Domain controller is not listed in my network places

[chris]

Hi
My sytem is running as mail server and domain controller
for my corporate network.When I open my network places I
can see all other computers except the domain
controller.As a result I am unable to add my mail server's
name in Norton anti virus filter .My server is having 2
network cards .I edit hosts file also to get the name.The
server is a part same lan
Please help to get my domain controllers name inmy network
places

Chris

 

[Ace Fekay [MVP]]

In

Hi
My sytem is running as mail server and domain controller
for my corporate network.When I open my network places I
can see all other computers except the domain
controller.As a result I am unable to add my mail server's
name in Norton anti virus filter .My server is having 2
network cards .I edit hosts file also to get the name.The
server is a part same lan
Please help to get my domain controllers name inmy network
places

Chris

Normally we recommend not to multihome a DC due to various problems
associated with such. Is this also a DNS server? Makes it a bit more
intriguing. What I could recommend to alleviate this, assuming that one of
the NICs is to the outside world, possibly offering NAT or just as a router.
This is under the assumption that the two NICs are NOT teamed.

1. Outside NIC:
Disable NetBIOS
Disable MS Client Service
Disable F&P Services
2. In DNS (if DNS is on it)
Interface tab of properties, only listen to internal IP

The above should take care of the NetBIOS issues with not registering on the
network. You can also view its registration by using nbtstat -n.

Now if this DC is also a DNS server, more to come...

3. Now this part is to ensure the outside NIC's IP does not register itself
or it will create some issues with the LdapIpAddress, which normall creates
a record under the zone that looks like this below, but what happens is it
creates two of them, and we don't want that to occur:
(same as parent ) A 192.168.5.200 (or whatever the IP is)
Also, it creates an extra GC address, called the GcIpAddress. We just
want the internal NIC to register.

So in the registry, we'll need to kill these two things. To do that...
Add the
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters
Registry value: DnsAvoidRegisterRecords
Data type: REG_MULTI_SZ
Value: LdapIpAddress
Value: GcIpAddress

4. Then manually create the (same as parent) record with using the internal
IP.
5. Manually create the GC record under the _msdcs._gc zone.

So you can see its really recommended to multihome a non-DNS member server
rather than a DC and especially a DC/DNS server. I know SBS you don't have
much choice, but it's administrative overhead to take care of it.

--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services

Security Is Like An Onion, It Has Layers
HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.

 

[chris]

No two NIC are for the same LAN

-----Original Message-----
In chris <[email protected]> made a post then I commented
below

Normally we recommend not to multihome a DC due to various problems
associated with such. Is this also a DNS server? Makes it a bit more
intriguing. What I could recommend to alleviate this, assuming that one of
the NICs is to the outside world, possibly offering NAT or just as a router.
This is under the assumption that the two NICs are NOT teamed.

1. Outside NIC:
Disable NetBIOS
Disable MS Client Service
Disable F&P Services
2. In DNS (if DNS is on it)
Interface tab of properties, only listen to internal IP

The above should take care of the NetBIOS issues with not registering on the
network. You can also view its registration by using nbtstat -n.

Now if this DC is also a DNS server, more to come...

3. Now this part is to ensure the outside NIC's IP does not register itself
or it will create some issues with the LdapIpAddress, which normall creates
a record under the zone that looks like this below, but what happens is it
creates two of them, and we don't want that to occur:
(same as parent ) A 192.168.5.200 (or whatever the IP is)
Also, it creates an extra GC address, called the GcIpAddress. We just
want the internal NIC to register.

So in the registry, we'll need to kill these two things. To do that...
Add the
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlog
on\Parameters
Registry value: DnsAvoidRegisterRecords
Data type: REG_MULTI_SZ
Value: LdapIpAddress
Value: GcIpAddress

4. Then manually create the (same as parent) record with using the internal
IP.
5. Manually create the GC record under the _msdcs._gc zone.

So you can see its really recommended to multihome a non- DNS member server
rather than a DC and especially a DC/DNS server. I know SBS you don't have
much choice, but it's administrative overhead to take care of it.

--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services

Security Is Like An Onion, It Has Layers
HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.
--
=================================


.

 

[Ace Fekay [MVP]]

In

No two NIC are for the same LAN

Are they teamed?

Do they have different IP addresses? Can you elaborate why it's setup this
way?

If not teaming them, that can be problematic with two NICs on the same
segment and may be the cause of the whole problem.

--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services

Security Is Like An Onion, It Has Layers
HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.

 

[Phil]

Hi Ace
I'm having a similar problem and your comments below are very interesting.
When I go to add the reg key, how do I get the multi_sz? I'm only being
offered binary, dword, string.
Thanks
Phil
Ace Fekay [MVP] wrote:
[snip]

 

[Jerold Schulman]

You are using the wrong registry editor.

The Windows 2000 Registry Editor is regedt32.exe.

Regedit.exe works for many things, but not all, like REG_MULTI_SZ data types.

Hi Ace
I'm having a similar problem and your comments below are very interesting.
When I go to add the reg key, how do I get the multi_sz? I'm only being
offered binary, dword, string.
Thanks
Phil
Ace Fekay [MVP] wrote:
[snip]

Normally we recommend not to multihome a DC due to various problems
associated with such. Is this also a DNS server? Makes it a bit more
intriguing. What I could recommend to alleviate this, assuming that one of
the NICs is to the outside world, possibly offering NAT or just as a router.
This is under the assumption that the two NICs are NOT teamed.

1. Outside NIC:
Disable NetBIOS
Disable MS Client Service
Disable F&P Services
2. In DNS (if DNS is on it)
Interface tab of properties, only listen to internal IP

The above should take care of the NetBIOS issues with not registering on the
network. You can also view its registration by using nbtstat -n.

Now if this DC is also a DNS server, more to come...

3. Now this part is to ensure the outside NIC's IP does not register itself
or it will create some issues with the LdapIpAddress, which normall creates
a record under the zone that looks like this below, but what happens is it
creates two of them, and we don't want that to occur:
(same as parent ) A 192.168.5.200 (or whatever the IP is)
Also, it creates an extra GC address, called the GcIpAddress. We just
want the internal NIC to register.

So in the registry, we'll need to kill these two things. To do that...
Add the
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters
Registry value: DnsAvoidRegisterRecords
Data type: REG_MULTI_SZ
Value: LdapIpAddress
Value: GcIpAddress

4. Then manually create the (same as parent) record with using the internal
IP.
5. Manually create the GC record under the _msdcs._gc zone.

So you can see its really recommended to multihome a non-DNS member server
rather than a DC and especially a DC/DNS server. I know SBS you don't have
much choice, but it's administrative overhead to take care of it.

Jerold Schulman
Windows: General MVP
JSI, Inc.
http://www.jsiinc.com

 

[Phil]

Thanks Jerold, yes I slipped up there, appreciate your response, now on with the
job...

You are using the wrong registry editor.

The Windows 2000 Registry Editor is regedt32.exe.

Regedit.exe works for many things, but not all, like REG_MULTI_SZ data types.

[snip]

 

[Ace Fekay [MVP]]

In

Thanks Jerold, yes I slipped up there, appreciate your response, now

You are using the wrong registry editor.

The Windows 2000 Registry Editor is regedt32.exe.

Regedit.exe works for many things, but not all, like REG_MULTI_SZ
data types. [snip]

Please post back and let us know if this procedure helped out.

Thanks,
Ace