Can't access network shares on domain (firewall or dns issue)
-
- I can ping all local machines in both directions
by IP or name?
- Workstations using DHCP can't access any domain file shares
I'm missing some knowledge here so it's just guesswork:
How does Win7 resolve this - still by WINS? Did you configure your W2k8 server with a WINS server as well that is promoted to the clients? -
I'm missing some knowledge here so it's just guesswork:
How does Win7 resolve this - still by WINS? Did you configure your W2k8 server with a WINS server as well that is promoted to the clients?Active Directory relies on DNS. Most installations use a domain of the form "domain.local". If the XP (?) clients are configured correctly, they should be domain members with hostnames such as pc1.domain.local, pc2.domain.local and so on. The most important aspect of this is that the domain controller MUST be the authoritative DNS server for "domain.local", which is why you specify it at the DNS forwarder in pfSense.
You should be able to do all the domain PC<->server stuff, especially F+P, without WINS enabled anywhere.
-
I can ping from the server to the workstation and from the workstation to the server by name and ip.
- Server is Windows Server R2 (Windows 2008 Server)
- Workstation is Windows 7 Ultimate (a second workstation uses XP, but it has the same issue)
- workstation is named <workstation_name>.<domain_name>.com
I could setup WINS, but I never had to use it before…
One thing I noticed is that I am not sure if the DNS forwarder works properly. The DNS server on the server shows a date of 8/2 for the workstation IP. I think that's the day when I installed pfSense which would mean that it got never renewed since then...
Is anybody here using this successfully on the OS specified above?
I normally used to setup the DNS server on my firewall (smoothwall) as a secondary, but I was assuming that the forwarder functionality does something similar.
Hopefully, somebody can help me. Wife is getting upset with me for not being able to access her files any longer... ;)
Thanks,
Jens</domain_name></workstation_name> -
- workstation is named <workstation_name>.<domain_name>.com</domain_name></workstation_name>
That'll come back to haunt you, I suspect.
One thing I noticed is that I am not sure if the DNS forwarder works properly. The DNS server on the server shows a date of 8/2 for the workstation IP. I think that's the day when I installed pfSense which would mean that it got never renewed since then…
Are you getting DHCP and DNS mixed up here? When you say "DNS server on the server", which physical server are you referring to? My Server 2003 machine doesn't have a "date" column in DNS. I would expect to see the same IP address issued to a specific PC via multiple DHCP renewals.
-
- workstation is named <workstation_name>.<domain_name>.com</domain_name></workstation_name>
That'll come back to haunt you, I suspect.
I understand that this wouldn't be the best option for a corporate environment, but this is just for home usage.
One thing I noticed is that I am not sure if the DNS forwarder works properly. The DNS server on the server shows a date of 8/2 for the workstation IP. I think that's the day when I installed pfSense which would mean that it got never renewed since then…
Are you getting DHCP and DNS mixed up here? When you say "DNS server on the server", which physical server are you referring to? My Server 2003 machine doesn't have a "date" column in DNS. I would expect to see the same IP address issued to a specific PC via multiple DHCP renewals.
Well, on a 2008 Server you actually get a time stamp for dynamic DNS entries which allows you to see when an entry was created. But I noticed that you are right about getting the same address. As long as I turn on the workstation within the expiration time of the DHCP it simply keeps the same address.
The local DNS server runs on my Windows 2008 Server.
No progress so far. I spent some time again, but I am simply stunned that it doesn't work right. It somehow seems to know that the request comes from a forwarder and not from the actual machine…
Any windows gurus here? I can't believe that I am the only one testing Windows 2008 Server. It is kind of like Windows 7. Lots of stuff to like there... Well, I should say better than Vista I guess... ;)
Thanks,
Jens -
It turns out that something got messed up in the network configuration of the server. I have two network adapters and one of them is used for Hyper V. I eventually became suspicious about Hyper V and so I simply deleted and re-created the virtual adapter linked to my second adapter. While doing so I got an error message, but eventually things went back to normal (involved a few resets) and everything works just great again. Not sure what has caused it. I know for sure that nothing got changed on the server since I installed pfSense…
Anyhow, I am happy and everything works just great now!
Thanks,
Jens -
How possibly can you be happy with Windows? ???
-
I am not and I already try to avoid using it whenever possible. My laptop is a mac! :)
However, on the server side I just don't see too many other options. I mean I know I could some stuff in Linux, but it would require me much more time to get into it…
What are you using?
Thanks,
Jens -
However, on the server side I just don't see too many other options. I mean I know I could some stuff in Linux, but it would require me much more time to get into it…
What are you using?
It always depends on what your requirements are. If you only need a file server, FreeNAS will do the job nicely. File + Print? ClarkConnect.
-
It turns out that I only resolved part of the problem. I can now access my file shares again, but the local workstation still shows as "unauthenticated". However, I am starting to wonder if this is a bug in Windows 7 since it doesn't seem to have an impact on anything…
Bern, I am running a web server, a mail server and a database on my windows server. I know that I can probably do the same on Linux, but my knowledge in Linux isn't the greatest and so I feel that I would just set myself up for trouble... ;)
On the plus side I also have trixbox which runs on linux in my environment as well. However, that also gives me more than enough trouble at times... ;)
I figured I should update my findings here in case somebody else runs into the same problem.
Thanks again to everybody trying to help!
Cheers,
Jens
