DHCP in Domain A serving Computers in Domain B

Hi. I have migrated computers from domain A to domain B. Servers remain in domain A. A trust is in place.
In domain A I have a domain controller running DNS & DHCP. DNS is secure only/AD Integrated. DHCP is configured to update DNS using a domain account. DHCP in domain A serves computers migrated to domain B.
I have a domain controller in Domain B running DNS.
All servers are on the same subnet (domain A and domain B) and in the same building.
Forwarders are configured in DNS.
I am no longer able to RDP to computers migrated to domain B by name. I can by IP.
What is the best configuration for my situation to avoid DNS issues?
Should I install DHCP on a member server in Domain B and unauthorize the DHCP server in Domain A?
Kinds Regards,
Phil.

Hi Phil,
I don't think this will confuse the DNS. Because they are different resource records. For example, we have a client named PC1. Then there will be two resource records in the DNS, one is PC1.domainA.local and the other is PC1.domainB.local. Which resource
record will be used depends on the DNS query. Which DNS suffix will be appended to the DNS query depends on the DNS suffix search list.
Hope this helps.
Steven Lee
TechNet Community Support

Similar Messages

  • Do I have to disable DHCP in router and configure DHCP role in essential server to make connection with internet

    hi,
    'do I have to enable DHCP role on essential server just like sbs server to configure internet and domain name , or that is not really necessary , the router dhcp is enough toconfigure essential server!
    thanks
    johan
    h.david

    The router DHCP is enough to use Essentials server. Essentials is designed to work with router dhcp out of the box, but you can choose to install DHCP role on server if you like. If you decide to do that, check the blog post from
    here: http://blogs.technet.com/b/sbs/archive/2013/04/22/running-dhcp-server-on-windows-server-2012-essentials.aspx
    Also check the Essentials documentation for more details from here:
    http://technet.microsoft.com/en-us/library/cc514417.aspx

  • Configuring DNS when clients get DHCP from a Windows server

    Hi
    I'm getting to grips with OD and have managed to configure a test environment at home with static IPs and all the DNS entries being entered manually for each computer.
    However, how do I configure the DNS in an environment where clients get their IPs from a Windows DHCP server (which I have no access to)?
    Setting clients to have static IPs is not an option nor enabling DHCP on the Mac server, I suspect.
    Your help is really appreciated.
    Steve

    Hi
    Your suspicion is correct.
    To be honest I would what is available on the Windows Server as the basis for your Open Directory deployment. If the Windows Server is already the DHCP Server odds are it is also the DNS Server. DNS can be provided to your clients using the Windows based DHCP service.
    If you have no direct access to the windows server you should be able at the least ask the windows administrator to add a Host Record with a Reverse Pointer for the OSX Server. Make sure its resolving correctly first using the relevant tools first then add the IP address of the Windows Server in the network preferences pane on your OSX Server. Thereafter you should be able to promote from Standalone to Open Directory Master without too many problems.
    If the Windows Server is using .local as its FQDN then it could scupper any chances you have of providing OSX LDAP services to your mac clients. It can work with .local, its just better if its not used.
    Hope this helps – Tony

  • ASA Migration of DHCP Scope to a Server

    Hello All,
    We migrated the DHCP scope from the ASA to a MS DHCP server with this configuration:
    group-policy BV-SSL1 internal
    group-policy BV-SSL1 attributes
    no address-pools value remotepool4 remotepool2 remotepool3
    no intercept-dhcp enable
    dhcp-network-scope 10.180.49.0
    exit
    tunnel-group BVVPN10 general-attributes
    no address-pool remotepool2
    no address-pool remotepool3
    no address-pool remotepool4
    dhcp-server 10.182.14.55
    exit
    tunnel-group BV-SSL general-attributes
    no address-pool remotepool2
    no address-pool remotepool3
    no address-pool remotepool4
    dhcp-server 10.182.14.55
    exit
    no vpn-addr-assign aaa
    no vpn-addr-assign local
    vpn-addr-assign dhcp
    This is running good, until we used all 254 addresses that was specified in the dhcp-network-scope.
    My question is should i have specified dhcp-network-scope none to allow for all 3 scopes can be used to hand out IP addresses for the remote users?
    Thanks,
    Kimberly

    Okay, that's at least a good start. Can you monitor the ULS logs while you attempt to browse to the site to see what form of error(s) you're getting?
    Trevor Seward
    Follow or contact me at...
    &nbsp&nbsp
    This post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

  • Communication between the DNS/DHCP Manager and OES Server

    No communication between the DNS/DHCP Manager Console and OES server (status,start,stop)
    The screenshot shows the tab "DHCP (OES Linux)" in the DNS / DHCP Manager console
    in the bottom of the image it shows the state of the DHCP servers.
    allDHCP.JPG
    The dhcp service is started on all these servers
    You can see that the status is known only for four servers.
    The button "start/stop DHCP service" works fine on this servers and
    the dhcp service can be canceled and also restarted
    But the status of the "dhcp service" is not recognized for all the other DHCP servers
    and so we can not start or stop dhcp service on these servers.
    All servers were installed at different times (last three years) with OES11 and
    are upgraded to OES11SP2 with all patches.
    The server keto (DHCP_keto) is a new installation OES11SP2 few days ago.
    All OES servers were set up identically from me. LDAP, LUM, DMS, DHCP works fine.
    Which service on the OES server is responsible for
    communication (status indicator) between the DNS/DHCP Manager and the OES serve?
    How the status query is performed by the DNS/DHCP Manager?
    How can I test the communication to the server on the client (console)?
    Which configurationfiles I should be compare on the server?
    Thanks in advance
    Gernot

    gernot,
    It appears that in the past few days you have not received a response to your
    posting. That concerns us, and has triggered this automated reply.
    Has your problem been resolved? If not, you might try one of the following options:
    - Visit http://www.novell.com/support and search the knowledgebase and/or check all
    the other self support options and support programs available.
    - You could also try posting your message again. Make sure it is posted in the
    correct newsgroup. (http://forums.novell.com)
    Be sure to read the forum FAQ about what to expect in the way of responses:
    http://forums.novell.com/faq.php
    If this is a reply to a duplicate posting, please ignore and accept our apologies
    and rest assured we will issue a stern reprimand to our posting bot.
    Good luck!
    Your Novell Forums Team
    http://forums.novell.com

  • Time Capsule as DHCP Router and DNS server for larger network - too taxing?

    Ok, let me say first that I'm no networking expert, but I have tried to learn a decent amount over the years. I haven't got quite gotten o the level of combing router event logs, though I intend to do that as my next step. My question here though is if my overall network strategy is flawed.
    My setup at home is one that may be a bit more extensive than most users have:
    Cable modem -> Time Capsule -> Multiple gigabit switches (business grade) -> Wired Cat5e throughout the house and 2 Airport Extremes. I don't know how many total wired and wireless clients I have, but it may be between 30 and 40 (only a few are computers with the rest being game systems, networked DVRs, audio streamers, NAS, etc)
    At the moment, the Time Capsule only backs up one machine - a MBP (I have external HDDs connected directly to the desktops). I don't use the TC's HDD for anything else. Also, I have the network configured so that the TC handles DHCP addressing and NAT. The Airport Extremes are in bridge mode.
    For the most part, everything works very well. Internet speeds are good, audio streaming works well, no problems with TC backups, etc. The only issue I've run into are dropouts when streaming video content on the network from one device to another (not form the internet). Basically, the stream will pause and then an error will pop up on screen saying that there was a network problem. Now, I know that the specific devices themselves may have issues of their own, but since it's happened on more than one system, I'm wondering if there is a common network culprit- expecting the Time Capsule to handle its duties especially while it is doing a backup.
    Here are a few thoughts I have:
    1 - From a technical standpoint, I don't know if all client to client network traffic goes through the TC. I was thinking that communication could happen between devices on the same switch without having to go up to the TC and then back down, but maybe I'm wrong. If I am wrong, that certainly is a bottleneck right there. I'm not segregating the video streamers to their own subnet on a new router to isolate the traffic. I'm also not sure if the bottleneck is impacted by static vs dynamic IP addressing. IOW, I don't know if setting the devices up with static IPs would change the flow of traffic to not have to go through the TC (just flow across the switch) or not.
    2 - Long ago in a different network setup, I had allowed the wireless access points to assign IPs. However, I found that doing so sometimes created problems accessing some of those devices from a computer or device on a different subnet. As such, I switched over to having the router connected to the modem do all the IP addressing. Maybe this is a bad idea given the temporary nature that some devices will hop on and off the network.
    3 - Additionally, in the interests of getting better wireless coverage over the whole house, I switched to using 2 airport extremes configured to use the same SSID (so that devices moving around the house wouldn't need to specifically change networks in order to get better signal). I guess I could let one of those 2 handle IP addressing while the other is in bridge mode (pointing to the primary Extreme vs the TC).
    4 - Kind of getting back to the TC as the bottleneck, maybe it shouldn't handle network wide DHCP and NAT duties. If TC backups take network priority, such that other kinds of traffic could hiccup, then I probably need to rethink where the TC should exist in the network. Or, maybe it would be enough to just have the stream sensitive components be on their own subnet.
    I know there are potentially multiple flaws in my current strategy, so any suggestions or attempts at correcting my assumptions would be helpful.
    Thanks!
    Jeff
    Message was edited by: Rgbyhkr
    Message was edited by: Rgbyhkr

    Welcome to the discussions!
    1 - Everything goes through the router when it is setup to handle DHCP and NAT
    2 - You want your main router, the TC, to handle all DHCP and NAT functions. It will handle up to 250+ connections, so 30-40 devices won't be much of a challenge
    3 - Keep both AirPort Extremes in bridge mode to allow the TC to handle the things in #2 above. If you setup an Airport Extreme to give out IP addresses, you'll create a Double NAT issue on your network...which can slow down communications between devices...the thing you are trying to avoid. If you use Xbox live or other interactive services, the online features will not function with a Double NAT on your network.
    4 - You want the TC to handle all DHCP and NAT functions as in #2. I assume that you have no single run of CAT5e more than 300 feet.
    5 - If you want to create separate sub nets correctly (the AirPorts won't allow you to do this as they are designed for basic home networking), you'll need to look at routers for professional and commercial use, like Cisco.
    With as many devices as you have, you may be running out of bandwidth at times. If you only notice the issue during Time Machine backups, and you don't need to backup each hour, take a look at Time Machine Editor to setup backups whenever you like, maybe once a day at 2 AM when things on the network are quiet.
    My suggestions are of course opinions. Hopefully you'll receive some other possibly differing views.

  • Using a NAS as media server that can serve computeres and Apple TV directly

    What is the best configuration (performance/price/robustness) to have one single scalable, “backupable” location to store videos and music that can act as a media server accessible by several mac and pc computers as well as several Apple TV within the same house (knowing that the Apple TV would access the location directly not going through a computer).

    Not quite true. Apple TV can access NAS orginated stream if you share library. I have done this with GForce NAS. The problem is somwhere else. Sharing is limited to streaming music only at 128kbs. You can see all music on your NAS. NAS runs DAAP-MT server (linux based music streaming) for this which you likely need to enable manually (GForce NAS has this)
    Another nasty limitation is that you cannot share stream movies from NAS.
    That is the reason I have just bought Eee Box (PC with Win XP Home) and I hooked up number of USB drives with movies that I stream to Apple TV. This PC is very small and it takes very little power so, it can be placed in some corner (e.g. in kitchen when some appliances make noise anyway or in basement) and run 24x7. It will behave as NAS, but it will provide proper streaming of video (just install iTunes for PC on it). You do not need keyboard, mouse or monitor for this PC. I use Tight VNC to manage it remotely from one of my Mac computers... meaning Tight VNC service is run on Eee Box while Mac has built in VNC viewer that you can invoke from "Go to computer" window using following url:
    vnc://ipaddress_of_eeebox
    (BTW Tight VNC does not need viewer on any mmachine as it has built-in web interface for screen management - you just need to use browser on port 5800)
    To stream to Apple TV you need to enter those keys that are displayed by Apple TV. You do this via VNC.

  • Bootpd, DHCP and OS X Server 2.2

    I have a Mac Mini running OS X Server in Mountain Lion that I use for imaging via DeployStudio. A couple of days ago, I tried to boot a MacbookPro using Netboot by going to Start-up Disks, and selecting the Netboot image. When the machine restarted, it just sat at the grey screen for about a minute, then it started flashing the globe icon, as it was trying to find the Mini. After about a minute of that, it would give up and then boot back to the OS. I tried this with a NetInstall image, another NetBoot image, another machine, and so on. All of them had the same behavior.
    After going through some logs and looking at the documentation, it turned out that the machines really couldn't find the Mini to boot from. Basically, if the DHCP service wasn't turned on, and configured for the same subnet that the Mini was on, then nothing could find the Mini to boot from it. This was bad, really bad, as l work for a large achadimc instatution where they run their own DHCP services for all of the subnets.
    The issue turnes out to be that as of 2.2 of OS X Xerver, that the bootpd service doesn't launch by itself anymore. The DHCP service must be running for bootpd to launch. Netboot needs bootpd for the clients to find the host. The solution that I came up with was to modify the /etc/bootpd.plist file.
    There are, as of when I am writting this, two versions of Netboot. Netboot 1, or old Netboot, allows the bootpd service to run without DHCP, and Netboot 2 that requires DHCP to be on for bootdp to launch. I went into the /etc/bootpd.plist file and added the following lines to the bottom, just before the closing </dict> tag:
    <key>old_netboot_enabled</key>
    <array>
    <string>en0</string>
    </array>
    This turns on the old netboot so bootpd could run on its own. You'll have to restart the machine running OS X Server for the change to take affect.
    There a couple of downsides to this method. One is if you turn on Internet Sharing in the Sharing system pane, or if you happen to turn on or change the DHCP settings in any way, your changes will be wipped out.
    I hope this helps somebody out that that had the same issues that I had.
    Micah

    Hi Micah,
    I have try your solution but it doesn't work.
    First Excuse me for my english writing 'cause I'm french...
    So the problem is complex, here is my Situation :
    Netboot Server : A brand new mac mini server with 10.8.2 server (late 2012, macmini 6,2), 2 terabyte hard drives of each and DeployStudioServer 1.5.16
    The services Netinstall, OpenDirectory (master mode) and AFP file sharing are all ok !
    I have an external DHCP (linux) server. The DHCP server is on a vlan and the netboot server and netboot clients are on another clan, so I have
    add ip address of my netboot server as a ip-helper address in the cisco router configuration of the dhcp server vlan.
    And HERE IS MY PROBLEM :
    I have used three kinds of netboot's client :
    1. a macbook pro 17" (macbookpro 5,2, 17" early 2009) with mac os 10.6.8
    2. a macbook pro 13" (macbookPro 9,2 13" mid 2012) with mac os 10.8.2
    3. a Mac mini late 2012 ( macmini 6,1) with mac os 10.8.2
    I have generate 2 DeployStudio Netboot sets, one for the macbook pro 13 " (10.8.2) and one for the mac mini late 2012 (10.8.2)
    SO, It works without problem when I netboot with macbook pro 17" which use for example the netboot set of macboo pro 13" but the other machines don't net boot ! Why ???
    In the netinstall logs and when I netboot with macbook pro 17 under 10.6.8, I saw the lines :
    b 18 08:43:23 [my-netboot-server] bootpd[2825]: BSDP DISCOVER [en0] 1,0:26:4a:c:d1:8 NetBoot002 arch=i386 sysid=MacBookPro5,2
    Feb 18 08:43:23 [my-netboot-server] bootpd[2825]: replyfile /private/tftpboot/NetBoot/NetBootSP0/mbpro-13-1082.nbi/i386/booter
    Feb 18 08:43:23 [my-netboot-server] bootpd[2825]: replying to 0.0.0.0
    Feb 18 08:43:23  [my-netboot-server]bootpd[2825]: BSDP OFFER sent [1,0:26:4a:c:d1:8] pktsize 360
    but when I netboot with macbook pro 13" under 10.8.2, I see only the lines (for example ) :
    Feb 18 09:01:07  [my-netboot-server]  bootpd[2968]: service time 0.000015 seconds
    Feb 18 09:01:40  [my-netboot-server]  bootpd[2968]: service time 0.000015 seconds
    Feb 18 09:01:40  [my-netboot-server]  bootpd[2968]: service time 0.000004 seconds
    Feb 18 09:01:52  [my-netboot-server]  bootpd[2968]: service time 0.000015 seconds
    Feb 18 09:01:52  [my-netboot-server]  bootpd[2968]: service time 0.000010 seconds
    Feb 18 09:02:08  [my-netboot-server]  bootpd[2968]: service time 0.000015 seconds
    PLEASE HELP ME, I DON'T UNDERSTAND WHY IT WORKS WITH A "10.6.8" OLD CLIENT AND NOT WITH MY NEW MACS UNDER MOUNTAIN LION ?
    HAVE YOU ANY IDEA ?
    THANKS IN ADVANCE TO ALL FOR YOUR HELP
    BEST REGARDS

  • Regarding DHCP on OS provisioning server

    When creating the OS Provisioning server, is DHCP server or service installed automatically? Or should I install manually?
    If it is installed automatically during creating OS provisioning server, how can I start up DHCP daemon?
    How do I check it works properly?
    Should I turn on power and push �F12� to turn on networking boot? (sunfire-v20z)
    Please tell me regarding DHCP.
    Thanks.

    Hello moonRiver,
    the DHCP Server on the OSP machine is set up automatically, you don't have to care about it. It will be activated for a specified amount of time during the provisioning process (I think 5 minutes is the default), so you can check it in the /etc/dhcpd.conf file on the OSP server if your target host appears here.
    A good description on troubleshooting and when exactly DHCP is activated and de-activated can be found in the OSP Plugin manual, Chapter 10 ("Troubleshooting").
    HTH,
    Michael

  • How do you delegate service administration for services like DNS and DHCP but not full server administration?

    With serveradmin tools on Lion Server service administration is easy to assign to junior administrators.  How is this done in OSX Server 2.2 with Mountain Lion?

    I will.  Unfortunately, I need to focus first on getting a collabd/wiki/calendar issue resolved.  But, I'll definitely be coming back because I need to set up an admiistrator with restricted rights too.  I skipped past Lion and came straight from SLS.  I still have that server and may be able to go back and poke around.  But, if you used to be able to do with with serveradmin, I'd still think you could, at least from the CLI.
    Tim

  • Creating domain and Excahnge mailbox , Fax Server etc.. to small busiiness

    Hi ,
    I would like to create to my costumer who has 2 computer (Win 8.1 on both: one laptop and one is a desktop computer) by his demand a domain which will contain of course his company's name (I did check the domain availability on one of the Domain web
    checkers) and of course a mailbox and fax server or fax2mail option which will allow all faxes being sent - to get to his inbox and not to a fax machine.
    However I wonder what roles should I add (I guess the the following roles are necessary:
    *DHCP
    *DNS
    *Fax Server
    *also there is a need to install the Exchange (maybe on some other computer)
     I haven't mentioned that I created a server 2012 on a desktop computer i5 processor,   with 10GB RAM, 500GB HD capacity .. Not a "super server" but this server/computer can meanwhile "provides the merchandising"
    Please assist here :)
    Thanks in Advanved :)

    Hi,
    Based on your description, I understand that you want to set up the Windows Server 2012 as DC and deploy Active
    Directory environment. Then, add some roles (DHCP, DNS and Fax Server) and Exchange Server on the Server 2012 DC. If anything I misunderstand, please don’t hesitate to let me know.
    Please refer to following threads and articles, then check if can help you.
    DNS
    Server and DC
    Checklist: Add a Domain Controller with
    the DNS Server Service
    DHCP
    Best Practices and DC
    DHCP
    Server in DCs and DNS Registrations
    Fax Server Step-by-Step Guide
    For installing exchange server on DC, it is not recommended.
    Installing
    Exchange on a domain controller is not recommended
    In addition, please also refer to following thread and check if provide you more detailed suggestions of roles
    installation.
    Multi-Role
    Domain controller
    Hope this helps.
    Best regards,
    Justin Gu

  • SF15K Domain per JET/DHCP fails

    When I boot net:dhcp my Domain it gets an IP from the local DHCP server, then retrieves the inetboot file from the BOOT/JET Server but then fails with the message: could not mount filesystem.
    Howevr, when I trace I don't see any mount requests. Anybody have an idea what happens after the last block of the inetboot file is retrieved. That's the last packet I see in my trace.
    Install Client:
    Rebooting with command: boot /pci@21c,700000/pci@1/network@0:dhcp - install - w
    Boot device: /pci@21c,700000/pci@1/network@0:dhcp File and args: - install - w
    100 Mbps HDX Link up
    Timeout waiting for BOOTP/DHCP reply. Retrying ...
    Timeout waiting for BOOTP/DHCP reply. Retrying ...
    Failed to receive config params
    Restarting DHCP process ...
    29200 100 Mbps HDX Link up
    Requesting Ethernet address for: 10.16.116.1
    panic - boot: Could not mount filesystem.
    Program terminated
    {100} ok
    Notes:
    The Install-Client is Domain F (su00050) and should boot:net per ce0 (IB16,Slot 1)) in network 10.16.116.0
    The DHCP Server is in 10.16.116.0.
    The JET Server is in 192.168.190.0.
    The trace from the DHCP Server.
    root@su00166 # snoop -ta -i su00050.sno3 |head
    1 11:31:23.48737 su00166 -> su00050 DHCP/BOOTP DHCPOFFER
    2 11:33:36.81998 su00166 -> su00050 ICMP Echo request (ID: 9 Sequence number: 0)
    3 11:33:37.82803 su00166 -> su00050 DHCP/BOOTP DHCPOFFER
    4 11:33:45.08202 su00166 -> su00050 DHCP/BOOTP DHCPACK
    5 11:33:46.11813 su00050 -> su00156 TFTP Read "inetboot" (octet)
    6 11:33:46.21198 su00050 -> su00156 TFTP Ack block 1
    7 11:33:46.27475 su00050 -> su00156 TFTP Ack block 2
    The trace from the JET Server
    beam@su00156:/tftpboot> snoop -ta -i su00050.sno3 |head
    1 11:33:46.12344 su00050 -> su00156 TFTP Read "inetboot" (octet)
    2 11:33:46.13288 su00156 -> su00050 TFTP Data block 1 (512 bytes)
    3 11:33:46.21218 su00050 -> su00156 TFTP Ack block 1
    4 11:33:46.21240 su00156 -> su00050 TFTP Data block 2 (512 bytes)
    5 11:33:46.27495 su00050 -> su00156 TFTP Ack block 2
    6 11:33:46.27510 su00156 -> su00050 TFTP Data block 3 (512 bytes)
    7 11:33:46.33169 su00050 -> su00156 TFTP Ack block 3
    The Inetboot File on the JET Server
    beam@su00156:/tftpboot> ls -l /tftpboot/inetboot
    lrwxrwxrwx 1 root other 26 Dec 1 20:34 /tftpboot/inetboot -> inetboot.SUN4U.Solaris_9-1
    beam@su00156:/tftpboot> what inetboot.SUN4U.Solaris_9-1
    inetboot.SUN4U.Solaris_9-1:
    SunOS 5.9 Generic 112233-10 Nov 2003
    beam@su00156:/tftpboot> what inetboot.SUN4U.Solaris_9-2
    inetboot.SUN4U.Solaris_9-2:
    SunOS 5.9 Generic 112233-12 Mar 2004
    The DHCP Setup
    root@su00166 # dhtadm -P |egrep "^=|Name|su00050|su00166"
    Name Type Value
    ==================================================
    su00050 Macro :Include=InstallSrv:SsysidCF="192.168.190.153:/opt/jet/Clients/su00050":
    InstallSrv Macro :Include=su00166:BootFile="inetboot":BootSrvA=192.168.190.153:SrootIP4=192.168.190.153:SrootNM="su00156":SrootPTH="/install/media/Solaris_9/Solaris_9/Tools/Boot":SinstIP4=192.168.190.153:SinstNM="su00156":SinstPTH="/install/media/Solaris_9":SjumpsCF="192.168.190.153:/opt/jet":
    su00166 Macro :Include=Locale:Timeserv=10.16.116.6:LeaseTim=43200:LeaseNeg:DNSdmain="server.eon-energie.net":DNSserv=10.16.96.10 10.230.162.2 10.230.162.2:Router=10.16.116.1:
    root@su00166 # pntadm -P 10.16.116.0
    Client ID Flags Client IP Server IP Lease Expiration Macro Comment
    01080020E30F2E 00 10.16.116.48 10.16.116.6 12/02/2004 su00050
    010003BA52CCF2 00 10.16.116.14 10.16.116.6 10/08/2004 su00154

    Solution:
    I added the missing Vendor Class for the SF15K platform to the DHCP Symbols in my dhcptab.
    Then it worked like a charm.
    root@su00166 # dhtadm -P
    Name                    Type            Value
    ==================================================
    su00050                 Macro           :Include=InstallSrv:SsysidCF="192.168.190.153:/opt/jet/Clients/su00050":
    su00153                 Macro           :Include=InstallSrv:SsysidCF="192.168.190.153:/opt/jet/Clients/su00153":
    su00154                 Macro           :Include=InstallSrv:SsysidCF="192.168.190.153:/opt/jet/Clients/su00154":
    InstallSrv              Macro           :Include=su00166:BootFile="inetboot":BootSrvA=192.168.190.153:SrootIP4=192.168.190.153:SrootNM="su00156":SrootPTH="/install/media/Solaris_9/Solaris_9/Tools/Boot":SinstIP4=192.168.190.153:SinstNM="su00156":SinstPTH="/install/media/Solaris_9":SjumpsCF="192.168.190.153:/opt/jet":
    su00166                 Macro           :Include=Locale:Timeserv=10.16.116.6:LeaseTim=43200:LeaseNeg:DNSdmain="server.my-domain.de":DNSserv=10.16.96.10 10.230.162.2 10.230.162.2:Router=10.16.116.1:
    Locale                  Macro           :UTCoffst=3600:
    Sterm                   Symbol          Vendor=SUNW.Sun-Fire-V240 SUNW.Sun-Fire-V440 SUNW.Sun-Fire-V480 SUNW.Sun-Fire-15000,15,ASCII,1,0
    SjumpsCF                Symbol          Vendor=SUNW.Sun-Fire-V240 SUNW.Sun-Fire-V440 SUNW.Sun-Fire-V480 SUNW.Sun-Fire-15000,14,ASCII,1,0
    SsysidCF                Symbol          Vendor=SUNW.Sun-Fire-V240 SUNW.Sun-Fire-V440 SUNW.Sun-Fire-V480 SUNW.Sun-Fire-15000,13,ASCII,1,0
    SinstPTH                Symbol          Vendor=SUNW.Sun-Fire-V240 SUNW.Sun-Fire-V440 SUNW.Sun-Fire-V480 SUNW.Sun-Fire-15000,12,ASCII,1,0
    SinstNM                 Symbol          Vendor=SUNW.Sun-Fire-V240 SUNW.Sun-Fire-V440 SUNW.Sun-Fire-V480 SUNW.Sun-Fire-15000,11,ASCII,1,0
    SinstIP4                Symbol          Vendor=SUNW.Sun-Fire-V240 SUNW.Sun-Fire-V440 SUNW.Sun-Fire-V480 SUNW.Sun-Fire-15000,10,IP,1,1
    SbootRS                 Symbol          Vendor=SUNW.Sun-Fire-V240 SUNW.Sun-Fire-V440 SUNW.Sun-Fire-V480 SUNW.Sun-Fire-15000,9,NUMBER,2,1
    Stz                     Symbol          Vendor=SUNW.Sun-Fire-V240 SUNW.Sun-Fire-V440 SUNW.Sun-Fire-V480 SUNW.Sun-Fire-15000,8,ASCII,1,0
    SbootFIL                Symbol          Vendor=SUNW.Sun-Fire-V240 SUNW.Sun-Fire-V440 SUNW.Sun-Fire-V480 SUNW.Sun-Fire-15000,7,ASCII,1,0
    SswapPTH                Symbol          Vendor=SUNW.Sun-Fire-V240 SUNW.Sun-Fire-V440 SUNW.Sun-Fire-V480 SUNW.Sun-Fire-15000,6,ASCII,1,0
    SswapIP4                Symbol          Vendor=SUNW.Sun-Fire-V240 SUNW.Sun-Fire-V440 SUNW.Sun-Fire-V480 SUNW.Sun-Fire-15000,5,IP,1,0
    SrootPTH                Symbol          Vendor=SUNW.Sun-Fire-V240 SUNW.Sun-Fire-V440 SUNW.Sun-Fire-V480 SUNW.Sun-Fire-15000,4,ASCII,1,0
    SrootNM                 Symbol          Vendor=SUNW.Sun-Fire-V240 SUNW.Sun-Fire-V440 SUNW.Sun-Fire-V480 SUNW.Sun-Fire-15000,3,ASCII,1,0
    SrootIP4                Symbol          Vendor=SUNW.Sun-Fire-V240 SUNW.Sun-Fire-V440 SUNW.Sun-Fire-V480 SUNW.Sun-Fire-15000,2,IP,1,1
    SrootOpt                Symbol          Vendor=SUNW.Sun-Fire-V240 SUNW.Sun-Fire-V440 SUNW.Sun-Fire-V480 SUNW.Sun-Fire-15000,1,ASCII,1,0

  • Unable to browse internet on a domain user's computer through ASA 5503 Firewall

    Dear All,
    I am trying to configure my new firewall for the last one month but still unable to fix it. I have a domain in windows 2012 standard edition and the firewall with unlimited license. Here is the output of show startup-config. Please note that prpgb.org is my local domain.
    prpgbasa# show startup-config
    : Saved
    : Written by enable_15 at 02:50:45.169 PKT Thu Nov 20 2014
    ASA Version 8.2(5)
    hostname prpgbasa
    domain-name prpgb.org
    enable password AExqpLntfuzsVQrq encrypted
    passwd 2KFQnbNIdI.2KYOU encrypted
    names
    interface Ethernet0/0
     switchport access vlan 2
    interface Ethernet0/1
    interface Ethernet0/2
    interface Ethernet0/3
    interface Ethernet0/4
    interface Ethernet0/5
    interface Ethernet0/6
    interface Ethernet0/7
    interface Vlan1
     nameif inside
     security-level 100
     ip address 10.0.0.1 255.0.0.0
    interface Vlan2
     nameif outside
     security-level 0
     ip address 202.142.XXX.YY 255.255.255.252
    ftp mode passive
    clock timezone PKT 5
    dns server-group DefaultDNS
     domain-name prpgb.org
    pager lines 24
    logging asdm informational
    mtu inside 1500
    mtu outside 1500
    no failover
    icmp unreachable rate-limit 1 burst-size 1
    no asdm history enable
    arp timeout 14400
    global (outside) 1 interface
    nat (inside) 1 0.0.0.0 0.0.0.0
    route outside 0.0.0.0 0.0.0.0 202.142.XXX.YZ 1
    timeout xlate 3:00:00
    timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
    timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
    timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
    timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
    timeout tcp-proxy-reassembly 0:01:00
    timeout floating-conn 0:00:00
    dynamic-access-policy-record DfltAccessPolicy
    http server enable
    http 10.0.0.0 255.0.0.0 inside
    no snmp-server location
    no snmp-server contact
    snmp-server enable traps snmp authentication linkup linkdown coldstart
    crypto ipsec security-association lifetime seconds 28800
    crypto ipsec security-association lifetime kilobytes 4608000
    telnet 10.0.0.0 255.0.0.0 inside
    telnet timeout 5
    ssh 10.0.0.0 255.0.0.0 inside
    ssh timeout 5
    console timeout 0
    dhcpd dns 10.0.0.2 255.0.0.0
    dhcpd dns 208.67.222.222 208.67.220.220 interface inside
    dhcpd lease 86400 interface inside
    dhcpd domain prpgb.org interface inside
    threat-detection basic-threat
    threat-detection statistics access-list
    no threat-detection statistics tcp-intercept
    webvpn
    class-map inspection_default
     match default-inspection-traffic
    policy-map type inspect dns preset_dns_map
     parameters
      message-length maximum client auto
      message-length maximum 512
    policy-map global_policy
     class inspection_default
      inspect dns preset_dns_map
      inspect ftp
      inspect h323 h225
      inspect h323 ras
      inspect rsh
      inspect rtsp
      inspect esmtp
      inspect sqlnet
      inspect skinny
      inspect sunrpc
      inspect xdmcp
      inspect sip
      inspect netbios
      inspect tftp
      inspect ip-options
    service-policy global_policy global
    prompt hostname context
    no call-home reporting anonymous
    Cryptochecksum:23c0af4b2ddf9e925f83ce13909ab900
    prpgbasa#
    You all are requested to have a look into the problem and suggest me the modifications.
    Thanks

    Dear All,
    I have solved the issue. I have done the following in-order to browse internet on domain user computers. Here are the steps
    1. I have disabled my internal DHCP server in the domain.
    2. Then I have configured the ASA DHCP server in the default IP address scheme i.e. 192.168.1.100-200
    3. I have Connected my ASA to a switch first then from there I connected a cable to my Domain's Server WAN interface. The LAN (192.168.1.2)interface of the Domain server is also plugged into the same switch. 
    4. I am using my Domain Server's DNS for name resolution and forward queries which are not served by my domain to open dns server.
    It works perfectly so far but before applying or setting up the entire netowrk i want your help to look into the configuration file for corrections if i am making any mistakes. Thanks again for your help and here is the output of show confing.
    prpgbasa# show startup
    : Saved
    : Written by Ghaffar at 02:11:24.319 PKT Mon Dec 8 2014
    ASA Version 8.2(5)
    hostname prpgbasa
    domain-name prpgb.org
    enable password AExqpLntfuzsVQrq encrypted
    passwd 2KFQnbNIdI.2KYOU encrypted
    names
    interface Ethernet0/0
     switchport access vlan 2
    interface Ethernet0/1
    interface Ethernet0/2
    interface Ethernet0/3
    interface Ethernet0/4
    interface Ethernet0/5
    interface Ethernet0/6
    interface Ethernet0/7
    interface Vlan1
     nameif inside
     security-level 100
     ddns update hostname PRPGB.ORG
     dhcp client update dns server both
     ip address 192.168.1.1 255.255.255.0
    interface Vlan2
     nameif outside
     security-level 0
     ip address 202.142.XXX.YY 255.255.255.252
    ftp mode passive
    clock timezone PKT 5
    dns domain-lookup inside
    dns server-group DefaultDNS
     name-server 192.168.1.2
     domain-name prpgb.org
    object-group network obj_any
    pager lines 24
    logging enable
    logging asdm informational
    mtu inside 1500
    mtu outside 1500
    no failover
    icmp unreachable rate-limit 1 burst-size 1
    no asdm history enable
    arp timeout 14400
    global (outside) 1 interface
    nat (inside) 1 0.0.0.0 0.0.0.0
    route outside 0.0.0.0 0.0.0.0 202.142.XXX.YY 1
    timeout xlate 3:00:00
    timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
    timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
    timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
    timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
    timeout tcp-proxy-reassembly 0:01:00
    timeout floating-conn 0:00:00
    dynamic-access-policy-record DfltAccessPolicy
    aaa authentication ssh console LOCAL
    aaa authentication http console LOCAL
    aaa authentication serial console LOCAL
    aaa authentication enable console LOCAL
    http server enable
    http 192.168.1.0 255.255.255.0 inside
    no snmp-server location
    no snmp-server contact
    snmp-server enable traps snmp authentication linkup linkdown coldstart
    crypto ipsec security-association lifetime seconds 28800
    crypto ipsec security-association lifetime kilobytes 4608000
    telnet 192.168.1.0 255.255.255.0 inside
    telnet timeout 5
    ssh 192.168.1.0 255.255.255.0 inside
    ssh timeout 5
    console timeout 0
    dhcpd address 192.168.1.100-192.168.1.200 inside
    dhcpd dns 192.168.1.2 interface inside
    dhcpd lease 86400 interface inside
    dhcpd domain prpgb.org interface inside
    dhcpd update dns both interface inside
    dhcpd enable inside
    threat-detection basic-threat
    threat-detection statistics access-list
    no threat-detection statistics tcp-intercept
    webvpn
    username ABC password FL01QCj0LaLWTID0 encrypted privilege 15
    class-map inspection_default
     match default-inspection-traffic
    policy-map type inspect dns preset_dns_map
     parameters
      message-length maximum client auto
      message-length maximum 512
    policy-map global_policy
     class inspection_default
      inspect dns preset_dns_map
      inspect ftp
      inspect h323 h225
      inspect h323 ras
      inspect rsh
      inspect rtsp
      inspect esmtp
      inspect sqlnet
      inspect skinny
      inspect sunrpc
      inspect xdmcp
      inspect sip
      inspect netbios
      inspect tftp
      inspect ip-options
      inspect icmp
    service-policy global_policy global
    prompt hostname context
    no call-home reporting anonymous
    Cryptochecksum:7c4930a079158c0cb10a42813d3690cd
    prpgbasa#
    Please suggest me if there are any recomendations.
    Thanks in advance.
    Ghaffar

  • DHCP Server does not work after Exporting and Importing Using Netsh Command

    Hello Friends :
    I had two dhcp servers in windows server 2003 server , I have upgraded one of them to windows server 2008 32 bit and again i installed a windows server 2008 R2 as an additional Domain Controller , the last scenario was like this :
    srv-1 : windows server 2003 + DHCP = working with no problem
    srv-2 : windows server 2003 + DC + DHCP = Worked without problem
    srv-3 : windows server 2008 R2 + DC = worked without any problems
    I exported the DHCP server configuration on the srv-2 using netsh dhcp server export and Imported them to srv-3 using the
    netsh dhcp server import command , the command completed successfully and i can see all of the scopes without any problems and errors , i have authorized the new server without any problem , all scopes are activated without any problem so i
    disabled the srv-2 DHCP service and unauthorized it from active directory , the problem is that the new server semms that does not lease any address to clients !!!
    1- I have authorized it
    2- I used Rogue Checker tool in client computers they see authorized server without any problems
    3- The same tool in workgroup only shows srv-1 as the DHCP server and does not see other DHCP servers
    4- Bindings are OK and DHCP servers only have one NIC installed on them
    What can i do to make sure my srv-3 DHCP server will work on the network ?
    thanks ...
    MIMO

    Are the clients on another network so you need to configure a DHCP relay agent?
    If you load up perfmon on the dhcp server and remove all counters and then add DHCP counters. Do you see any dhcprequests when you reboot your dhcp clients? This will determine if your server actually receives any dhcp requests.
    Have you check event viewer for any warnings or errors?
    And the classic one restarted the dhcp server service (or reboot)?
    Regards Per-Torben Sørensen http://pertorben.wordpress.com/

  • Home Server Set Up - DNS, DHCP etc

    Hi
    I'm looking to set up a Mountain Lion Server at home. 
    I have a Lion Server but I think I will wipe it and start again, mainly because I didn't use a particularly good name to begin with. I've read the We Got Served Mountain Lion Server book, Mountain Lion Server for Dummies and Apples Documentation.
    I am planning to set up in the following way:
    Turn my Virgin Media router 'Modem Only' mode on.
    Turn on my AirPort Extreme and set it up as the DHCP server.
    I will set up a pool of IP addresses.
    Question 1 - I think the best way is to make a reserved IP address for my server within this pool rather than a static IP address outside of the pool (but within the subnet).  Any comments on this?
    Question 2 - I need to boot my Lion Server to get the MAC address for the reservation.  Should I set the reservation IP as the IP the DHCP server provides or set it up to an unused IP address? I will set up DHCP to distribute DNS server names. 
    Question 3 - Because I want my Mountain Lion Server to provide Directory Services I need to set up the Mountain Lion Server as a DNS server.  Is this correct?
    The DNS servers I will get the DHCP server to provide in the following order:
    1 My Mountain Lion Server
    2 My 1st Virgin Media DNS Server
    3 My 2nd Virgin Media DNS Server (not sure I can set up a 3rd DNS server)
    I am not going to use a Google DNS or another open DNS because they are located in the US and this affects caching of internet content.
    When I set up my Mountain Lion Server I am in two minds about going for a public internet registered domain or a private domain.
    Question 4 - Are there any limitations in using the registered public domain as opposed to a private domain with VPN.  If I need access to any of my machines remotely I tend to use LogMeIn form my iPad.  But I am tempted (just because its there) to set up a public internet address and using it. If I did go for the public domain I would need to use a dynamic DNS service (like Dyn.com) because I don't have a static IP.  However if I didn't I would only need to change my public DNS entry if I rebooted my router (and I may not even then as its IP address may not be reassigned). 
    If I don’t need remote access to my server very often then this would be acceptable.
    Question 5 - If I did go the full internet way (as opposed to the .private domain) what do I register at dyn.com?  Just my domain, then add a record for the server. 
    1. Register ‘example.com’
    2. Add a record at Dyn.com for ‘server.example.com’. 
    3. On my server set up put ‘server’ in the Computer Name field
    4. On the ‘Host Name’ field enter ‘server.example.com’.
    Question 6 – Bonjour and DNS.  Aside from whether I go for a public registered domain or a private domain (and access via VPN or LogMeIn) how do these settings affect the Bonjour set up?  My understanding is the Bonjour uses .local.  So what is the resolution path?  If I set up a DNS server on my Mountain Lion Server do I need to enter a record for each local laptop in the house or can I leave that to Bonjour?  My understanding is the Bonjour will continue for all local address resolution and the Mountain Lion DNS will take care of resolving the server name (for Directory Services and any other services).  Is this right will DNS be used for file and print services on the server?
    Any thoughts/answers/comments/casual abuse welcome.
    Thanks

    Hi
    I'm looking to set up a Mountain Lion Server at home. 
    I have a Lion Server but I think I will wipe it and start again, mainly because I didn't use a particularly good name to begin with. I've read the We Got Served Mountain Lion Server book, Mountain Lion Server for Dummies and Apples Documentation.
    I am planning to set up in the following way:
    Turn my Virgin Media router 'Modem Only' mode on.
    Turn on my AirPort Extreme and set it up as the DHCP server.
    I will set up a pool of IP addresses.
    Question 1 - I think the best way is to make a reserved IP address for my server within this pool rather than a static IP address outside of the pool (but within the subnet).  Any comments on this?
    Question 2 - I need to boot my Lion Server to get the MAC address for the reservation.  Should I set the reservation IP as the IP the DHCP server provides or set it up to an unused IP address? I will set up DHCP to distribute DNS server names. 
    Question 3 - Because I want my Mountain Lion Server to provide Directory Services I need to set up the Mountain Lion Server as a DNS server.  Is this correct?
    The DNS servers I will get the DHCP server to provide in the following order:
    1 My Mountain Lion Server
    2 My 1st Virgin Media DNS Server
    3 My 2nd Virgin Media DNS Server (not sure I can set up a 3rd DNS server)
    I am not going to use a Google DNS or another open DNS because they are located in the US and this affects caching of internet content.
    When I set up my Mountain Lion Server I am in two minds about going for a public internet registered domain or a private domain.
    Question 4 - Are there any limitations in using the registered public domain as opposed to a private domain with VPN.  If I need access to any of my machines remotely I tend to use LogMeIn form my iPad.  But I am tempted (just because its there) to set up a public internet address and using it. If I did go for the public domain I would need to use a dynamic DNS service (like Dyn.com) because I don't have a static IP.  However if I didn't I would only need to change my public DNS entry if I rebooted my router (and I may not even then as its IP address may not be reassigned). 
    If I don’t need remote access to my server very often then this would be acceptable.
    Question 5 - If I did go the full internet way (as opposed to the .private domain) what do I register at dyn.com?  Just my domain, then add a record for the server. 
    1. Register ‘example.com’
    2. Add a record at Dyn.com for ‘server.example.com’. 
    3. On my server set up put ‘server’ in the Computer Name field
    4. On the ‘Host Name’ field enter ‘server.example.com’.
    Question 6 – Bonjour and DNS.  Aside from whether I go for a public registered domain or a private domain (and access via VPN or LogMeIn) how do these settings affect the Bonjour set up?  My understanding is the Bonjour uses .local.  So what is the resolution path?  If I set up a DNS server on my Mountain Lion Server do I need to enter a record for each local laptop in the house or can I leave that to Bonjour?  My understanding is the Bonjour will continue for all local address resolution and the Mountain Lion DNS will take care of resolving the server name (for Directory Services and any other services).  Is this right will DNS be used for file and print services on the server?
    Any thoughts/answers/comments/casual abuse welcome.
    Thanks

Maybe you are looking for