for access (even
>>>>>>> tho the user is logged onto the domain)...but this seems to
>>>>>>> happen at strange intervals so I am not confident that it is a
>>>>>>> closed issue yet.
>>>>>>>
>>>>>>> Would incorrect dns settings cause the type of issues I am
>>>>>>> having do you think? I don't doubt that I had it setup
>>>>>>> incorrectly...I just can't understand why clients would be
>>>>>>> denied access to network resources based on log on credentials.
>>>>>>>
>>>>>>> The only other solution I can think of is to go back to
>>>>>>> 192.168.0.x addressing like we had before to see if that makes a
>>>>>>> difference. I am limited to what I can do during the working
>>>>>>> week due to disruption though.
>>>>>>>
>>>>>>> I really appreciate your input thank you again.
>>>>>>> "Meinolf Weber [MVP-DS]" wrote:
>>>>>>>> Hello Oliver,
>>>>>>>>
>>>>>>>> The ipconfig output is from the client?
>>>>>>>>
>>>>>>>> Well, your DNS configuration coming from your DHCP server has
>>>>>>>> only to provide domain internal ip addresses 192.168.1.2 for
>>>>>>>> DNS The external addresses 194.72.9.38 and 62.6.40.162, i
>>>>>>>> assume your ISP's DNS server are wrong at that place.
>>>>>>>>
>>>>>>>> On the DNS server properties in the DNS management console
>>>>>>>> under the DNS server properties you have a FORWARDERS tab, here
>>>>>>>> fill in the ISP's DNS server.
>>>>>>>>
>>>>>>>> If the ipconfig from the DC looks similar, change that also.
>>>>>>>>
>>>>>>>> The client should look like:
>>>>>>>> ip 192.168.1.x
>>>>>>>> sm 255.255.255.0
>>>>>>>> dg 192.168.1.1
>>>>>>>> dns 192.168.1.2
>>>>>>>> and the server:
>>>>>>>> ip 192.168.1.2
>>>>>>>> sm 255.255.255.0
>>>>>>>> dg 192.168.1.1
>>>>>>>> dns 192.168.1.2
>>>>>>>> Also if you do not use IPv6 i would uncheck the setting under
>>>>>>>> the
>>>>>>>> NIC
>>>>>>>> properties.
>>>>>>>> Best regards
>>>>>>>> Meinolf Weber
>>>>>>>> Disclaimer: This posting is provided "AS IS" with no
>>>>>>>> warranties,
>>>>>>>> and
>>>>>>>> confers
>>>>>>>> no rights.
>>>>>>>> ** Please do NOT email, only reply to Newsgroups
>>>>>>>> ** HELP us help YOU!!!
>>>>>>>> http://www.blakjak.demon.co.uk/mul_crss.htm
>>>>>>>>> Hi,
>>>>>>>>>
>>>>>>>>> it is a AD run domain with a single DC. Previousley the old
>>>>>>>>> router provided the DHCP addressing. When we moved offices we
>>>>>>>>> had BT come and install our phone systems with a new router
>>>>>>>>> and hence the new addresses. This router has proved very
>>>>>>>>> troublesome so I have disabled the dhcp server on it and setup
>>>>>>>>> the same scope it was using on the DC.
>>>>>>>>>
>>>>>>>>> ipconfig results :
>>>>>>>>>
>>>>>>>>> Connection-specific DNS Suffix . :
>>>>>>>>> Description . . . . . . . . . . . : NVIDIA nForce Networking
>>>>>>>>> Controller #5
>>>>>>>>> Physical Address. . . . . . . . . : 00-1E-8C-2E-0F-2E
>>>>>>>>> DHCP Enabled. . . . . . . . . . . : Yes
>>>>>>>>> Autoconfiguration Enabled . . . . : Yes
>>>>>>>>> Link-local IPv6 Address . . . . . :
>>>>>>>>> fe80::459b:61f5:8668:2c01%24(Preferred)
>>>>>>>>> IPv4 Address. . . . . . . . . . . : 192.168.1.21(Preferred)
>>>>>>>>> Subnet Mask . . . . . . . . . . . : 255.255.255.0
>>>>>>>>> Lease Obtained. . . . . . . . . . : 22 February 2009 14:33:09
>>>>>>>>> Lease Expires . . . . . . . . . . : 22 March 2009 14:33:07
>>>>>>>>> Default Gateway . . . . . . . . . : 192.168.1.1
>>>>>>>>> DHCP Server . . . . . . . . . . . : 192.168.1.2
>>>>>>>>> DNS Servers . . . . . . . . . . . : 194.72.9.38
>>>>>>>>> 62.6.40.162
>>>>>>>>> Primary WINS Server . . . . . . . : 192.168.1.2
>>>>>>>>> NetBIOS over Tcpip. . . . . . . . : Enabled
>>>>>>>>> The DC = 192.168.1.2
>>>>>>>>> The router = 192.168.1.1
>>>>>>>>> As per Meinolf Weber [MVP-DS] suggestion, I have just looked
>>>>>>>>> on
>>>>>>>>> the
>>>>>>>>> DC under DNS and under 'Reverse Lookup Zones' there is an
>>>>>>>>> entry
>>>>>>>>> for
>>>>>>>>> 192.168.0.x Subnet' with a list of pointers to computers and
>>>>>>>>> the
>>>>>>>>> old
>>>>>>>>> addresses they used to hold. Could this be something to do
>>>>>>>>> with
>>>>>>>>> it?
>>>>>>>>> Thanks for your help guys.
>>>>>>>>> "Newell White" wrote:
>>>>>>>>>> "Oliver Maynard" wrote:
>>>>>>>>>>
>>>>>>>>>>> Hi, hopefully someone will be able to shed some light on
>>>>>>>>>>> this problem.
>>>>>>>>>>>
>>>>>>>>>>> We have just moved offices and broadband providers. With the
>>>>>>>>>>> move came a change of Ip addresses. we used to run on
>>>>>>>>>>> 192.168.0.1/254 and now we use 192.168.1.1/254.
>>>>>>>>>>>
>>>>>>>>>>> Since the move I am getting loads of problems with GPO's not
>>>>>>>>>>> applying to clients anymore and the biggest problem which is
>>>>>>>>>>> the server refusing access to network drives. I have to
>>>>>>>>>>> manually un-map the drives and add them again...most the
>>>>>>>>>>> times using a different username and password as I get the
>>>>>>>>>>> error 'Multiple connections to a server or shared resource
>>>>>>>>>>> by the same user, using more than one username, are not
>>>>>>>>>>> allowed' or a similar one which I cannot now replicate.
>>>>>>>>>>>
>>>>>>>>>>> Is this related to the IP address change? if so I musy have
>>>>>>>>>>> missed something somewhere when I was updating the server.
>>>>>>>>>>>
>>>>>>>>>>> Thanks for you help.
>>>>>>>>>>>
>>>>>>>>>> More information is needed before anyone can help you.
>>>>>>>>>>
>>>>>>>>>> Is your network a domain or a workgroup?
>>>>>>>>>> If a domain, is it AD-integrated zone? More than one DC?
>>>>>>>>>> Does 2003 server provide DHCP for your network? Did you
>>>>>>>>>> destroy
>>>>>>>>>> old
>>>>>>>>>> scope and create a new one?
>>>>>>>>>> Please post ipconfig/all result for server and typical
>>>>>>>>>> workstation.
>>>>>>>>>> --
>>>>>>>>>> Regards,
>>>>>>>>>> Newell White

Hi Meinolf,

In addition to that last post in regards to the ipnat.sys....I was working
over a vpn when I was trying to configure it and I have just read that this
can cause a problem. Strangely today I couldnt connect to any of my remote
desktops over the vpn either.

Regards,
Oliver

"Oliver Maynard" wrote:

> Hello Meinolf,
>
> Only the windows firewall is running. I just tried to disable it but when I
> try to open it (on the server) I get the error 'Windows firewll cannot run
> because another program or service is running that might use the network
> address translation compnant (Ipnat.sys)'.
>
> I am not sure where you find the 'network identification' section you
> mentioned. If you mean is it listed in the properties of the network adapter
> then yes it is.
>
> Thanks again for your help with this....sorry it seems to be such a problem.
>
> Best regards,
> Oliver
>
> "Meinolf Weber [MVP-DS]" wrote:
>
> > Hello Oliver,
> >
> > Is there any firewall running on client or server? Is the Primary DNS suffix
> > added in the system properties, network identification, properties, choose
> > the "More" button?
> >
> > Best regards
> >
> > Meinolf Weber
> > Disclaimer: This posting is provided "AS IS" with no warranties, and confers
> > no rights.
> > ** Please do NOT email, only reply to Newsgroups
> > ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
> >
> >
> > > Hello Meinolf,
> > >
> > > Dynamic updates is enabled and set to 'secure only'.
> > >
> > > The ipconfig command didnt work and there are fair few errors in the
> > > eventwr in both the server and the client.
> > >
> > > The client
> > > ------------
> > > Event ID : 11165
> > >
> > > The system failed to register host (A) resource records (RRs) for
> > > network
> > > adapter
> > > with settings:
> > > Adapter Name : {AB759FE5-E3DF-4FB9-9156-5552068F7C4B}
> > > Host Name : easy2
> > > Primary Domain Suffix : WSW.local
> > > DNS server list :
> > > 192.168.1.1
> > > Sent update to server : <?>
> > > IP Address(es) :
> > > 192.168.1.23
> > > The reason the system could not register these RRs was because the
> > > DNS server contacted refused the update request. The reasons for this
> > > might be (a) you are not allowed to update the specified DNS domain
> > > name, or (b) because the DNS server authoritative for this name does
> > > not support the DNS dynamic update protocol.
> > >
> > > To register the DNS host (A) resource records using the specific DNS
> > > domain name and IP addresses for this adapter, contact your DNS server
> > > or network systems administrator.
> > >
> > > The server
> > > -------------
> > > Error EventID : 6702
> > >
> > > DNS server has updated its own host (A) records. In order to ensure
> > > that its DS-integrated peer DNS servers are able to replicate with
> > > this server, an attempt was made to update them with the new records
> > > through dynamic update. An error was encountered during this update,
> > > the record data is the error code.
> > >
> > > Error Event ID : 4004
> > >
> > > The DNS server was unable to complete directory service enumeration of
> > > zone WSW.local. This DNS server is configured to use information
> > > obtained from Active Directory for this zone and is unable to load the
> > > zone without it. Check that the Active Directory is functioning
> > > properly and repeat enumeration of the zone. The extended error debug
> > > information (which may be empty) is "". The event data contains the
> > > error.
> > >
> > > Warning EventID : 4521
> > >
> > > The DNS server encountered error 32 attempting to load zone
> > > 0.168.192.in-addr.arpa from Active Directory. The DNS server will
> > > attempt to load this zone again on the next timeout cycle. This can be
> > > caused by high Active Directory load and may be a transient condition.
> > >
> > > I hope that helps you as it doesnt mean much to me!!
> > >
> > > Thanks a lot
> > >
> > > "Meinolf Weber [MVP-DS]" wrote:
> > >
> > >> Hello Oliver,
> > >>
> > >> Do you use dynamic updates on the zone properties?
> > >>
> > >> Also run ipconfig /registerdns on the client, this should register
> > >> there entry in DNS zone, a message should appear similar to "takes
> > >> about 15 minutes".
> > >>
> > >> Best regards
> > >>
> > >> Meinolf Weber
> > >> Disclaimer: This posting is provided "AS IS" with no warranties, and
> > >> confers
> > >> no rights.
> > >> ** Please do NOT email, only reply to Newsgroups
> > >> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
> > >>> Hi Meinolf,
> > >>>
> > >>> I have removed the reverse lookup and added the new one as you
> > >>> suggested.
> > >>>
> > >>> The servers are listed in the forward lookup zones but the clients
> > >>> aren't.
> > >>>
> > >>> Yes Gpos are applied to OU's and the users are in the OU's.
> > >>>
> > >>> Gpresult returns : The user domain\user does not have RSOP data.
> > >>>
> > >>> Thanks
> > >>>
> > >>> "Meinolf Weber [MVP-DS]" wrote:
> > >>>
> > >>>> Hello Oliver,
> > >>>>
> > >>>> The iprange is not the reason that something does not work as long
> > >>>> as all machines are using the correct subnet. If you say GPO's and
> > >>>> logon script does not run.
> > >>>>
> > >>>> Remove the reverse lookupzone on the DNS server for 192.168.0.x
> > >>>> network and create a new one for the 192.168.1.x network.
> > >>>>
> > >>>> Are the GPO's linked to the OU where the user/computers are
> > >>>> located?
> > >>>>
> > >>>> Did you run gpresult /v on a client machine to see if the GPO is
> > >>>> listed?
> > >>>>
> > >>>> Are all servers and clients are listed in the Forward lookup zones
> > >>>> in your DNS server?
> > >>>>
> > >>>> Best regards
> > >>>>
> > >>>> Meinolf Weber
> > >>>> Disclaimer: This posting is provided "AS IS" with no warranties,
> > >>>> and
> > >>>> confers
> > >>>> no rights.
> > >>>> ** Please do NOT email, only reply to Newsgroups
> > >>>> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
> > >>>>> Thanks for your suggestions guys.
> > >>>>>
> > >>>>> I have changed the DNS settings as you have both described. GPO's
> > >>>>> and logon scripts still do not run. Of the clients I have tried
> > >>>>> this morning they all seem to be able to access the server without
> > >>>>> prompting for a username and password for access (even tho the
> > >>>>> user is logged onto the domain)...but this seems to happen at
> > >>>>> strange intervals so I am not confident that it is a closed issue
> > >>>>> yet.
> > >>>>>
> > >>>>> Would incorrect dns settings cause the type of issues I am having
> > >>>>> do you think? I don't doubt that I had it setup incorrectly...I
> > >>>>> just can't understand why clients would be denied access to
> > >>>>> network resources based on log on credentials.
> > >>>>>
> > >>>>> The only other solution I can think of is to go back to
> > >>>>> 192.168.0.x addressing like we had before to see if that makes a
> > >>>>> difference. I am limited to what I can do during the working week
> > >>>>> due to disruption though.
> > >>>>>
> > >>>>> I really appreciate your input thank you again.
> > >>>>> "Meinolf Weber [MVP-DS]" wrote:
> > >>>>>> Hello Oliver,
> > >>>>>>
> > >>>>>> The ipconfig output is from the client?
> > >>>>>>
> > >>>>>> Well, your DNS configuration coming from your DHCP server has
> > >>>>>> only to provide domain internal ip addresses 192.168.1.2 for DNS
> > >>>>>> The external addresses 194.72.9.38 and 62.6.40.162, i assume your
> > >>>>>> ISP's DNS server are wrong at that place.
> > >>>>>>
> > >>>>>> On the DNS server properties in the DNS management console under
> > >>>>>> the DNS server properties you have a FORWARDERS tab, here fill in
> > >>>>>> the ISP's DNS server.
> > >>>>>>
> > >>>>>> If the ipconfig from the DC looks similar, change that also.
> > >>>>>>
> > >>>>>> The client should look like:
> > >>>>>> ip 192.168.1.x
> > >>>>>> sm 255.255.255.0
> > >>>>>> dg 192.168.1.1
> > >>>>>> dns 192.168.1.2
> > >>>>>> and the server:
> > >>>>>> ip 192.168.1.2
> > >>>>>> sm 255.255.255.0
> > >>>>>> dg 192.168.1.1
> > >>>>>> dns 192.168.1.2
> > >>>>>> Also if you do not use IPv6 i would uncheck the setting under the
> > >>>>>> NIC
> > >>>>>> properties.
> > >>>>>> Best regards
> > >>>>>> Meinolf Weber
> > >>>>>> Disclaimer: This posting is provided "AS IS" with no warranties,
> > >>>>>> and
> > >>>>>> confers
> > >>>>>> no rights.
> > >>>>>> ** Please do NOT email, only reply to Newsgroups
> > >>>>>> ** HELP us help YOU!!!
> > >>>>>> http://www.blakjak.demon.co.uk/mul_crss.htm
> > >>>>>>> Hi,
> > >>>>>>>
> > >>>>>>> it is a AD run domain with a single DC. Previousley the old
> > >>>>>>> router provided the DHCP addressing. When we moved offices we
> > >>>>>>> had BT come and install our phone systems with a new router and
> > >>>>>>> hence the new addresses. This router has proved very troublesome
> > >>>>>>> so I have disabled the dhcp server on it and setup the same
> > >>>>>>> scope it was using on the DC.
> > >>>>>>>
> > >>>>>>> ipconfig results :
> > >>>>>>>
> > >>>>>>> Connection-specific DNS Suffix . :
> > >>>>>>> Description . . . . . . . . . . . : NVIDIA nForce Networking
> > >>>>>>> Controller #5
> > >>>>>>> Physical Address. . . . . . . . . : 00-1E-8C-2E-0F-2E
> > >>>>>>> DHCP Enabled. . . . . . . . . . . : Yes
> > >>>>>>> Autoconfiguration Enabled . . . . : Yes
> > >>>>>>> Link-local IPv6 Address . . . . . :
> > >>>>>>> fe80::459b:61f5:8668:2c01%24(Preferred)
> > >>>>>>> IPv4 Address. . . . . . . . . . . : 192.168.1.21(Preferred)
> > >>>>>>> Subnet Mask . . . . . . . . . . . : 255.255.255.0
> > >>>>>>> Lease Obtained. . . . . . . . . . : 22 February 2009 14:33:09
> > >>>>>>> Lease Expires . . . . . . . . . . : 22 March 2009 14:33:07
> > >>>>>>> Default Gateway . . . . . . . . . : 192.168.1.1
> > >>>>>>> DHCP Server . . . . . . . . . . . : 192.168.1.2
> > >>>>>>> DNS Servers . . . . . . . . . . . : 194.72.9.38
> > >>>>>>> 62.6.40.162
> > >>>>>>> Primary WINS Server . . . . . . . : 192.168.1.2
> > >>>>>>> NetBIOS over Tcpip. . . . . . . . : Enabled
> > >>>>>>> The DC = 192.168.1.2
> > >>>>>>> The router = 192.168.1.1
> > >>>>>>> As per Meinolf Weber [MVP-DS] suggestion, I have just looked
> > >>>>>>> on
> > >>>>>>> the
> > >>>>>>> DC under DNS and under 'Reverse Lookup Zones' there is an entry
> > >>>>>>> for
> > >>>>>>> 192.168.0.x Subnet' with a list of pointers to computers and the
> > >>>>>>> old
> > >>>>>>> addresses they used to hold. Could this be something to do with
> > >>>>>>> it?
> > >>>>>>> Thanks for your help guys.
> > >>>>>>> "Newell White" wrote:
> > >>>>>>>> "Oliver Maynard" wrote:
> > >>>>>>>>
> > >>>>>>>>> Hi, hopefully someone will be able to shed some light on this
> > >>>>>>>>> problem.
> > >>>>>>>>>
> > >>>>>>>>> We have just moved offices and broadband providers. With the
> > >>>>>>>>> move came a change of Ip addresses. we used to run on
> > >>>>>>>>> 192.168.0.1/254 and now we use 192.168.1.1/254.
> > >>>>>>>>>
> > >>>>>>>>> Since the move I am getting loads of problems with GPO's not
> > >>>>>>>>> applying to clients anymore and the biggest problem which is
> > >>>>>>>>> the server refusing access to network drives. I have to
> > >>>>>>>>> manually un-map the drives and add them again...most the times
> > >>>>>>>>> using a different username and password as I get the error
> > >>>>>>>>> 'Multiple connections to a server or shared resource by the
> > >>>>>>>>> same user, using more than one username, are not allowed' or a
> > >>>>>>>>> similar one which I cannot now replicate.
> > >>>>>>>>>
> > >>>>>>>>> Is this related to the IP address change? if so I musy have
> > >>>>>>>>> missed something somewhere when I was updating the server.
> > >>>>>>>>>
> > >>>>>>>>> Thanks for you help.
> > >>>>>>>>>
> > >>>>>>>> More information is needed before anyone can help you.
> > >>>>>>>>
> > >>>>>>>> Is your network a domain or a workgroup?
> > >>>>>>>> If a domain, is it AD-integrated zone? More than one DC?
> > >>>>>>>> Does 2003 server provide DHCP for your network? Did you destroy
> > >>>>>>>> old
> > >>>>>>>> scope and create a new one?
> > >>>>>>>> Please post ipconfig/all result for server and typical
> > >>>>>>>> workstation.
> > >>>>>>>> --
> > >>>>>>>> Regards,
> > >>>>>>>> Newell White
> >
> >
> >

Hello again Meinolf,

The DNS suffix in properties says 'WSW.local' (wsw is the name of my
domain). and there is a tick in 'change primary dns.....'

ICS is not installed on the server. I do have a VNC server running so I can
remote access in.

Thanks


"Meinolf Weber [MVP-DS]" wrote:

> Hello Oliver,
>
> Have you enabled internet connection sharing on the NIC properties, Advanced
> tab?
>
> Rightclick "My Computer", properties, Computer name or network identification,
> "Change" button, choose the "More" button?
>
> Best regards
>
> Meinolf Weber
> Disclaimer: This posting is provided "AS IS" with no warranties, and confers
> no rights.
> ** Please do NOT email, only reply to Newsgroups
> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>
>
> > Hello Meinolf,
> >
> > Only the windows firewall is running. I just tried to disable it but
> > when I try to open it (on the server) I get the error 'Windows firewll
> > cannot run because another program or service is running that might
> > use the network address translation compnant (Ipnat.sys)'.
> >
> > I am not sure where you find the 'network identification' section you
> > mentioned. If you mean is it listed in the properties of the network
> > adapter then yes it is.
> >
> > Thanks again for your help with this....sorry it seems to be such a
> > problem.
> >
> > Best regards,
> > Oliver
> > "Meinolf Weber [MVP-DS]" wrote:
> >
> >> Hello Oliver,
> >>
> >> Is there any firewall running on client or server? Is the Primary DNS
> >> suffix added in the system properties, network identification,
> >> properties, choose the "More" button?
> >>
> >> Best regards
> >>
> >> Meinolf Weber
> >> Disclaimer: This posting is provided "AS IS" with no warranties, and
> >> confers
> >> no rights.
> >> ** Please do NOT email, only reply to Newsgroups
> >> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
> >>> Hello Meinolf,
> >>>
> >>> Dynamic updates is enabled and set to 'secure only'.
> >>>
> >>> The ipconfig command didnt work and there are fair few errors in the
> >>> eventwr in both the server and the client.
> >>>
> >>> The client
> >>> ------------
> >>> Event ID : 11165
> >>> The system failed to register host (A) resource records (RRs) for
> >>> network
> >>> adapter
> >>> with settings:
> >>> Adapter Name : {AB759FE5-E3DF-4FB9-9156-5552068F7C4B}
> >>> Host Name : easy2
> >>> Primary Domain Suffix : WSW.local
> >>> DNS server list :
> >>> 192.168.1.1
> >>> Sent update to server : <?>
> >>> IP Address(es) :
> >>> 192.168.1.23
> >>> The reason the system could not register these RRs was because the
> >>> DNS server contacted refused the update request. The reasons for
> >>> this
> >>> might be (a) you are not allowed to update the specified DNS domain
> >>> name, or (b) because the DNS server authoritative for this name does
> >>> not support the DNS dynamic update protocol.
> >>> To register the DNS host (A) resource records using the specific DNS
> >>> domain name and IP addresses for this adapter, contact your DNS
> >>> server or network systems administrator.
> >>>
> >>> The server
> >>> -------------
> >>> Error EventID : 6702
> >>> DNS server has updated its own host (A) records. In order to ensure
> >>> that its DS-integrated peer DNS servers are able to replicate with
> >>> this server, an attempt was made to update them with the new records
> >>> through dynamic update. An error was encountered during this
> >>> update, the record data is the error code.
> >>>
> >>> Error Event ID : 4004
> >>>
> >>> The DNS server was unable to complete directory service enumeration
> >>> of zone WSW.local. This DNS server is configured to use information
> >>> obtained from Active Directory for this zone and is unable to load
> >>> the zone without it. Check that the Active Directory is functioning
> >>> properly and repeat enumeration of the zone. The extended error
> >>> debug information (which may be empty) is "". The event data
> >>> contains the error.
> >>>
> >>> Warning EventID : 4521
> >>>
> >>> The DNS server encountered error 32 attempting to load zone
> >>> 0.168.192.in-addr.arpa from Active Directory. The DNS server will
> >>> attempt to load this zone again on the next timeout cycle. This can
> >>> be caused by high Active Directory load and may be a transient
> >>> condition.
> >>>
> >>> I hope that helps you as it doesnt mean much to me!!
> >>>
> >>> Thanks a lot
> >>>
> >>> "Meinolf Weber [MVP-DS]" wrote:
> >>>
> >>>> Hello Oliver,
> >>>>
> >>>> Do you use dynamic updates on the zone properties?
> >>>>
> >>>> Also run ipconfig /registerdns on the client, this should register
> >>>> there entry in DNS zone, a message should appear similar to "takes
> >>>> about 15 minutes".
> >>>>
> >>>> Best regards
> >>>>
> >>>> Meinolf Weber
> >>>> Disclaimer: This posting is provided "AS IS" with no warranties,
> >>>> and
> >>>> confers
> >>>> no rights.
> >>>> ** Please do NOT email, only reply to Newsgroups
> >>>> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
> >>>>> Hi Meinolf,
> >>>>>
> >>>>> I have removed the reverse lookup and added the new one as you
> >>>>> suggested.
> >>>>>
> >>>>> The servers are listed in the forward lookup zones but the clients
> >>>>> aren't.
> >>>>>
> >>>>> Yes Gpos are applied to OU's and the users are in the OU's.
> >>>>>
> >>>>> Gpresult returns : The user domain\user does not have RSOP data.
> >>>>>
> >>>>> Thanks
> >>>>>
> >>>>> "Meinolf Weber [MVP-DS]" wrote:
> >>>>>
> >>>>>> Hello Oliver,
> >>>>>>
> >>>>>> The iprange is not the reason that something does not work as
> >>>>>> long as all machines are using the correct subnet. If you say
> >>>>>> GPO's and logon script does not run.
> >>>>>>
> >>>>>> Remove the reverse lookupzone on the DNS server for 192.168.0.x
> >>>>>> network and create a new one for the 192.168.1.x network.
> >>>>>>
> >>>>>> Are the GPO's linked to the OU where the user/computers are
> >>>>>> located?
> >>>>>>
> >>>>>> Did you run gpresult /v on a client machine to see if the GPO is
> >>>>>> listed?
> >>>>>>
> >>>>>> Are all servers and clients are listed in the Forward lookup
> >>>>>> zones in your DNS server?
> >>>>>>
> >>>>>> Best regards
> >>>>>>
> >>>>>> Meinolf Weber
> >>>>>> Disclaimer: This posting is provided "AS IS" with no warranties,
> >>>>>> and
> >>>>>> confers
> >>>>>> no rights.
> >>>>>> ** Please do NOT email, only reply to Newsgroups
> >>>>>> ** HELP us help YOU!!!
> >>>>>> http://www.blakjak.demon.co.uk/mul_crss.htm
> >>>>>>> Thanks for your suggestions guys.
> >>>>>>>
> >>>>>>> I have changed the DNS settings as you have both described.
> >>>>>>> GPO's and logon scripts still do not run. Of the clients I have
> >>>>>>> tried this morning they all seem to be able to access the server
> >>>>>>> without prompting for a username and password for access (even
> >>>>>>> tho the user is logged onto the domain)...but this seems to
> >>>>>>> happen at strange intervals so I am not confident that it is a
> >>>>>>> closed issue yet.
> >>>>>>>
> >>>>>>> Would incorrect dns settings cause the type of issues I am
> >>>>>>> having do you think? I don't doubt that I had it setup
> >>>>>>> incorrectly...I just can't understand why clients would be
> >>>>>>> denied access to network resources based on log on credentials.
> >>>>>>>
> >>>>>>> The only other solution I can think of is to go back to
> >>>>>>> 192.168.0.x addressing like we had before to see if that makes a
> >>>>>>> difference. I am limited to what I can do during the working
> >>>>>>> week due to disruption though.
> >>>>>>>
> >>>>>>> I really appreciate your input thank you again.
> >>>>>>> "Meinolf Weber [MVP-DS]" wrote:
> >>>>>>>> Hello Oliver,
> >>>>>>>>
> >>>>>>>> The ipconfig output is from the client?
> >>>>>>>>
> >>>>>>>> Well, your DNS configuration coming from your DHCP server has
> >>>>>>>> only to provide domain internal ip addresses 192.168.1.2 for
> >>>>>>>> DNS The external addresses 194.72.9.38 and 62.6.40.162, i
> >>>>>>>> assume your ISP's DNS server are wrong at that place.
> >>>>>>>>
> >>>>>>>> On the DNS server properties in the DNS management console
> >>>>>>>> under the DNS server properties you have a FORWARDERS tab, here
> >>>>>>>> fill in the ISP's DNS server.
> >>>>>>>>
> >>>>>>>> If the ipconfig from the DC looks similar, change that also.
> >>>>>>>>
> >>>>>>>> The client should look like:
> >>>>>>>> ip 192.168.1.x
> >>>>>>>> sm 255.255.255.0
> >>>>>>>> dg 192.168.1.1
> >>>>>>>> dns 192.168.1.2
> >>>>>>>> and the server:
> >>>>>>>> ip 192.168.1.2
> >>>>>>>> sm 255.255.255.0
> >>>>>>>> dg 192.168.1.1
> >>>>>>>> dns 192.168.1.2
> >>>>>>>> Also if you do not use IPv6 i would uncheck the setting under
> >>>>>>>> the
> >>>>>>>> NIC
> >>>>>>>> properties.
> >>>>>>>> Best regards
> >>>>>>>> Meinolf Weber
> >>>>>>>> Disclaimer: This posting is provided "AS IS" with no
> >>>>>>>> warranties,
> >>>>>>>> and
> >>>>>>>> confers
> >>>>>>>> no rights.
> >>>>>>>> ** Please do NOT email, only reply to Newsgroups
> >>>>>>>> ** HELP us help YOU!!!
> >>>>>>>> http://www.blakjak.demon.co.uk/mul_crss.htm
> >>>>>>>>> Hi,
> >>>>>>>>>
> >>>>>>>>> it is a AD run domain with a single DC. Previousley the old
> >>>>>>>>> router provided the DHCP addressing. When we moved offices we
> >>>>>>>>> had BT come and install our phone systems with a new router
> >>>>>>>>> and hence the new addresses. This router has proved very
> >>>>>>>>> troublesome so I have disabled the dhcp server on it and setup
> >>>>>>>>> the same scope it was using on the DC.
> >>>>>>>>>
> >>>>>>>>> ipconfig results :
> >>>>>>>>>
> >>>>>>>>> Connection-specific DNS Suffix . :
> >>>>>>>>> Description . . . . . . . . . . . : NVIDIA nForce Networking
> >>>>>>>>> Controller #5
> >>>>>>>>> Physical Address. . . . . . . . . : 00-1E-8C-2E-0F-2E
> >>>>>>>>> DHCP Enabled. . . . . . . . . . . : Yes
> >>>>>>>>> Autoconfiguration Enabled . . . . : Yes
> >>>>>>>>> Link-local IPv6 Address . . . . . :
> >>>>>>>>> fe80::459b:61f5:8668:2c01%24(Preferred)
> >>>>>>>>> IPv4 Address. . . . . . . . . . . : 192.168.1.21(Preferred)
> >>>>>>>>> Subnet Mask . . . . . . . . . . . : 255.255.255.0
> >>>>>>>>> Lease Obtained. . . . . . . . . . : 22 February 2009 14:33:09
> >>>>>>>>> Lease Expires . . . . . . . . . . : 22 March 2009 14:33:07
> >>>>>>>>> Default Gateway . . . . . . . . . : 192.168.1.1
> >>>>>>>>> DHCP Server . . . . . . . . . . . : 192.168.1.2
> >>>>>>>>> DNS Servers . . . . . . . . . . . : 194.72.9.38
> >>>>>>>>> 62.6.40.162
> >>>>>>>>> Primary WINS Server . . . . . . . : 192.168.1.2
> >>>>>>>>> NetBIOS over Tcpip. . . . . . . . : Enabled
> >>>>>>>>> The DC = 192.168.1.2
> >>>>>>>>> The router = 192.168.1.1
> >>>>>>>>> As per Meinolf Weber [MVP-DS] suggestion, I have just looked
> >>>>>>>>> on
> >>>>>>>>> the
> >>>>>>>>> DC under DNS and under 'Reverse Lookup Zones' there is an
> >>>>>>>>> entry
> >>>>>>>>> for
> >>>>>>>>> 192.168.0.x Subnet' with a list of pointers to computers and
> >>>>>>>>> the
> >>>>>>>>> old
> >>>>>>>>> addresses they used to hold. Could this be something to do
> >>>>>>>>> with
> >>>>>>>>> it?
> >>>>>>>>> Thanks for your help guys.
> >>>>>>>>> "Newell White" wrote:
> >>>>>>>>>> "Oliver Maynard" wrote:
> >>>>>>>>>>
> >>>>>>>>>>> Hi, hopefully someone will be able to shed some light on
> >>>>>>>>>>> this problem.
> >>>>>>>>>>>
> >>>>>>>>>>> We have just moved offices and broadband providers. With the
> >>>>>>>>>>> move came a change of Ip addresses. we used to run on
> >>>>>>>>>>> 192.168.0.1/254 and now we use 192.168.1.1/254.
> >>>>>>>>>>>
> >>>>>>>>>>> Since the move I am getting loads of problems with GPO's not
> >>>>>>>>>>> applying to clients anymore and the biggest problem which is
> >>>>>>>>>>> the server refusing access to network drives. I have to
> >>>>>>>>>>> manually un-map the drives and add them again...most the
> >>>>>>>>>>> times using a different username and password as I get the
> >>>>>>>>>>> error 'Multiple connections to a server or shared resource
> >>>>>>>>>>> by the same user, using more than one username, are not
> >>>>>>>>>>> allowed' or a similar one which I cannot now replicate.
> >>>>>>>>>>>
> >>>>>>>>>>> Is this related to the IP address change? if so I musy have

Did anyone get this problem resolved? We have an almost identical case involving multiple VPNs. 1 Head Office (HO) and 4 x Branch Office (BO)

We changed the HO WAN IP and it all started.....

Very strange, only some clients at the BO's not all.

We suspected bugs, even reloaded OS and reconnected one of the clients to the domain... no change. Can ping, can browse, can remote desktop to servers on the network but CANNOT connect to Exchange and cannot update group policy (Domain Controller not available).

Ideas?



OliverMaynar wrote:

Hello again Meinolf,The DNS suffix in properties says 'WSW.
06-Mar-09

Hello again Meinolf

The DNS suffix in properties says 'WSW.local' (wsw is the name of my
domain). and there is a tick in 'change primary dns.....

ICS is not installed on the server. I do have a VNC server running so I can
remote access in

Thank

"Meinolf Weber [MVP-DS]" wrote:

Previous Posts In This Thread:

On Monday, March 02, 2009 8:49 AM
OliverMaynar wrote:

Server 2003 Network problems since IP address change
Hi, hopefully someone will be able to shed some light on this problem

We have just moved offices and broadband providers. With the move came a
change of Ip addresses. we used to run on 192.168.0.1/254 and now we use
192.168.1.1/254

Since the move I am getting loads of problems with GPO's not applying to
clients anymore and the biggest problem which is the server refusing access
to network drives. I have to manually un-map the drives and add them
again...most the times using a different username and password as I get the
error 'Multiple connections to a server or shared resource by the same user,
using more than one username, are not allowed' or a similar one which I
cannot now replicate

Is this related to the IP address change? if so I musy have missed something
somewhere when I was updating the server

Thanks for you help.

On Monday, March 02, 2009 9:01 AM
NewellWhit wrote:

RE: Server 2003 Network problems since IP address change
"Oliver Maynard" wrote

More information is needed before anyone can help you

Is your network a domain or a workgroup
If a domain, is it AD-integrated zone? More than one DC

Does 2003 server provide DHCP for your network? Did you destroy old scope
and create a new one

Please post ipconfig/all result for server and typical workstation

-
Regards,
Newell White

On Monday, March 02, 2009 10:01 AM
OliverMaynar wrote:

Hi,it is a AD run domain with a single DC.
Hi

it is a AD run domain with a single DC. Previousley the old router provided
the DHCP addressing. When we moved offices we had BT come and install our
phone systems with a new router and hence the new addresses. This router has
proved very troublesome so I have disabled the dhcp server on it and setup
the same scope it was using on the DC

ipconfig results

Connection-specific DNS Suffix .
Description . . . . . . . . . . . : NVIDIA nForce Networking Controller #
Physical Address. . . . . . . . . : 00-1E-8C-2E-0F-2
DHCP Enabled. . . . . . . . . . . : Ye
Autoconfiguration Enabled . . . . : Ye
Link-local IPv6 Address . . . . . : fe80::459b:61f5:8668:2c01%24(Preferred
IPv4 Address. . . . . . . . . . . : 192.168.1.21(Preferred
Subnet Mask . . . . . . . . . . . : 255.255.255.
Lease Obtained. . . . . . . . . . : 22 February 2009 14:33:0
Lease Expires . . . . . . . . . . : 22 March 2009 14:33:0
Default Gateway . . . . . . . . . : 192.168.1.
DHCP Server . . . . . . . . . . . : 192.168.1.
DNS Servers . . . . . . . . . . . : 194.72.9.3
62.6.40.16
Primary WINS Server . . . . . . . : 192.168.1.
NetBIOS over Tcpip. . . . . . . . : Enable

The DC = 192.168.1.
The router = 192.168.1.

As per Meinolf Weber [MVP-DS] suggestion, I have just looked on the DC
under DNS and under 'Reverse Lookup Zones' there is an entry for 192.168.0.x
Subnet' with a list of pointers to computers and the old addresses they used
to hold. Could this be something to do with it

Thanks for your help guys.


"Newell White" wrote:

On Monday, March 02, 2009 10:31 AM
Danny Sanders wrote:

Since you said your DC is 192.168.2, I'm assuming this is a workstation?
Since you said your DC is 192.168.2, I'm assuming this is a workstation?


You should have DNS setup on the DC. The DC should point to itself for DNS
in the properties of TCP/IP. Use the actual IP address not 127.0.0.1. Then
restart the netlogon service. All AC clients should ONLY point to the DNS
server for the AD domain. (your DC)

hth
DDS

"Oliver Maynard" <(E-Mail Removed)> wrote in message
news6321371-9B86-4EA9-9C89-(E-Mail Removed)...

On Tuesday, March 03, 2009 5:45 AM
OliverMaynar wrote:

Thanks for your suggestions guys.
Thanks for your suggestions guys.

I have changed the DNS settings as you have both described. GPO's and logon
scripts still do not run. Of the clients I have tried this morning they all
seem to be able to access the server without prompting for a username and
password for access (even tho the user is logged onto the domain)...but this
seems to happen at strange intervals so I am not confident that it is a
closed issue yet.

Would incorrect dns settings cause the type of issues I am having do you
think? I don't doubt that I had it setup incorrectly...I just can't
understand why clients would be denied access to network resources based on
log on credentials.

The only other solution I can think of is to go back to 192.168.0.x
addressing like we had before to see if that makes a difference. I am limited
to what I can do during the working week due to disruption though.

I really appreciate your input thank you again.
"Meinolf Weber [MVP-DS]" wrote:

On Tuesday, March 03, 2009 10:36 AM
OliverMaynar wrote:

Hi Meinolf,I have removed the reverse lookup and added the new one as you
Hi Meinolf,

I have removed the reverse lookup and added the new one as you suggested.

The servers are listed in the forward lookup zones but the clients aren't.

Yes Gpos are applied to OU's and the users are in the OU's.

Gpresult returns : The user domain\user does not have RSOP data.

Thanks


"Meinolf Weber [MVP-DS]" wrote:

On Wednesday, March 04, 2009 5:24 AM
OliverMaynar wrote:

Hello Meinolf,Dynamic updates is enabled and set to 'secure only'.
Hello Meinolf,

Dynamic updates is enabled and set to 'secure only'.

The ipconfig command didnt work and there are fair few errors in the eventwr
in both the server and the client.

The client
------------

Event ID : 11165

The system failed to register host (A) resource records (RRs) for network
adapter
with settings:

Adapter Name : {AB759FE5-E3DF-4FB9-9156-5552068F7C4B}
Host Name : easy2
Primary Domain Suffix : WSW.local
DNS server list :
192.168.1.1
Sent update to server : <?>
IP Address(es) :
192.168.1.23

The reason the system could not register these RRs was because the DNS
server contacted refused the update request. The reasons for this might be
(a) you are not allowed to update the specified DNS domain name, or (b)
because the DNS server authoritative for this name does not support the DNS
dynamic update protocol.

To register the DNS host (A) resource records using the specific DNS domain
name and IP addresses for this adapter, contact your DNS server or network
systems administrator.

The server
-------------

Error EventID : 6702

DNS server has updated its own host (A) records. In order to ensure that
its DS-integrated peer DNS servers are able to replicate with this server, an
attempt was made to update them with the new records through dynamic update.
An error was encountered during this update, the record data is the error
code.


Error Event ID : 4004

The DNS server was unable to complete directory service enumeration of zone
WSW.local. This DNS server is configured to use information obtained from
Active Directory for this zone and is unable to load the zone without it.
Check that the Active Directory is functioning properly and repeat
enumeration of the zone. The extended error debug information (which may be
empty) is "". The event data contains the error.


Warning EventID : 4521

The DNS server encountered error 32 attempting to load zone
0.168.192.in-addr.arpa from Active Directory. The DNS server will attempt to
load this zone again on the next timeout cycle. This can be caused by high
Active Directory load and may be a transient condition.


I hope that helps you as it doesnt mean much to me!!

Thanks a lot

"Meinolf Weber [MVP-DS]" wrote:

On Thursday, March 05, 2009 4:19 AM
OliverMaynar wrote:

Hello Meinolf,Only the windows firewall is running.
Hello Meinolf,

Only the windows firewall is running. I just tried to disable it but when I
try to open it (on the server) I get the error 'Windows firewll cannot run
because another program or service is running that might use the network
address translation compnant (Ipnat.sys)'.

I am not sure where you find the 'network identification' section you
mentioned. If you mean is it listed in the properties of the network adapter
then yes it is.

Thanks again for your help with this....sorry it seems to be such a problem.

Best regards,
Oliver

"Meinolf Weber [MVP-DS]" wrote:

On Thursday, March 05, 2009 4:27 AM
OliverMaynar wrote:

Hi Meinolf,In addition to that last post in regards to the ipnat.sys....
Hi Meinolf,

In addition to that last post in regards to the ipnat.sys....I was working
over a vpn when I was trying to configure it and I have just read that this
can cause a problem. Strangely today I couldnt connect to any of my remote
desktops over the vpn either.

Regards,
Oliver

"Oliver Maynard" wrote:

On Thursday, March 05, 2009 4:49 AM
Meinolf Weber [MVP-DS] wrote:

Hello Oliver,Check that the DNS server has all new addresses on the zone
Hello Oliver,

Check that the DNS server has all new addresses on the zone records listed.
Did all your clients use the correct ip addresses now? Did you reboot the
servers after changing or just change the ip?

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

On Friday, March 06, 2009 5:46 AM
OliverMaynar wrote:

Hello again Meinolf,The DNS suffix in properties says 'WSW.
Hello again Meinolf,

The DNS suffix in properties says 'WSW.local' (wsw is the name of my
domain). and there is a tick in 'change primary dns.....'

ICS is not installed on the server. I do have a VNC server running so I can
remote access in.

Thanks


"Meinolf Weber [MVP-DS]" wrote:


Submitted via EggHeadCafe - Software Developer Portal of Choice
AJAX Web Service Driven Customers Table With Customer Details
http://www.eggheadcafe.com/tutorials...r-details.aspx