Radius, and DHCP DNS info
I have recently turned on the Radius server, and it seems to work fine, and has taken control of my Airport base station which is great. I only have one problem which is that the DHCP info provided by the server to the clients only seems to give one of the 2 DNS addresses that I have listed in the DHCP server info section. This is rather frustrating as it worked fine with WPA!
Any thoughts?
I just upgraded from a 2008 domain to 2012. I followed all the best practices, set up new 2012 DC and transferred all roles to it then removed the 2008 server. I just have the one DC at the moment and it's running both DNS and DHCP. Ever since we've had some odd DNS issues which usually require a reboot of the server to fix. Now at this point I'm digging through DNS and DHCP and seeing that a lot of client IP addresses are not matching up. DNS does not have the correct IP's for several clients. How can I fix dns?
This topic first appeared in the Spiceworks Community
Similar Messages
-
Hello,
I'm not sure how the following is working.
asa5525
anyconnect version 3.1
windows server 2008R2
When you come in via VPN I send clients to the windows server for DHCP/DNS info and records get created in the FLZ and RLZ. When folks disconnect from VPN those records in both FLZ and RLZ get purged instantly. When your on wired and disconnect those records in both zones do not get purged. I have my VPN scope and wired scope setup exactly the same. I'm new to managing DNS and DHCP and know there's a lot to learn but it seems odd that when leaving a VPN session those records fall off right away. I'm not sure if the ASA has something to do with it or the anyconnect client itself.
thanks for any help!
This topic first appeared in the Spiceworks CommunityHello,
I'm not sure how the following is working.
asa5525
anyconnect version 3.1
windows server 2008R2
When you come in via VPN I send clients to the windows server for DHCP/DNS info and records get created in the FLZ and RLZ. When folks disconnect from VPN those records in both FLZ and RLZ get purged instantly. When your on wired and disconnect those records in both zones do not get purged. I have my VPN scope and wired scope setup exactly the same. I'm new to managing DNS and DHCP and know there's a lot to learn but it seems odd that when leaving a VPN session those records fall off right away. I'm not sure if the ASA has something to do with it or the anyconnect client itself.
thanks for any help!
This topic first appeared in the Spiceworks Community -
SBS 2011 no longer issues DHCP leases: DHCP, DNS, and AD Errors
Hi all. On early 8/13/2012 and into the morning, our UPS failed several times. The battery seems to be fine but the unit was shutting off power to the unit which means the (Windows SBS 2011 Standard) server shut off unexpectedly several times.I replaced
the UPS.
Now I'm trying to figure out what in the world this did to the server. It seems DHCP, DNS, and AD all have issues, as seen in the logs below. The client PC's are going offline one-by-one because the leases are expiring and it can't connect to the server
to renew. When trying to start the DHCP service, I get a 20013 error saying it cannot be started.
So I attempted to follow a kb article and repair the database but that didn't work because it seems the Jetpack utility is not in SBS 2011? And even at that, I'm thinking it may not even be a corrupted DHCP database due to the other errors in the event log.
This is a small office and I only know enough to be dangerous but usually I can just follow a kb to fix any issues. But there are so many errors, this one has me stumped.. Could any Server whizzes identify the big picture here?
Level Date and Time Source Event ID Task Category
Critical 8/13/2012 1:33:12 PM Microsoft-Windows-Kernel-Power 41 (63) The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Critical 8/13/2012 11:30:37 AM Microsoft-Windows-Kernel-Power 41 (63) The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Critical 8/13/2012 8:23:24 AM Microsoft-Windows-Kernel-Power 41 (63) The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Critical 8/13/2012 8:05:08 AM Microsoft-Windows-Kernel-Power 41 (63) The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Critical 8/13/2012 7:38:04 AM Microsoft-Windows-Kernel-Power 41 (63) The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Critical 8/13/2012 7:29:29 AM Microsoft-Windows-Kernel-Power 41 (63) The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Critical 8/13/2012 12:55:11 AM Microsoft-Windows-Kernel-Power 41 (63) The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Critical 8/13/2012 12:15:49 AM Microsoft-Windows-Kernel-Power 41 (63) The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Critical 8/13/2012 12:09:49 AM Microsoft-Windows-Kernel-Power 41 (63) The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Level Date and Time Source Event ID Task Category
Error 8/15/2012 12:48:02 PM ADWS 1202 ADWS Instance Events "This computer is now hosting the specified directory instance, but Active Directory Web Services could not service it. Active Directory Web Services will retry this operation periodically.
Directory instance: NTDS
Directory instance LDAP port: 389
Directory instance SSL port: 636
Error 8/14/2012 2:23:37 PM ADWS 1202 ADWS Instance Events "This computer is now hosting the specified directory instance, but Active Directory Web Services could not service it. Active Directory Web Services will retry this operation periodically.
Directory instance: NTDS
Directory instance LDAP port: 389
Directory instance SSL port: 636
Error 8/14/2012 1:14:33 PM ADWS 1202 ADWS Instance Events "This computer is now hosting the specified directory instance, but Active Directory Web Services could not service it. Active Directory Web Services will retry this operation periodically.
Directory instance: NTDS
Directory instance LDAP port: 389
Directory instance SSL port: 636
Error 8/13/2012 8:06:12 AM ADWS 1202 ADWS Instance Events "This computer is now hosting the specified directory instance, but Active Directory Web Services could not service it. Active Directory Web Services will retry this operation periodically.
Directory instance: NTDS
Directory instance LDAP port: 389
Directory instance SSL port: 636
Error 8/13/2012 7:38:59 AM ADWS 1202 ADWS Instance Events "This computer is now hosting the specified directory instance, but Active Directory Web Services could not service it. Active Directory Web Services will retry this operation periodically.
Directory instance: NTDS
Directory instance LDAP port: 389
Directory instance SSL port: 636
Error 8/13/2012 12:16:52 AM ADWS 1202 ADWS Instance Events "This computer is now hosting the specified directory instance, but Active Directory Web Services could not service it. Active Directory Web Services will retry this operation periodically.
Directory instance: NTDS
Directory instance LDAP port: 389
Directory instance SSL port: 636
Error 5/31/2012 12:00:19 PM ADWS 1202 ADWS Instance Events "This computer is now hosting the specified directory instance, but Active Directory Web Services could not service it. Active Directory Web Services will retry this operation periodically.
Directory instance: NTDS
Directory instance LDAP port: 389
Directory instance SSL port: 636
Error 5/31/2012 11:14:20 AM ADWS 1202 ADWS Instance Events "This computer is now hosting the specified directory instance, but Active Directory Web Services could not service it. Active Directory Web Services will retry this operation periodically.
Directory instance: NTDS
Directory instance LDAP port: 389
Directory instance SSL port: 636
Error 4/18/2012 4:32:07 PM ADWS 1202 ADWS Instance Events "This computer is now hosting the specified directory instance, but Active Directory Web Services could not service it. Active Directory Web Services will retry this operation periodically.
Directory instance: NTDS
Directory instance LDAP port: 389
Directory instance SSL port: 636
Error 9/2/2011 2:14:09 AM ADWS 1202 ADWS Instance Events "This computer is now hosting the specified directory instance, but Active Directory Web Services could not service it. Active Directory Web Services will retry this operation periodically.
Directory instance: NTDS
Directory instance LDAP port: 389
Directory instance SSL port: 636
Error 8/30/2011 11:37:18 PM ADWS 1202 ADWS Instance Events "This computer is now hosting the specified directory instance, but Active Directory Web Services could not service it. Active Directory Web Services will retry this operation periodically.
Directory instance: NTDS
Directory instance LDAP port: 389
Directory instance SSL port: 636
Error 8/23/2011 1:52:28 PM ADWS 1202 ADWS Instance Events "This computer is now hosting the specified directory instance, but Active Directory Web Services could not service it. Active Directory Web Services will retry this operation periodically.
Directory instance: NTDS
Directory instance LDAP port: 389
Directory instance SSL port: 636
Level Date and Time Source Event ID Task Category
Error 8/15/2012 8:23:17 PM Microsoft-Windows-DHCP-Server 1004 None "The DHCP service failed to initialize the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/15/2012 2:45:22 PM Microsoft-Windows-DHCP-Server 1004 None "The DHCP service failed to initialize the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/15/2012 12:52:46 PM Microsoft-Windows-DHCP-Server 1004 None "The DHCP service failed to initialize the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/15/2012 12:52:38 PM Microsoft-Windows-DHCP-Server 1004 None "The DHCP service failed to initialize the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/15/2012 12:52:17 PM Microsoft-Windows-DHCP-Server 1004 None "The DHCP service failed to initialize the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/15/2012 12:48:02 PM Microsoft-Windows-DHCP-Server 1004 None "The DHCP service failed to initialize the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/15/2012 12:27:04 PM Microsoft-Windows-DHCP-Server 1004 None "The DHCP service failed to initialize the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/15/2012 12:22:27 PM Microsoft-Windows-DHCP-Server 1004 None "The DHCP service failed to initialize the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/14/2012 8:03:57 PM Microsoft-Windows-DHCP-Server 1004 None "The DHCP service failed to initialize the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/14/2012 8:03:35 PM Microsoft-Windows-DHCP-Server 1004 None "The DHCP service failed to initialize the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/14/2012 7:52:07 PM Microsoft-Windows-DHCP-Server 1004 None "The DHCP service failed to initialize the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/14/2012 7:48:46 PM Microsoft-Windows-DHCP-Server 1004 None "The DHCP service failed to initialize the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/14/2012 7:28:39 PM Microsoft-Windows-DHCP-Server 1004 None "The DHCP service failed to initialize the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/14/2012 4:47:56 PM Microsoft-Windows-DHCP-Server 1004 None "The DHCP service failed to initialize the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/14/2012 3:41:50 PM Microsoft-Windows-DHCP-Server 1004 None "The DHCP service failed to initialize the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/14/2012 2:53:42 PM Microsoft-Windows-DHCP-Server 1004 None "The DHCP service failed to initialize the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/14/2012 2:42:26 PM Microsoft-Windows-DHCP-Server 1004 None "The DHCP service failed to initialize the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/14/2012 2:42:08 PM Microsoft-Windows-DHCP-Server 1004 None "The DHCP service failed to initialize the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/14/2012 2:23:24 PM Microsoft-Windows-DHCP-Server 1004 None "The DHCP service failed to initialize the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/14/2012 2:16:13 PM Microsoft-Windows-DHCP-Server 1004 None "The DHCP service failed to initialize the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/14/2012 1:14:33 PM Microsoft-Windows-DHCP-Server 1004 None "The DHCP service failed to initialize the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/13/2012 1:33:58 PM Microsoft-Windows-DHCP-Server 1004 None "The DHCP service failed to initialize the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/13/2012 11:48:37 AM Microsoft-Windows-DHCP-Server 1004 None "The DHCP service failed to initialize the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/13/2012 11:45:31 AM Microsoft-Windows-DHCP-Server 1004 None "The DHCP service failed to initialize the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/13/2012 11:41:43 AM Microsoft-Windows-DHCP-Server 1004 None "The DHCP service failed to initialize the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/13/2012 11:39:43 AM Microsoft-Windows-DHCP-Server 1004 None "The DHCP service failed to initialize the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/13/2012 11:31:22 AM Microsoft-Windows-DHCP-Server 1004 None "The DHCP service failed to initialize the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/13/2012 8:24:08 AM Microsoft-Windows-DHCP-Server 1004 None "The DHCP service failed to initialize the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/13/2012 8:06:12 AM Microsoft-Windows-DHCP-Server 1004 None "The DHCP service failed to initialize the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/13/2012 7:38:47 AM Microsoft-Windows-DHCP-Server 1004 None "The DHCP service failed to initialize the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/13/2012 7:30:14 AM Microsoft-Windows-DHCP-Server 1004 None "The DHCP service failed to initialize the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/13/2012 12:55:59 AM Microsoft-Windows-DHCP-Server 1004 None "The DHCP service failed to initialize the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/13/2012 12:16:52 AM Microsoft-Windows-DHCP-Server 1004 None "The DHCP service failed to initialize the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Level Date and Time Source Event ID Task Category
Error 8/15/2012 12:52:46 PM Microsoft-Windows-DHCP-Server 1008 None "The DHCP service is shutting down due to the following error:
The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""%2"" (Server IP Address %1)
Error 8/15/2012 12:52:38 PM Microsoft-Windows-DHCP-Server 1008 None "The DHCP service is shutting down due to the following error:
The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""%2"" (Server IP Address %1)
Error 8/15/2012 12:52:17 PM Microsoft-Windows-DHCP-Server 1008 None "The DHCP service is shutting down due to the following error:
The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""%2"" (Server IP Address %1)
Error 8/15/2012 12:48:02 PM Microsoft-Windows-DHCP-Server 1008 None "The DHCP service is shutting down due to the following error:
The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""%2"" (Server IP Address %1)
Error 8/15/2012 12:27:04 PM Microsoft-Windows-DHCP-Server 1008 None "The DHCP service is shutting down due to the following error:
The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""%2"" (Server IP Address %1)
Error 8/15/2012 12:22:27 PM Microsoft-Windows-DHCP-Server 1008 None "The DHCP service is shutting down due to the following error:
The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""%2"" (Server IP Address %1)
Error 8/14/2012 8:03:57 PM Microsoft-Windows-DHCP-Server 1008 None "The DHCP service is shutting down due to the following error:
The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""%2"" (Server IP Address %1)
Error 8/14/2012 8:03:35 PM Microsoft-Windows-DHCP-Server 1008 None "The DHCP service is shutting down due to the following error:
The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""%2"" (Server IP Address %1)
Error 8/14/2012 7:52:07 PM Microsoft-Windows-DHCP-Server 1008 None "The DHCP service is shutting down due to the following error:
The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""%2"" (Server IP Address %1)
Error 8/14/2012 7:48:47 PM Microsoft-Windows-DHCP-Server 1008 None "The DHCP service is shutting down due to the following error:
The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""%2"" (Server IP Address %1)
Error 8/14/2012 7:28:40 PM Microsoft-Windows-DHCP-Server 1008 None "The DHCP service is shutting down due to the following error:
The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""%2"" (Server IP Address %1)
Error 8/14/2012 4:47:56 PM Microsoft-Windows-DHCP-Server 1008 None "The DHCP service is shutting down due to the following error:
The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""%2"" (Server IP Address %1)
Error 8/14/2012 3:41:50 PM Microsoft-Windows-DHCP-Server 1008 None "The DHCP service is shutting down due to the following error:
The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""%2"" (Server IP Address %1)
Error 8/14/2012 2:53:42 PM Microsoft-Windows-DHCP-Server 1008 None "The DHCP service is shutting down due to the following error:
The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""%2"" (Server IP Address %1)
Error 8/14/2012 2:42:26 PM Microsoft-Windows-DHCP-Server 1008 None "The DHCP service is shutting down due to the following error:
The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""%2"" (Server IP Address %1)
Error 8/14/2012 2:42:08 PM Microsoft-Windows-DHCP-Server 1008 None "The DHCP service is shutting down due to the following error:
The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""%2"" (Server IP Address %1)
Error 8/14/2012 2:23:25 PM Microsoft-Windows-DHCP-Server 1008 None "The DHCP service is shutting down due to the following error:
The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""%2"" (Server IP Address %1)
Error 8/14/2012 2:16:13 PM Microsoft-Windows-DHCP-Server 1008 None "The DHCP service is shutting down due to the following error:
The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""%2"" (Server IP Address %1)
Error 8/14/2012 1:14:33 PM Microsoft-Windows-DHCP-Server 1008 None "The DHCP service is shutting down due to the following error:
The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""%2"" (Server IP Address %1)
Error 8/13/2012 1:33:59 PM Microsoft-Windows-DHCP-Server 1008 None "The DHCP service is shutting down due to the following error:
The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""%2"" (Server IP Address %1)
Error 8/13/2012 11:48:37 AM Microsoft-Windows-DHCP-Server 1008 None "The DHCP service is shutting down due to the following error:
The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""%2"" (Server IP Address %1)
Error 8/13/2012 11:45:33 AM Microsoft-Windows-DHCP-Server 1008 None "The DHCP service is shutting down due to the following error:
The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""%2"" (Server IP Address %1)
Error 8/13/2012 11:41:43 AM Microsoft-Windows-DHCP-Server 1008 None "The DHCP service is shutting down due to the following error:
The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""%2"" (Server IP Address %1)
Error 8/13/2012 11:39:43 AM Microsoft-Windows-DHCP-Server 1008 None "The DHCP service is shutting down due to the following error:
The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""%2"" (Server IP Address %1)
Error 8/13/2012 11:31:23 AM Microsoft-Windows-DHCP-Server 1008 None "The DHCP service is shutting down due to the following error:
The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""%2"" (Server IP Address %1)
Error 8/13/2012 8:24:09 AM Microsoft-Windows-DHCP-Server 1008 None "The DHCP service is shutting down due to the following error:
The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""%2"" (Server IP Address %1)
Error 8/13/2012 8:06:13 AM Microsoft-Windows-DHCP-Server 1008 None "The DHCP service is shutting down due to the following error:
The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""%2"" (Server IP Address %1)
Error 8/13/2012 7:38:48 AM Microsoft-Windows-DHCP-Server 1008 None "The DHCP service is shutting down due to the following error:
The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""%2"" (Server IP Address %1)
Error 8/13/2012 12:55:59 AM Microsoft-Windows-DHCP-Server 1008 None "The DHCP service is shutting down due to the following error:
The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""%2"" (Server IP Address %1)
Error 8/13/2012 12:16:52 AM Microsoft-Windows-DHCP-Server 1008 None "The DHCP service is shutting down due to the following error:
The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""2A040000"" (Server IP Address The DHCP/BINL service is not authorized in the directory service domain ""%2"" (Server IP Address %1)
Level Date and Time Source Event ID Task Category
Error 8/15/2012 8:23:17 PM Microsoft-Windows-DHCP-Server 1018 None "The DHCP service failed to restore the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/15/2012 2:45:22 PM Microsoft-Windows-DHCP-Server 1018 None "The DHCP service failed to restore the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/15/2012 12:52:46 PM Microsoft-Windows-DHCP-Server 1018 None "The DHCP service failed to restore the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/15/2012 12:52:38 PM Microsoft-Windows-DHCP-Server 1018 None "The DHCP service failed to restore the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/15/2012 12:52:17 PM Microsoft-Windows-DHCP-Server 1018 None "The DHCP service failed to restore the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/15/2012 12:48:02 PM Microsoft-Windows-DHCP-Server 1018 None "The DHCP service failed to restore the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/15/2012 12:27:04 PM Microsoft-Windows-DHCP-Server 1018 None "The DHCP service failed to restore the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/15/2012 12:22:27 PM Microsoft-Windows-DHCP-Server 1018 None "The DHCP service failed to restore the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/14/2012 8:03:57 PM Microsoft-Windows-DHCP-Server 1018 None "The DHCP service failed to restore the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/14/2012 8:03:35 PM Microsoft-Windows-DHCP-Server 1018 None "The DHCP service failed to restore the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/14/2012 7:52:07 PM Microsoft-Windows-DHCP-Server 1018 None "The DHCP service failed to restore the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/14/2012 7:48:47 PM Microsoft-Windows-DHCP-Server 1018 None "The DHCP service failed to restore the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/14/2012 7:28:40 PM Microsoft-Windows-DHCP-Server 1018 None "The DHCP service failed to restore the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/14/2012 4:47:56 PM Microsoft-Windows-DHCP-Server 1018 None "The DHCP service failed to restore the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/14/2012 3:41:50 PM Microsoft-Windows-DHCP-Server 1018 None "The DHCP service failed to restore the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/14/2012 2:53:42 PM Microsoft-Windows-DHCP-Server 1018 None "The DHCP service failed to restore the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/14/2012 2:42:26 PM Microsoft-Windows-DHCP-Server 1018 None "The DHCP service failed to restore the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/14/2012 2:42:08 PM Microsoft-Windows-DHCP-Server 1018 None "The DHCP service failed to restore the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/14/2012 2:23:25 PM Microsoft-Windows-DHCP-Server 1018 None "The DHCP service failed to restore the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/14/2012 2:16:13 PM Microsoft-Windows-DHCP-Server 1018 None "The DHCP service failed to restore the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/14/2012 1:14:33 PM Microsoft-Windows-DHCP-Server 1018 None "The DHCP service failed to restore the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/13/2012 1:33:59 PM Microsoft-Windows-DHCP-Server 1018 None "The DHCP service failed to restore the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/13/2012 11:48:37 AM Microsoft-Windows-DHCP-Server 1018 None "The DHCP service failed to restore the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/13/2012 11:45:33 AM Microsoft-Windows-DHCP-Server 1018 None "The DHCP service failed to restore the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/13/2012 11:41:43 AM Microsoft-Windows-DHCP-Server 1018 None "The DHCP service failed to restore the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/13/2012 11:39:43 AM Microsoft-Windows-DHCP-Server 1018 None "The DHCP service failed to restore the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/13/2012 11:31:23 AM Microsoft-Windows-DHCP-Server 1018 None "The DHCP service failed to restore the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/13/2012 8:24:09 AM Microsoft-Windows-DHCP-Server 1018 None "The DHCP service failed to restore the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/13/2012 8:06:13 AM Microsoft-Windows-DHCP-Server 1018 None "The DHCP service failed to restore the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/13/2012 7:38:48 AM Microsoft-Windows-DHCP-Server 1018 None "The DHCP service failed to restore the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/13/2012 7:30:15 AM Microsoft-Windows-DHCP-Server 1018 None "The DHCP service failed to restore the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/13/2012 12:55:59 AM Microsoft-Windows-DHCP-Server 1018 None "The DHCP service failed to restore the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Error 8/13/2012 12:16:52 AM Microsoft-Windows-DHCP-Server 1018 None "The DHCP service failed to restore the database. The following error occurred:
An error occurred while accessing the DHCP database. Look at the DHCP server event log for more information on this error.
Level Date and Time Source Event ID Task Category
Error 8/15/2012 12:48:28 PM NtFrs 13552 None "The File Replication Service is unable to add this computer to the following replica set:
""DOMAIN SYSTEM VOLUME (SYSVOL SHARE)""
This could be caused by a number of problems such as:
-- an invalid root path,
-- a missing directory,
-- a missing disk volume,
-- a file system on the volume that does not support NTFS 5.0
The information below may help to resolve the problem:
Computer DNS name is ""SERVER2011.vhf.local""
Replica set member name is ""SERVER2011""
Replica set root path is ""c:\windows\sysvol\domain""
Replica staging directory path is ""c:\windows\sysvol\staging\domain""
Replica working directory path is ""c:\windows\ntfrs\jet""
Windows error status code is
FRS error status code is FrsErrorMismatchedJournalId
Other event log messages may also help determine the problem. Correct the problem and the service will attempt to restart replication automatically at a later time."
Error 8/15/2012 12:22:55 PM NtFrs 13552 None "The File Replication Service is unable to add this computer to the following replica set:
""DOMAIN SYSTEM VOLUME (SYSVOL SHARE)""
This could be caused by a number of problems such as:
-- an invalid root path,
-- a missing directory,
-- a missing disk volume,
-- a file system on the volume that does not support NTFS 5.0
The information below may help to resolve the problem:
Computer DNS name is ""SERVER2011.vhf.local""
Replica set member name is ""SERVER2011""
Replica set root path is ""c:\windows\sysvol\domain""
Replica staging directory path is ""c:\windows\sysvol\staging\domain""
Replica working directory path is ""c:\windows\ntfrs\jet""
Windows error status code is
FRS error status code is FrsErrorMismatchedJournalId
Other event log messages may also help determine the problem. Correct the problem and the service will attempt to restart replication automatically at a later time."
Error 8/14/2012 2:23:56 PM NtFrs 13552 None "The File Replication Service is unable to add this computer to the following replica set:
""DOMAIN SYSTEM VOLUME (SYSVOL SHARE)""
This could be caused by a number of problems such as:
-- an invalid root path,
-- a missing directory,
-- a missing disk volume,
-- a file system on the volume that does not support NTFS 5.0
The information below may help to resolve the problem:
Computer DNS name is ""SERVER2011.vhf.local""
Replica set member name is ""SERVER2011""
Replica set root path is ""c:\windows\sysvol\domain""
Replica staging directory path is ""c:\windows\sysvol\staging\domain""
Replica working directory path is ""c:\windows\ntfrs\jet""
Windows error status code is
FRS error status code is FrsErrorMismatchedJournalId
Other event log messages may also help determine the problem. Correct the problem and the service will attempt to restart replication automatically at a later time."
Error 8/14/2012 1:15:00 PM NtFrs 13552 None "The File Replication Service is unable to add this computer to the following replica set:
""DOMAIN SYSTEM VOLUME (SYSVOL SHARE)""
This could be caused by a number of problems such as:
-- an invalid root path,
-- a missing directory,
-- a missing disk volume,
-- a file system on the volume that does not support NTFS 5.0
The information below may help to resolve the problem:
Computer DNS name is ""SERVER2011.vhf.local""
Replica set member name is ""SERVER2011""
Replica set root path is ""c:\windows\sysvol\domain""
Replica staging directory path is ""c:\windows\sysvol\staging\domain""
Replica working directory path is ""c:\windows\ntfrs\jet""
Windows error status code is
FRS error status code is FrsErrorMismatchedJournalId
Other event log messages may also help determine the problem. Correct the problem and the service will attempt to restart replication automatically at a later time."
Error 8/13/2012 1:34:27 PM NtFrs 13552 None "The File Replication Service is unable to add this computer to the following replica set:
""DOMAIN SYSTEM VOLUME (SYSVOL SHARE)""
This could be caused by a number of problems such as:
-- an invalid root path,
-- a missing directory,
-- a missing disk volume,
-- a file system on the volume that does not support NTFS 5.0
The information below may help to resolve the problem:
Computer DNS name is ""SERVER2011.vhf.local""
Replica set member name is ""SERVER2011""
Replica set root path is ""c:\windows\sysvol\domain""
Replica staging directory path is ""c:\windows\sysvol\staging\domain""
Replica working directory path is ""c:\windows\ntfrs\jet""
Windows error status code is
FRS error status code is FrsErrorMismatchedJournalId
Other event log messages may also help determine the problem. Correct the problem and the service will attempt to restart replication automatically at a later time."
Error 8/13/2012 11:31:55 AM NtFrs 13552 None "The File Replication Service is unable to add this computer to the following replica set:
""DOMAIN SYSTEM VOLUME (SYSVOL SHARE)""
This could be caused by a number of problems such as:
-- an invalid root path,
-- a missing directory,
-- a missing disk volume,
-- a file system on the volume that does not support NTFS 5.0
The information below may help to resolve the problem:
Computer DNS name is ""SERVER2011.vhf.local""
Replica set member name is ""SERVER2011""
Replica set root path is ""c:\windows\sysvol\domain""
Replica staging directory path is ""c:\windows\sysvol\staging\domain""
Replica working directory path is ""c:\windows\ntfrs\jet""
Windows error status code is
FRS error status code is FrsErrorMismatchedJournalId
Other event log messages may also help determine the problem. Correct the problem and the service will attempt to restart replication automatically at a later time."
Error 8/13/2012 8:24:36 AM NtFrs 13552 None "The File Replication Service is unable to add this computer to the following replica set:
""DOMAIN SYSTEM VOLUME (SYSVOL SHARE)""
This could be caused by a number of problems such as:
-- an invalid root path,
-- a missing directory,
-- a missing disk volume,
-- a file system on the volume that does not support NTFS 5.0
The information below may help to resolve the problem:
Computer DNS name is ""SERVER2011.vhf.local""
Replica set member name is ""SERVER2011""
Replica set root path is ""c:\windows\sysvol\domain""
Replica staging directory path is ""c:\windows\sysvol\staging\domain""
Replica working directory path is ""c:\windows\ntfrs\jet""
Windows error status code is
FRS error status code is FrsErrorMismatchedJournalId
Other event log messages may also help determine the problem. Correct the problem and the service will attempt to restart replication automatically at a later time."Level Date and Time Source Event ID Task Category
Error 8/15/2012 12:48:28 PM NtFrs 13555 None "The File Replication Service is in an error state. Files will not replicate to or from one or all of the replica sets on this computer until the following recovery steps are performed:
Recovery Steps:
[1] The error state may clear itself if you stop and restart the FRS service. This can be done by performing the following in a command window:
net stop ntfrs
net start ntfrs
If this fails to clear up the problem then proceed as follows.
[2] For Active Directory Domain Services Domain Controllers that DO NOT host any DFS alternates or other replica sets with replication enabled:
If there is at least one other Domain Controller in this domain then restore the ""system state"" of this DC from backup (using ntbackup or other backup-restore utility) and make it non-authoritative.
If there are NO other Domain Controllers in this domain then restore the ""system state"" of this DC from backup (using ntbackup or other backup-restore utility) and choose the Advanced option which marks the sysvols as primary.
If there are other Domain Controllers in this domain but ALL of them have this event log message then restore one of them as primary (data files from primary will replicate everywhere) and the others as non-authoritative.
[3] For Active Directory Domain Services Domain Controllers that host DFS alternates or other replica sets with replication enabled:
(3-a) If the Dfs alternates on this DC do not have any other replication partners then copy the data under that Dfs share to a safe location.
(3-b) If this server is the only Active Directory Domain Services Domain Controller for this domain then, before going to (3-c), make sure this server does not have any inbound or outbound connections to other servers that were formerly Domain Controllers for this domain but are now off the net (and will never be coming back online) or have been fresh installed without being demoted. To delete connections use the Sites and Services snapin and look for
Sites->NAME_OF_SITE->Servers->NAME_OF_SERVER->NTDS Settings->CONNECTIONS.
(3-c) Restore the ""system state"" of this DC from backup (using ntbackup or other backup-restore utility) and make it non-authoritative.
(3-d) Copy the data from step (3-a) above to the original location after the sysvol share is published.
[4] For other Windows servers:
(4-a) If any of the DFS alternates or other replica sets hosted by this server do not have any other replication partners then copy the data under its share or replica tree root to a safe location.
(4-b) net stop ntfrs
(4-c) rd /s /q c:\windows\ntfrs\jet
(4-d) net start ntfrs
(4-e) Copy the data from step (4-a) above to the original location after the service has initialized (5 minutes is a safe waiting time).
Note: If this error message is in the eventlog of all the members of a particular replica set then perform steps (4-a) and (4-e) above on only one of the members."
Error 8/15/2012 12:22:55 PM NtFrs 13555 None "The File Replication Service is in an error state. Files will not replicate to or from one or all of the replica sets on this computer until the following recovery steps are performed:
Recovery Steps:
[1] The error state may clear itself if you stop and restart the FRS service. This can be done by performing the following in a command window:
net stop ntfrs
net start ntfrs
If this fails to clear up the problem then proceed as follows.
[2] For Active Directory Domain Services Domain Controllers that DO NOT host any DFS alternates or other replica sets with replication enabled:
If there is at least one other Domain Controller in this domain then restore the ""system state"" of this DC from backup (using ntbackup or other backup-restore utility) and make it non-authoritative.
If there are NO other Domain Controllers in this domain then restore the ""system state"" of this DC from backup (using ntbackup or other backup-restore utility) and choose the Advanced option which marks the sysvols as primary.
If there are other Domain Controllers in this domain but ALL of them have this event log message then restore one of them as primary (data files from primary will replicate everywhere) and the others as non-authoritative.
[3] For Active Directory Domain Services Domain Controllers that host DFS alternates or other replica sets with replication enabled:
(3-a) If the Dfs alternates on this DC do not have any other replication partners then copy the data under that Dfs share to a safe location.
(3-b) If this server is the only Active Directory Domain Services Domain Controller for this domain then, before going to (3-c), make sure this server does not have any inbound or outbound connections to other servers that were formerly Domain Controllers for this domain but are now off the net (and will never be coming back online) or have been fresh installed without being demoted. To delete connections use the Sites and Services snapin and look for
Sites->NAME_OF_SITE->Servers->NAME_OF_SERVER->NTDS Settings->CONNECTIONS.
(3-c) Restore the ""system state"" of this DC from backup (using ntbackup or other backup-restore utility) and make it non-authoritative.
(3-d) Copy the data from step (3-a) above to the original location after the sysvol share is published.
[4] For other Windows servers:
(4-a) If any of the DFS alternates or other replica sets hosted by this server do not have any other replication partners then copy the data under its share or replica tree root to a safe location.
(4-b) net stop ntfrs
(4-c) rd /s /q c:\windows\ntfrs\jet
(4-d) net start ntfrs
(4-e) Copy the data from step (4-a) above to the original location after the service has initialized (5 minutes is a safe waiting time).
Note: If this error message is in the eventlog of all the members of a particular replica set then perform steps (4-a) and (4-e) above on only one of the members."
Error 8/14/2012 2:23:56 PM NtFrs 13555 None "The File Replication Service is in an error state. Files will not replicate to or from one or all of the replica sets on this computer until the following recovery steps are performed:
Recovery Steps:
[1] The error state may clear itself if you stop and restart the FRS service. This can be done by performing the following in a command window:
net stop ntfrs
net start ntfrs
If this fails to clear up the problem then proceed as follows.
[2] For Active Directory Domain Services Domain Controllers that DO NOT host any DFS alternates or other replica sets with replication enabled:
If there is at least one other Domain Controller in this domain then restore the ""system state"" of this DC from backup (using ntbackup or other backup-restore utility) and make it non-authoritative.
If there are NO other Domain Controllers in this domain then restore the ""system state"" of this DC from backup (using ntbackup or other backup-restore utility) and choose the Advanced option which marks the sysvols as primary.
If there are other Domain Controllers in this domain but ALL of them have this event log message then restore one of them as primary (data files from primary will replicate everywhere) and the others as non-authoritative.
[3] For Active Directory Domain Services Domain Controllers that host DFS alternates or other replica sets with replication enabled:
(3-a) If the Dfs alternates on this DC do not have any other replication partners then copy the data under that Dfs share to a safe location.
(3-b) If this server is the only Active Directory Domain Services Domain Controller for this domain then, before going to (3-c), make sure this server does not have any inbound or outbound connections to other servers that were formerly Domain Controllers for this domain but are now off the net (and will never be coming back online) or have been fresh installed without being demoted. To delete connections use the Sites and Services snapin and look for
Sites->NAME_OF_SITE->Servers->NAME_OF_SERVER->NTDS Settings->CONNECTIONS.
(3-c) Restore the ""system state"" of this DC from backup (using ntbackup or other backup-restore utility) and make it non-authoritative.
(3-d) Copy the data from step (3-a) above to the original location after the sysvol share is published.
[4] For other Windows servers:
(4-a) If any of the DFS alternates or other replica sets hosted by this server do not have any other replication partners then copy the data under its share or replica tree root to a safe location.
(4-b) net stop ntfrs
(4-c) rd /s /q c:\windows\ntfrs\jet
(4-d) net start ntfrs
(4-e) Copy the data from step (4-a) above to the original location after the service has initialized (5 minutes is a safe waiting time).
Note: If this error message is in the eventlog of all the members of a particular replica set then perform steps (4-a) and (4-e) above on only one of the members."
Error 8/14/2012 1:15:00 PM NtFrs 13555 None "The File Replication Service is in an error state. Files will not replicate to or from one or all of the replica sets on this computer until the following recovery steps are performed:
Recovery Steps:
[1] The error state may clear itself if you stop and restart the FRS service. This can be done by performing the following in a command window:
net stop ntfrs
net start ntfrs
If this fails to clear up the problem then proceed as follows.
[2] For Active Directory Domain Services Domain Controllers that DO NOT host any DFS alternates or other replica sets with replication enabled:
If there is at least one other Domain Controller in this domain then restore the ""system state"" of this DC from backup (using ntbackup or other backup-restore utility) and make it non-authoritative.
If there are NO other Domain Controllers in this domain then restore the ""system state"" of this DC from backup (using ntbackup or other backup-restore utility) and choose the Advanced option which marks the sysvols as primary.
If there are other Domain Controllers in this domain but ALL of them have this event log message then restore one of them as primary (data files from primary will replicate everywhere) and the others as non-authoritative.
[3] For Active Directory Domain Services Domain Controllers that host DFS alternates or other replica sets with replication enabled:
(3-a) If the Dfs alternates on this DC do not have any other replication partners then copy the data under that Dfs share to a safe location.
(3-b) If this server is the only Active Directory Domain Services Domain Controller for this domain then, before going to (3-c), make sure this server does not have any inbound or outbound connections to other servers that were formerly Domain Controllers for this domain but are now off the net (and will never be coming back online) or have been fresh installed without being demoted. To delete connections use the Sites and Services snapin and look for
Sites->NAME_OF_SITE->Servers->NAME_OF_SERVER->NTDS Settings->CONNECTIONS.
(3-c) Restore the ""system state"" of this DC from backup (using ntbackup or other backup-restore utility) and make it non-authoritative.
(3-d) Copy the data from step (3-a) above to the original location after the sysvol share is published.
[4] For other Windows servers:
(4-a) If any of the DFS alternates or other replica sets hosted by this server do not have any other replication partners then copy the data under its share or replica tree root to a safe location.
(4-b) net stop ntfrs
(4-c) rd /s /q c:\windows\ntfrs\jet
(4-d) net start ntfrs
(4-e) Copy the data from step (4-a) above to the original location after the service has initialized (5 minutes is a safe waiting time).
Note: If this error message is in the eventlog of all the members of a particular replica set then perform steps (4-a) and (4-e) above on only one of the members."
Error 8/13/2012 1:34:27 PM NtFrs 13555 None "The File Replication Service is in an error state. Files will not replicate to or from one or all of the replica sets on this computer until the following recovery steps are performed:
Recovery Steps:
[1] The error state may clear itself if you stop and restart the FRS service. This can be done by performing the following in a command window:
net stop ntfrs
net start ntfrs
If this fails to clear up the problem then proceed as follows.
[2] For Active Directory Domain Services Domain Controllers that DO NOT host any DFS alternates or other replica sets with replication enabled:
If there is at least one other Domain Controller in this domain then restore the ""system state"" of this DC from backup (using ntbackup or other backup-restore utility) and make it non-authoritative.
If there are NO other Domain Controllers in this domain then restore the ""system state"" of this DC from backup (using ntbackup or other backup-restore utility) and choose the Advanced option which marks the sysvols as primary.
If there are other Domain Controllers in this domain but ALL of them have this event log message then restore one of them as primary (data files from primary will replicate everywhere) and the others as non-authoritative.
[3] For Active Directory Domain Services Domain Controllers that host DFS alternates or other replica sets with replication enabled:
(3-a) If the Dfs alternates on this DC do not have any other replication partners then copy the data under that Dfs share to a safe location.
(3-b) If this server is the only Active Directory Domain Services Domain Controller for this domain then, before going to (3-c), make sure this server does not have any inbound or outbound connections to other servers that were formerly Domain Controllers for this domain but are now off the net (and will never be coming back online) or have been fresh installed without being demoted. To delete connections use the Sites and Services snapin and look for
Sites->NAME_OF_SITE->Servers->NAME_OF_SERVER->NTDS Settings->CONNECTIONS.
(3-c) Restore the ""system state"" of this DC from backup (using ntbackup or other backup-restore utility) and make it non-authoritative.
(3-d) Copy the data from step (3-a) above to the original location after the sysvol share is published.
[4] For other Windows servers:
(4-a) If any of the DFS alternates or other replica sets hosted by this server do not have any other replication partners then copy the data under its share or replica tree root to a safe location.
(4-b) net stop ntfrs
(4-c) rd /s /q c:\windows\ntfrs\jet
(4-d) net start ntfrs
(4-e) Copy the data from step (4-a) above to the original location after the service has initialized (5 minutes is a safe waiting time).
Note: If this error message is in the eventlog of all the members of a particular replica set then perform steps (4-a) and (4-e) above on only one of the members."
Error 8/13/2012 11:31:55 AM NtFrs 13555 None "The File Replication Service is in an error state. Files will not replicate to or from one or all of the replica sets on this computer until the following recovery steps are performed:
Recovery Steps:
[1] The error state may clear itself if you stop and restart the FRS service. This can be done by performing the following in a command window:
net stop ntfrs
net start ntfrs
If this fails to clear up the problem then proceed as follows.
[2] For Active Directory Domain Services Domain Controllers that DO NOT host any DFS alternates or other replica sets with replication enabled:
If there is at least one other Domain Controller in this domain then restore the ""system state"" of this DC from backup (using ntbackup or other backup-restore utility) and make it non-authoritative.
If there are NO other Domain Controllers in this domain then restore the ""system state"" of this DC from backup (using ntbackup or other backup-restore utility) and choose the Advanced option which marks the sysvols as primary.
If there are other Domain Controllers in this domain but ALL of them have this event log message then restore one of them as primary (data files from primary will replicate everywhere) and the others as non-authoritative.
[3] For Active Directory Domain Services Domain Controllers that host DFS alternates or other replica sets with replication enabled:
(3-a) If the Dfs alternates on this DC do not have any other replication partners then copy the data under that Dfs share to a safe location.
(3-b) If this server is the only Active Directory Domain Services Domain Controller for this domain then, before going to (3-c), make sure this server does not have any inbound or outbound connections to other servers that were formerly Domain Controllers for this domain but are now off the net (and will never be coming back online) or have been fresh installed without being demoted. To delete connections use the Sites and Services snapin and look for
Sites->NAME_OF_SITE->Servers->NAME_OF_SERVER->NTDS Settings->CONNECTIONS.
(3-c) Restore the ""system state"" of this DC from backup (using ntbackup or other backup-restore utility) and make it non-authoritative.
(3-d) Copy the data from step (3-a) above to the original location after the sysvol share is published.
[4] For other Windows servers:
(4-a) If any of the DFS alternates or other replica sets hosted by this server do not have any other replication partners then copy the data under its share or replica tree root to a safe location.
(4-b) net stop ntfrs
(4-c) rd /s /q c:\windows\ntfrs\jet
(4-d) net start ntfrs
(4-e) Copy the data from step (4-a) above to the original location after the service has initialized (5 minutes is a safe waiting time).
Note: If this error message is in the eventlog of all the members of a particular replica set then perform steps (4-a) and (4-e) above on only one of the members."
Error 8/13/2012 8:24:36 AM NtFrs 13555 None "The File Replication Service is in an error state. Files will not replicate to or from one or all of the replica sets on this computer until the following recovery steps are performed:
Recovery Steps:
[1] The error state may clear itself if you stop and restart the FRS service. This can be done by performing the following in a command window:
net stop ntfrs
net start ntfrs
If this fails to clear up the problem then proceed as follows.
[2] For Active Directory Domain Services Domain Controllers that DO NOT host any DFS alternates or other replica sets with replication enabled:
If there is at least one other Domain Controller in this domain then restore the ""system state"" of this DC from backup (using ntbackup or other backup-restore utility) and make it non-authoritative.
If there are NO other Domain Controllers in this domain then restore the ""system state"" of this DC from backup (using ntbackup or other backup-restore utility) and choose the Advanced option which marks the sysvols as primary.
If there are other Domain Controllers in this domain but ALL of them have this event log message then restore one of them as primary (data files from primary will replicate everywhere) and the others as non-authoritative.
[3] For Active Directory Domain Services Domain Controllers that host DFS alternates or other replica sets with replication enabled:
(3-a) If the Dfs alternates on this DC do not have any other replication partners then copy the data under that Dfs share to a safe location.
(3-b) If this server is the only Active Directory Domain Services Domain Controller for this domain then, before going to (3-c), make sure this server does not have any inbound or outbound connections to other servers that were formerly Domain Controllers for this domain but are now off the net (and will never be coming back online) or have been fresh installed without being demoted. To delete connections use the Sites and Services snapin and look for
Sites->NAME_OF_SITE->Servers->NAME_OF_SERVER->NTDS Settings->CONNECTIONS.
(3-c) Restore the ""system state"" of this DC from backup (using ntbackup or other backup-restore utility) and make it non-authoritative.
(3-d) Copy the data from step (3-a) above to the original location after the sysvol share is published.
[4] For other Windows servers:
(4-a) If any of the DFS alternates or other replica sets hosted by this server do not have any other replication partners then copy the data under its share or replica tree root to a safe location.
(4-b) net stop ntfrs
(4-c) rd /s /q c:\windows\ntfrs\jet
(4-d) net start ntfrs
(4-e) Copy the data from step (4-a) above to the original location after the service has initialized (5 minutes is a safe waiting time).
Note: If this error message is in the eventlog of all the members of a particular replica set then perform steps (4-a) and (4-e) above on only one of the members."
Level Date and Time Source Event ID Task Category
Error 8/15/2012 8:23:17 PM Service Control Manager 7024 None The DHCP Server service terminated with service-specific error %%20013.
Error 8/15/2012 2:45:22 PM Service Control Manager 7024 None The DHCP Server service terminated with service-specific error %%20013.
Error 8/15/2012 12:52:46 PM Service Control Manager 7024 None The DHCP Server service terminated with service-specific error %%20013.
Error 8/15/2012 12:52:38 PM Service Control Manager 7024 None The DHCP Server service terminated with service-specific error %%20013.
Error 8/15/2012 12:52:17 PM Service Control Manager 7024 None The DHCP Server service terminated with service-specific error %%20013.
Error 8/15/2012 12:48:22 PM Service Control Manager 7024 None The SQL Server (SBSMONITORING) service terminated with service-specific error %%17058.
Error 8/15/2012 12:48:02 PM Service Control Manager 7024 None The DHCP Server service terminated with service-specific error %%20013.
Error 8/15/2012 12:27:04 PM Service Control Manager 7024 None The DHCP Server service terminated with service-specific error %%20013.
Error 8/15/2012 12:25:19 PM Service Control Manager 7024 None The Windows Search service terminated with service-specific error %%-1073473535.
Error 8/15/2012 12:22:48 PM Service Control Manager 7024 None The SQL Server (SBSMONITORING) service terminated with service-specific error %%17058.
Error 8/15/2012 12:22:27 PM Service Control Manager 7024 None The DHCP Server service terminated with service-specific error %%20013.
Error 8/14/2012 8:03:57 PM Service Control Manager 7024 None The DHCP Server service terminated with service-specific error %%20013.
Error 8/14/2012 8:03:35 PM Service Control Manager 7024 None The DHCP Server service terminated with service-specific error %%20013.
Error 8/14/2012 7:52:07 PM Service Control Manager 7024 None The DHCP Server service terminated with service-specific error %%20013.
Error 8/14/2012 7:48:47 PM Service Control Manager 7024 None The DHCP Server service terminated with service-specific error %%20013.
Error 8/14/2012 7:28:40 PM Service Control Manager 7024 None The DHCP Server service terminated with service-specific error %%20013.
Error 8/14/2012 4:47:56 PM Service Control Manager 7024 None The DHCP Server service terminated with service-specific error %%20013.
Error 8/14/2012 3:41:50 PM Service Control Manager 7024 None The DHCP Server service terminated with service-specific error %%20013.
Error 8/14/2012 2:53:42 PM Service Control Manager 7024 None The DHCP Server service terminated with service-specific error %%20013.
Error 8/14/2012 2:42:26 PM Service Control Manager 7024 None The DHCP Server service terminated with service-specific error %%20013.
Error 8/14/2012 2:42:08 PM Service Control Manager 7024 None The DHCP Server service terminated with service-specific error %%20013.
Error 8/14/2012 2:23:25 PM Service Control Manager 7024 None The DHCP Server service terminated with service-specific error %%20013.
Error 8/14/2012 2:16:13 PM Service Control Manager 7024 None The DHCP Server service terminated with service-specific error %%20013.
Error 8/14/2012 1:14:33 PM Service Control Manager 7024 None The DHCP Server service terminated with service-specific error %%20013.
Error 8/13/2012 1:33:59 PM Service Control Manager 7024 None The DHCP Server service terminated with service-specific error %%20013.
Error 8/13/2012 11:48:37 AM Service Control Manager 7024 None The DHCP Server service terminated with service-specific error %%20013.
Error 8/13/2012 11:45:33 AM Service Control Manager 7024 None The DHCP Server service terminated with service-specific error %%20013.
Error 8/13/2012 11:41:43 AM Service Control Manager 7024 None The DHCP Server service terminated with service-specific error %%20013.
Error 8/13/2012 11:39:43 AM Service Control Manager 7024 None The DHCP Server service terminated with service-specific error %%20013.
Error 8/13/2012 11:31:23 AM Service Control Manager 7024 None The DHCP Server service terminated with service-specific error %%20013.
Error 8/13/2012 8:24:09 AM Service Control Manager 7024 None The DHCP Server service terminated with service-specific error %%20013.
Error 8/13/2012 8:06:13 AM Service Control Manager 7024 None The DHCP Server service terminated with service-specific error %%20013.
Error 8/13/2012 7:38:48 AM Service Control Manager 7024 None The DHCP Server service terminated with service-specific error %%20013.
Error 8/13/2012 12:55:59 AM Service Control Manager 7024 None The DHCP Server service terminated with service-specific error %%20013.
Error 8/13/2012 12:16:52 AM Service Control Manager 7024 None The DHCP Server service terminated with service-specific error %%20013. -
Hi
does Snow Leopard have DNS & DHCP services in it ? how to make those role run and configure them ?
and how to make a server a domain controller "silly Windows History in my mind"does Snow Leopard have DNS & DHCP services in it
You mean Snow Leopard Server, right? In which case, yes.
how to make those role run and configure them ?
Click a checkbox or two in Server Admin (and add your domain/network-specific data, of course).
and how to make a server a domain controller "silly Windows History in my mind
Do you intend to make a Windows domain controller? If so, you can't. Mac OS X Server includes a Samba server which can handle parts of a Windows directory system, but it can't emulate a full Windows Active Directory server which has way more elements.
On the other hand, if you just mean to create a directory server for your network then, just like the DNS and DHCP server response above, you click a couple of checkboxes in Server Admin and add your directory-specific data via Workgroup Manager (one of the bundled Server apps). -
Sles dns and dhcp; OR NOWS SBE dns and dhcp
Ok, I'm finally to the state of setting up dns and dhcp. From what I read the NOWS way is to set it up in the sbsadmin web interface. That seems to use different backend programs than the sles dns and dhcp programs. For instance I think I read that the NOWS uses dhcpd, whereas in yast it says it uses dhcp-server.
SHOULD I use the NOWS way, or the SLES way for dns and dhcp? Looks like the sles way is more easily configured and managed, but I don't know if it will not be functional for my NOWS users.Originally Posted by dwjrdto2000
After doing a lot more reading; specifically in the oes2 documentation, I am going to use the Novell dhcp and dns servers and administer them from the downloadable java console as explained in the documentation.
NOWS SBE doesn't provide a capability to manage DNS/DHCP other than by editing the config files. I would be much more comfortable doing what you are doing however you have to be careful. NOWS SBE sometimes installs modified OES components (or used to) so one never knows what to expect when deviating from a standard NOWS SBE install. -
Internet DHCP/DNS issues with WRT1900ac
I've had a WRT1900ac now for about 2 weeks and the problems seem to be escalating. Need help. And yes, I've already read dozens of threads about these issues and nothing seems to be working.
Most of the problems seem to be centered around this DHCP/DNS issue that so many have been reporting.
First, the symptoms:
Galaxy S4 phones when connected via wifi have some apps that don't update (facebook and google play)
Some computers (both Win 7) will connect to the network just fine, both wired and wireless - but won't be able to get to the internet
I've spent the last 2-3 days of my life reading forums and trying all sorts of things to get this to work properly (like my old router) and I'm still stuck. Some things I've tried:
Firmware is up-to-date (latest version: 1.1.8.164461)
Manually assigned static DNS in router config settings (connectivity -> local network) to various combinations including the router address, 8.8.8.8, 8.8.4.4, 75.75.75.75, 75.75.76.76 (I have comcast), OpenDNS addresses, etc. I read that the router address is not needed, so I stopped including it.
I manually assigned IPs and DNS on the Galaxy S4 phones and that seemed to work... but also seems unnecessary.
I've reserved DHCP addresses on the computers in question, that didn't seem to work, I also manually set DNS on one of the comupters (can't on the other... long story/not my computer) and that worked for a while and then stopped working.
The only way to get one of the computers on the internet now is to turn on the guest network (even though the computer is hard wired to the router), connect, and then the wired network works. No clue why this is, but my guess is that it needs the guest network for DNS, then it fails back over to the wired network. Once that happens, I can actually turn off the wifi on the computer and everything works great... until I reboot. Key point: I can't change any settings on that box other than entering in SSID/passphrase info for the wireless connection. I can connect to the regular (non-Guest) wifi just fine - I just can't ever get to the internet.
I've tried massaging DHCP settings on the router until I'm blue in the face - Static DNS, reserving DHCP addresses, hell I even put one of the computers in the DMZ to see if that would work and it still can't connect to the internet (it's worth noting that with my old router, Linksys WRT310N, the setup was literally plug-and-play - no hassle with any of this).
I've tried countless router reboots, factory resets, turning off my modem and router for 2+ minutes, and nothing is working.
I even read somewhere that if you modify your DHCP settings at all that the WRT1900ac stops doing DNS properly and breaks, so I even tried several "hard" factory resets and used all the default DHCP/DNS settings. And it worked... for a few hours.
Seriously, I'm at my wit's end. I'm out a lot of money on this thing and it's been one headache after another. Please help.I think for most people its a bad idea to hold out that hope, lol. It seems like a great piece of hardware but if you really need a router and don't want to have to 'play' with it, its probably not a good choice. I have an EA6900 that I am very happy with but it has the same restrictions as far as DNS and I really hate the idea that I am forced to use the smartwifi portal. I would really like for them to give me a choice of the old gui or the new one and let ME decide. Lots of routers to choose from out there now and new ones seem to be coming out all the time so do some reading and see if something suits you better. Good luck!
-
Hi all,
The ISE configuration validator says we should have DHCP snooping enabled on our network access devices (switches) so we do it. However I have never understood what this accomplishes. (In terms of ISE/NAC. I understand what DHCP snooping is).
Can anyone explain? Thanks.Thanks for the reply, Vattulu.
Interesting article/section, but I don't see where it says anything about the relationship between dhcp snooping and profiling. It seems to be talking about the use of dhcp snooping option 82 to convey the 802.1x user info to the dhcp server. The dhcp server can then act on this information to assign specific IPs to specific users. I can see how ISE would get this information via ip-helper or maybe by snmp bulk query, but don't understand how that would assist with profiling. I mean, ISE already has the 802.1x user identity from the radius request, right? Maybe you can enlighten me.
Googling around I found this article/section:
http://www.cisco.com/c/en/us/td/docs/security/ise/1-1-1/user_guide/ise_user_guide/ise_sw_cnfg.html#wp1059679
which seems to imply that dhcp snooping info can be used when applying DACLs. Interesting, because I thought that was based on the ip device tracking table only. But, it says that dhcp snooping is optional, and doesn't go into any detail.
Still digging, I would like to understand this. Thanks for your help. -
Leopard server and external DNS issues?
I am trying to setup a new leopard server for a school with the internet being streamed in from the local borough with filtering for the students via DHCP with a range of 10.x.x.50 - 10.x.x.200. I have all their details (IP, subnet, router) inc their DNS settings. Now I want to create an OD master but am going insane with DNS as the new layout is confusing things. I am using the primary zone name "schoolname.internal" and giving it the manual IP address of the ethernet card 10.X.XX.XXX, I can ping clients around me but the server will not resolve correctly, I am using the external DNS settings provided by the ISP as forwarders.
I will admit that I am still getting my head around DNS and would really like some more details into how to configure Leopard for this, Why can't I use the internal IP address setting of my server for the DNS?
Plus do I need to have DHCP running on the server for OD in Leopard if it is being given by the external borough supplier ?Ladies and gentlemen, I have the answer.
I stumbled across this accidentally when I was playing desperately in the Finder trying to get some inspiration about this issue.
The problem doesn't lie in the clients... it lies in the Server.
Here is my solution:
1. In the finder, right-click on the external drive, and select "Get Info".
2. Under "General", there should be 2 little check boxes, "Shared Folder" and "Locked".
3. Click on "Shared Folder" to put an X in it.
Thats it!
For some reason Time Machine setup didn't share the folder and so the client machines recognised it as a shared time machine backup source, but couldn't actually find it on the network because it wasn't shared.
Have fun ladies and gentlemen!! -
IPoE BNG and DHCP on the ASR9K
Hi,
can some one tell me if this is possible.
I have a bundle Interface -using ambiguous VLANS:
interface Bundle-Ether100.1
vrf customers_1
ipv4 unnumbered lo2
ipv4 point-to-point
arp learning disable
service-policy type control subscriber UFB_DHCP
ipsubscriber ipv4 l2-connected
initiator dhcp
encapsulation ambiguous dot1q any second-dot1q any
I have two loopback interfaces:
interface lo2
vrf customers_1
ipv4 address 100.64.0.1 255.255.128.0
interface lo3
vrf customers_1
ipv4 address 200.200.200.1 255.255.254.0
I am authenticating users using option82 remote-id, and DHCP for address allocation. I want to use RADIUS to send back attributes, to set the users template, and, somehow set the dhcp giaddr so that the user gets an address from the correct pool.
ie. put the user into this template:
dynamic-template
type ipsubscriber CUSTOMER
vrf customers_1
ipv4 unnumbered Loopback3
and have them then given an address in the lo3 (200.200.200.0) range. No matter what i do the dhcp giadd remains the address of the Bundle Interface.
I have tried all sorts of radius attributes:
Cisco-AVPair = 'subscriber:service-name=CUSTOMER'
Cisco-AVPair = 'subscriber:command=activate-service'
I have tried:
Cisco-AVPair= 'ipv4:ip-unnumbers=Loopback3'
Cisco-AVPair= 'subscriber:classname=lo192' - and creating a dhcp class to set giaddr
I get a "aaa_type invalid attribute, flags 0x21"
I am at a bit of loss, and am not sure if what I am wanting to do is even possible.
though if set the template statically via an onboard policy things seem to work, and my user gets an address from the correct loopback.
any help would be appreciated.
ta.Alexander,
thanks for your reply,
If I use
Cisco-AVPair = 'subscriber:sa=UFB_CUSTOMER' -> sets dynamic template
Cisco-AVPair += 'ipv4:ipv4-unnumbered=Loopback3' -> sets ipv4 loopback
I get the following form the RADIUS debug (showing template, and loopback understood by RADIUS)
RP/0/RSP0/CPU0:Nov 28 13:33:11.478 : radiusd[1120]: Radius packet decryption complete with rc = 0
RP/0/RSP0/CPU0:Nov 28 13:33:11.478 : radiusd[1120]: RADIUS: Received from id 195 202.74.33.109:1812, Access-Accept, len 121
RP/0/RSP0/CPU0:Nov 28 13:33:11.478 : radiusd[1120]: RADIUS: Vendor-Specific [26] 34
RP/0/RSP0/CPU0:Nov 28 13:33:11.478 : radiusd[1120]: RADIUS: authenticator F2 4D D3 E7 B1 E8 90 D3 - F8 77 F1 1C 28 36 E9 6C
RP/0/RSP0/CPU0:Nov 28 13:33:11.478 : radiusd[1120]: RADIUS: Vendor-Specific [26] 41
RP/0/RSP0/CPU0:Nov 28 13:33:11.478 : radiusd[1120]: RADIUS: Reply-Message [18] 26 User authenticated - UBA
RP/0/RSP0/CPU0:Nov 28 13:33:11.479 : radiusd[1120]: pack_length = 121 radius_len = 121
RP/0/RSP0/CPU0:Nov 28 13:33:11.479 : radiusd[1120]: rad_nas_reply_to_client: Received response from id : 195,packet type 2
RP/0/RSP0/CPU0:Nov 28 13:33:11.479 : radiusd[1120]: Total len = 121, Radius len = 121
RP/0/RSP0/CPU0:Nov 28 13:33:11.479 : radiusd[1120]: filter not found
RP/0/RSP0/CPU0:Nov 28 13:33:11.479 : radiusd[1120]: Decoding the attribute: Vendor-Specific, aaa_type invalid attribute, flags 0x21
RP/0/RSP0/CPU0:Nov 28 13:33:11.479 : radiusd[1120]: Decoding the attribute: Vendor-Specific, aaa_type invalid attribute, flags 0x21
RP/0/RSP0/CPU0:Nov 28 13:33:11.479 : radiusd[1120]: This is sub-string of the Loopback interface name
RP/0/RSP0/CPU0:Nov 28 13:33:11.479 : radiusd[1120]: Loopback attribute value: Loopback3
RP/0/RSP0/CPU0:Nov 28 13:33:11.479 : radiusd[1120]: Decoding the attribute: Reply-Message, aaa_type reply-message, flags 0x100
RP/0/RSP0/CPU0:Nov 28 13:33:11.479 : radiusd[1120]: Reply-Message fragments, 24
RP/0/RSP0/CPU0:Nov 28 13:33:11.479 : radiusd[1120]: , total 24 bytes
RP/0/RSP0/CPU0:Nov 28 13:33:11.479 : radiusd[1120]: RADIUS: parsing sevice 'UFB_CUSTOMER' (len 12)
RP/0/RSP0/CPU0:Nov 28 13:33:11.479 : radiusd[1120]: (rad_nas_reply_to_client) Successfully decoded the response No error: PASS
RP/0/RSP0/CPU0:Nov 28 13:33:11.479 : radiusd[1120]: (rad_nas_reply_to_client) Successfully stored the preferred server info
RP/0/RSP0/CPU0:Nov 28 13:33:11.478 : radiusd[1120]: Freeing server group transaction_id (B1000047)
output from show subscriber running:
Subscriber Label: 0xff
% No such configuration item(s)
dynamic-template
type ipsubscriber UFB_CUSTOMER
vrf customers_1
The subscriber shows up as a session:
RP/0/RSP0/CPU0:tpisp-cr02-h#show subscriber session all
Thu Nov 28 13:38:05.389 UTC
Codes: IN - Initialize, CN - Connecting, CD - Connected, AC - Activated,
ID - Idle, DN - Disconnecting, ED - End
Type Interface State Subscriber IP Addr / Prefix
LNS Address (Vrf)
IP:DHCP BE100.1.ip71 AC 100.64.0.98 (customers_1)
However..
the ip address range is from the loopback 2 address, (this is the loopback bound to the unbundled BNG interface)
My understanding is that the giaddr address should have been changed to the ip address of lo3, which is the loopback specified in the RADIUS attribute.
dhcp debug: (this is the dhcp debug that follows directly after the RADIUS debug)
RP/0/RSP0/CPU0:Nov 28 13:33:11.484 : dhcpd[1080]: DHCPD PACKET: TP1225: Process packet event, client mode: PROXY
RP/0/RSP0/CPU0:Nov 28 13:33:11.484 : dhcpd[1080]: DHCPD PROXY: TP1955: FSM called for chaddr 000c.4270.6e7c with event DPM_SUCCESS state INIT_DPM_WAIT
RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD PROXY: TP1917: Process client request called for chaddr 000c.4270.6e7c
RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD PACKET: TP1883: Giaddr not present, Set giaddr 100.64.0.1, chaddr 000c.4270.6e7c
RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD PACKET: TP571: L3 packet TX unicast to dest 202.74.33.108, port 67, source 100.64.0.1, vrf 0x60000003 (1610612739), tbl 0xe0000012 (3758096402)
RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: ---------- IPv4 DHCPD --- dhcpd_iox_l3_unicast_packet -------
RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: VRF name (id): customers_1 (0x60000003)
RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: L3 src: 100.64.0.1
RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: L3 dst: 202.74.33.108
RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: L3 dst port: 67
RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: metadata: L3 input Intf: Bundle-Ether100.1
RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: metadata: Output Intf: Null
RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: metadata: FROM: L3
RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: metadata: NETWORK_ORDER
RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: metadata: Vlan Info
RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: metadata: Vlan EtherType 1: 0x8100
RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: metadata: Vlan Priority 1: 0 (0x0)
RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: metadata: Vlan Format 1: 0 (0x0)
RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: metadata: Vlan ID 1: 101 (0x65)
RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: metadata: Vlan EtherType 2: 0x8100
RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: metadata: Vlan Priority 2: 0 (0x0)
RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: metadata: Vlan Format 2: 0 (0x0)
RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: metadata: Vlan ID 2: 23 (0x17)
RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666:
RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: op: BOOTREQUEST
RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: chaddr: 000c.4270.6e7c
RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: xid: 0x303751ed
RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: flags: 0x8000 (broadcast)
RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: ciaddr: 0.0.0.0
RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: yiaddr: 0.0.0.0
RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: siaddr: 0.0.0.0
RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: giaddr: 100.64.0.1
RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: cookie: 0x63825363
RP/0/RSP0/CPU0:Nov 28 13:33:11.486 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: option: MESSAGE_TYPE: DISCOVER
RP/0/RSP0/CPU0:Nov 28 13:33:11.486 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: option: PARAMETER_REQUEST data: "0x01-79-03-21-06-2a"
RP/0/RSP0/CPU0:Nov 28 13:33:11.486 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: option: CLIENT_IDENTIFIER data: "0x01-00-0c-42-70-6e-7c"
RP/0/RSP0/CPU0:Nov 28 13:33:11.486 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: option: HOST_NAME data: "MikroTik"
RP/0/RSP0/CPU0:Nov 28 13:33:11.486 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: option: RELAY_INFORMATION
RP/0/RSP0/CPU0:Nov 28 13:33:11.486 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: option: RELAY_INFORMATION: CIRCUIT_ID: 0x01-0f-43-48-4f-52-55-53-31-30-30-30-30-30-34-35-33
I tried changing the dynamic template to service rather than ipsubscriber, this did not make a difference. You make a reference to DHCP classname. I have defined a DHCP class, however do not know how to match or force the use of a particular class by using a RADIUS attribute.
Thanks,
Mike -
Internal and Public DNS conflict breaks mail
History:
We set up a new Mac Mini Server to replace our existing Server. The Mac Mini Server is setup behind a Time Capsule, which acts as our router and DHCP server. It also acts as our firewall on the public IP address and forwards mail to our internal server. Our situation is almost identical to the example situation on page 18 to 19 in the 'Getting Started' guide.
Our ISP acts as our DNS server and they host our public website. They also used to host our mail, but we have now moved the mail to our new in-house server. We asked our ISP to update their MX records to point to our static public IP address. Public DNS records for server.mydomain.com also resolve to this IP address.
When we originally set up the new mac mini server, the ISP had not yet updated the MX records. I am wondering if this affects how the Server sets up DNS on the local server machine?
Issue:
The local server machine on the local LAN is called server.mydomain.com, which resolves via local DNS (hosted by our server) to the server's internal IP address. (The local DNS server was setup automatically by the Server during initial installation / setup.) This conflicts with with public DNS records which identify server.mydomain.com with our public IP address at 205.200.19.225. This somehow causes confusion for the server which consequently seemingly randomly resets our domain (mydomain.com) and host name (server.mydomain.com) settings under Mail settings - which breaks our mail service. (We then edit these to the correct settings and all works again.)
I spoke to an Apple tech and they advised that we reinstall the Server operating system, using a local server name that differs from the public name. e.g. server.mydomain.lan (local) vs. server.mydomain.com (public).
*This may seem like a dumb question*: Would it be easier to keep our local host and DNS set up to server.mydomain.com and then rather have our ISP change the records for our public address / IP to mail.mydomain.com or public.mydomain.com? If we could make the change via the ISP's records versus our own, then it would save us a lot of work.
*A second potentially dumb question:* Since we rely on our ISP for DNS name servers, could we delete / stop the local DNS server for the local network and just use straight IP addresses instead?
*Plan of Action:*
Assuming that there is not an easy fix via the ISP's DNS records, then I'll reinstall the operating system and use server.mydomain.lan as the local machine and domain name. If I do this, then what should I be using as the domain and host name settings in mail? .com or .lan?
Should there be any need to manually configure DNS settings to make Mail work?Mr Hoffman and Corbywan - thanks for the interesting and educational discussion. I must admit that I am still a bit confused and would appreciate any further help in understanding this issue!
*My situation:*
- Server on a LAN, which sits behind a Time Capsule router.
- The Time Capsule router serves DHCP and Internet to the LAN and sits on our public static IP Address.
- Our ISP has set up MX and domain records to forward public requests for our domain to our static IP address.
- Time Capsule acts as our firewall and forwards Mail and other incoming services to our internal server via port forwarding.
- Local DNS service is provided by the local server so that it can provide services to the local network. Non local requests are forwarded to the ISP DNS service.
*The problem*
We seem to have established that Snow Leopard Server breaks when the internal domain name matches the public domain name, because of conflict between the internal and public DNS which resolve to different IP addresses for the same domain.
*The solution*
I am looking for the easiest and most basic way to fix this problem. My understanding is that the simplest would be to reinstall our Snow Leopard Server to a new and different local domain name.
I am thinking of using server.example.lan for our local LAN domain name - which would be resolved to our private IP address via local DNS on the local server. I would be keeping server.example.com for our public domain name - which would be resolved to our public IP address, which would be forwarded from the Time Capsule to the internal server.
Now where I start getting confused is this: If Snow Leopard Server requires a Fully Qualified Domain Name to do things like send mail, then do I need to register my internal domain name? And how would this resolve from a public DNS server to the internal private IP address? Or is it more an issue where as long as the internal (albeit 'fake') domain name does not conflict with an existing public domain name?
*Other items:*
After setup, I will verify that Snow Leopard Server has setup our local DNS correctly for local DNS service.
If I understand correctly, I would set up Mail Settings - 'Domain Name' as the local domain name: i.e. example.lan and I would set up the Host Name as server.example.lan - is this correct? Would this work if these are not FQDN?
How does the mail server reconcile these local domain names with the public domain names? I assume that I need to check the box at Mail - Settings - Advanced - Hosting: "Include server's domain as local host alias" ? Or would I manually add an alias to the Local Host Aliases under the same tab?
Thanks! -
Hi all,
i have a local DNS server for some local stuff like website,ldap and so on and the normal ISP DNS.
On Client i have entered the local DNS IP (xxx.xxx.xxx.xxx) and the ISP DNS IP (yyy.yyy.yyy.yyy).
So here is my problem when the Local DNS IP is on top of the table i can surf only the local websites but not the public. vice versa is it for when i have the ISP DNS IP on top. what can i do to surf all website, the local and the public.Your DNS is asking a "lame" server for DNS; you're not getting an authoritative response to the query.
The target DNS server for the query isn't configured correctly; the local DNS server has found a target DNS server for the domain as being authoritative for the zone, but the target DNS server is not configured as being authoritative for the zone.
i configured my router for forwarding the port 53 to my local dns, but it didn't solved the problem!
That's not what I'd choose here.
Your clients are aimed at your DNS server. Your DNS server is aimed at your ISP servers. Your firewall is set to pass DNS out, but (generally) to block inbound DNS requests. Your DHCP is set to serve your DNS server address. If you've been tossing configuration changes and such here within your clients and your DNS servers, then you may well have some stale stuff in the DNS caches, too. -
Solaris 10 zone configuration with sysidcfg and dhcp and hostname
Hi
Excuse me if I look like a n00b... it's probably because I'm a n00b.
I've been struggling in the dark for more than 2 days now and I'm wondering if I'm thinking about this all wrong...
I have stand-alone server where I need to run zones. I want to create zones and automagically configure them at boot (read: by running a script). So here's what I need...
A zone
starting from unconfigured state
whose hostname is not the same as the zone name
using corporate DHCP to get its IP address
with DNS config coming from the DHCP server
registering its address the DNS
with a preconfigured root password
(I don't own the corporate DHCP or DNS servers, I can't put my own DHCP or DNS servers on the network.)
I would lke to create the zone, throw some config at it, then boot the zone and walk away. I am using zones with exclusive-IP. I can construct the zones and manually configure them once they're started to have DHCP, my own name, registered IP address with DNS and everything else I have specified above. But I don't want to do it manually...
Sysidcfg seems to do some of what I want but not entirely.
In sysidcfg I can set the root_password, the primary interface using DHCP, DNS server. I can't set a hostname in sysidcfg AND use configure it for DHCP. So the hostname is not what I want it to be after the zone is started and ready to go. The DHCP server is providing the DNS configuration, Solaris does not seem to honour it, but i'll ignore that for the moment.
I have tried various combinations of using sysidcfg, /etc/nodename, /etc/hostname.+interface+ and /etc/dhcp.+interface+ but I can't find any combination that actually works.
I can write to the zonestorage/etc/nodename to set the nodename, that works. But it does not match the DHCP address, so I get prompted for a new name service because it can't find a DNS entry for the name.
I can write to the zonestorage/etc/hostname.+interface+ and /etc/dhcp.+interface+ (to get the system to register its name with the DNS server after getting its DHCP address) but then I get a system with no root password and no DNS configuration, even though they are set in the sysidcfg file.
I can write a script that gets part of the way using sysidcfg and /etc/... files, then boots the zone and then runs a bunch of voodoo via zlogin commands to fix all the stuff that couldn't be done 'properly', but that's not a 'boot and walk away' environment. I can write a script that uses sysidcfg and hacks around with other files in /etc (like nsswitch.conf, resolv.conf), but that just feels likes a dirty hack to fix something that wasn't done properly in the first place.
So where am I going wrong and how do I do it right (within the constraints defined)? Why can't I configure, boot and walk away?
ThanksThanks abrante
Thanks for your response!
I don't think the config is messed up after the installation. I think the installation is fine, it's just not what I want :-)
I'm trying to decouple the zonename from the system name and get DNS registrations working. After installation, a DHCP client can get its hostname from DNS but I'm trying to do it the other way around. I want the DHCP client specify its own hostname, get an address from the DHCP server and then register its hostname with DNS. If the system gets its name from DNS/DHCP then I have to configure those to provide the system name and I don't own the DHCP/DNS infrastructure. These zones are for a development/QA environment, so we create and reconfigure these frequently. Hence the need to specify the system name within the zone and register that name in the DNS.
I have tried fiddling with the PARAM_REQUEST_LIST but it does not seem to be working as I expect. :-$ Removing 12 did not help with setting the hostname from the system. DNS does not have a registered name for this system anyway, so even if it tried to get a name for this system, it would get nothing.
I also do want the DHCP to change the DNS server and domain name, but this does not happen even though my dhcpagent includes 6 and 15 in the PARAM_REQUEST_LIST. I still have to set them in the sysidcfg file because it is always ignored in Solaris (S10u8 with 10_Recommended 30-Jul-2010)
As stated, I know I can hack around with the system after it has booted. But I'm trying to configure the system before it starts and let it take care of itself and not have to touch it. Frankly I'm surprised that the sysidcfg does not allow you to set a hostname name when you are using DHCP, that the default DHCP configuration does not register the system name with the DNS server, and the DNS config from the DHCP response is ignored. Even a sys-unconfiged system requires DNS configuration during initial boot, when I know that the DHCP response contains DNS information.
FYI: Windows systems using DHCP work as expected in this respect by default, i.e. set system name, use DHCP --> system gets address from corporate DHCP, DNS settings are set from DHCP information, DNS registration is made for system name.
I'm working around this at the moment... I call my zone by the system name I want, I hardcode the DNS settings in the sysidcfg file and I create the hostname.+nic+ and dhcp.+nic+ files in the zone storage to get the system to register its name with DNS, them boot.
Edited by: cydonian on Aug 19, 2010 7:45 PM -
DHCP DNS Management Console Error
Downloaded the DHCP DNS Management Console and logged in......login error
ERROR_INCORRECT_PORT_IP
New to linux.
thanks for your helpIs this a DSfW server? Because on a DSfW server you have to use port
1636 instead of 636 to connect to the Edir side of the server.
Don't try to use port 389 (or 1389 on a DSfW server) as this does only
work on servers which are specifically configured to allow that.
W. Prindl
kvnimrls wrote:
>
>Downloaded the DHCP DNS Management Console and logged in......login
>error
>
>ERROR_INCORRECT_PORT_IP
>
>New to linux.
>
>thanks for your help -
Dear NetPros,
I have configured the Radius & Billing Servers on my Cisco AS5350 which is terminating VoIP Traffic as given below. The First two are Mind Billing Primary and Secondary Billing Servers. The Third one is a billing server from another vendor. I want to send CDR information to all the three billing servers simultaneously. Currently the gateway is only sending the Radius and Billing information to the first available server. Is there any way for the gateway to send radius and billing information to all these three servers simultaneously???? Would appreciate any help or suggestion in this area. Thanx
aaa group server radius mind
server AAA.BBB.CCC.DDD auth-port 1645 acct-port 1646
server EEE.FFF.GGG.HHH auth-port 1645 acct-port 1646
server III.JJJ.KKK.LLL auth-port 1812 acct-port 1813
radius-server host AAA.BBB.CCC.DDD auth-port 1645 acct-port 1646 key 7 XXXXXXXXXXXXXXXXXXXX
radius-server host EEE.FFF.GGG.HHH auth-port 1645 acct-port 1646 key 7 YYYYYYYYYYYYYYYYYYYY
radius-server host III.JJJ.KKK.LLL auth-port 1812 acct-port 1813 key 7 ZZZZZZZZZZZZZZZZZZZZ
Cheers
Rushabh
Senior Project Researcher
PP-Ontime Co., Ltd.
Cellular ~ 669-2047331
www.pp-ontime.co.thThe AAA "Broadcast Accounting" feature allows accounting information to be sent to multiple AAA servers at the same time; that is, accounting information can be broadcast to one or more AAA servers simultaneously. This feature allows broadcasting among "groups of servers". And each server group can define its backup servers for fail over independently of other groups.
However, the restriction is that Accounting information can be sent simultaneously to a maximum of four AAA servers.
For the scenario mentioned, in order to send billing info to all the 3 servers simultaneously, the aaa accounting command can be configured globally, as in:
aaa accounting network default start-stop broadcast group mind1 group mind2 group mind3
The individual servers in the server group 'mind' may be split across different server groups.
aaa group server radius mind1
server AAA.BBB.CCC.DDD auth-port 1645 acct-port 1646
aaa group server radius mind2
server EEE.FFF.GGG.HHH auth-port 1645 acct-port 1646
aaa group server radius mind3
server III.JJJ.KKK.LLL auth-port 1812 acct-port 1813
(Backup servers within each server-group may be defined)
Simultaneously accounting records are sent to the first server in each group. If the first server is unavailable, fail over occurs using the backup servers defined within that group. -
Hi all,
Just a quick question. Does the DHCP service in Mac OS X Server override the DHCP in a Time Capsule?
Thanks,
AndyCertainly try dedicating a DHCP pool of one IP address to a MAC address, as was described in that video. I might go as far as dedicating that IP address to a MAC address that doesn't exist on the network, as the local servers and static-addressed devices are intentionally not dependent on any DHCP requests; they're entirely static-addressed. I haven't tried this, as I don't use the particular configuration described in the video, as I prefer to avoid using the Airport or a Time Capsule as a firewall gateway router; I have and use and recommend a dedicated gateway firewall router. I also prefer to configure the Apple wireless devices as access points (what Apple refers to as bridge mode), and not as WiFi routers.
It is possible to run multiple DHCP servers for some cases — for reasons not germane to this discussion, I have three DHCP servers running on one network I deal with — so long as the DHCP server address pools don't overlap with each other or with the static addresses. Ugly, but possible.
If you can't run as an access point (bridged), then having DHCP relay in the device would be preferable. But AFAIK Apple's wireless devices don't support that operation.
My preference is a gateway-firewall device and preferably with VPN server capabilities, running Airport or Time Capsule devices as access points, and having the server or some other device running DHCP.
FWIW, that video somewhat conflates port forwarding and NAT. NAT is the address translation. Port forwarding is how you configure remote requests through that address translation. Also adding the IP address of the DNS server into the box itself as is offered in that video will likely also trigger DNS timeouts when the non-local address is selected. It did, last time I tested that. His description of setting up multiple local and remote DNS servers in the same list is also something I wouldn't recommend, as you don't want your DNS queries potentially going to the remote DNS servers as you won't get the local translations.
pfSense and various other open-source gateway-router software packages are available if you have some spare ARM or x86-class hardware with two network interface controllers, and there are also a number of commercial gateway-firewall product offerings with various features. Since I'm potentially running remote access, having the VPN server in the gateway avoids most of the various "fun" that arises with NAT traversal in a VPN; VPNs and NAT run at cross-purposes.
Maybe you are looking for
-
Adding Text to a photo...Need help
I'm new to Adobe Photoshop Elements 7. I'm following the instructions for adding text to a photo, but I can't see what I'm typing. I can see the cursur, but nothing else. I can see the text in the Layer, but not on the photo. Please help.
-
How to get a photo inside the little box in the "Lower Third" Sports Theme?
In iMovie '11, in the Sports theme, in the Text page titled "Lower Third," how can I get a picture of a person inside that little box? That sports theme comes up/shows up at the box "Set Theme": Sports. They are all a fluorescent blue, very nice for
-
Location of Links in PDF document
I have a requirement, where I need to be able to find location (X,Y coordinates) of hyperlinks in the PDF document. I understand I can convert PDF to text or XML but that does not provide me location of hyperlinks. Any help will be appreciated. Thank
-
signature drop down menu greyed out. I believe it is because I saved the pdf document after placing a signature. I'm using Adobe Acrobat Pro 9
-
How to send sales orders through XI to non sap system
Hello Experts, i need to send Sales order details from ECC to non sap system. anybody can help me to proceed with this in detailed way. i know how to send idoc through xi between sap systems. But i need between sap to non sap system. Thanks & Regards