Small network - Windows2003 as server. Help!

KuRe · Post by **KuRe** » Sat Jul 31, 2004 8:24 pm

I have a small network of <10 computers and would like to set up a Windows 2003 server box as the server to share the internet/files/printer/etc. Could you guys give me some tips on how to accomplish this? What do I need to set up?

Post by **YeOldeStonecat** » Sun Aug 01, 2004 8:44 am

This is no small task...a bit too large of a task to think a short walkthrough of steps over a forum will help.

Do you have any prior experience with administrating NT servers? Installing a server OS, creating a domain, be it public or just .local, configuring DNS forwarding, setting up Active Directory.

Will you have Win9X machines on the network? You'll want to install the WINS service also to handle broadcast requests for them. Just 2K/XP clients? The DNS service it will install is fine.

WinNT clients will have to be properly joined to the domain, and use the servers IP as their one and only DNS server.

You'll need a server grade antivirus software

NT server comes with 5 CALs by default, you'll need to purchase additional CALs for the other computers.

Personally I'd stick with a router for sharing internet, not have the server hang a WAN NIC out there to invite trouble.

JackMDS · Post by **JackMDS** » Sun Aug 01, 2004 2:29 pm

May be this can Help: Windows2003 for Home/SOHO Networks.

KuRe · Post by **KuRe** » Sun Aug 01, 2004 8:32 pm

Well after some reading...I've managed to get the server to act as a Domain controller, DHCP, DNS, Streaming Media, NAT server...

One question though, whenever I try to get a client computer to join the server's domain, I need to set its dns address in TCP/IP settings to the server ip for it to find the domain. For example, if I do not type in 192.168.0.1 as the DNS entry, when I try to join home.local domain, it cannot find it. However, when I DO type it in and try again, I can join. Is there any way to avoid this?

Post by **YeOldeStonecat** » Mon Aug 02, 2004 6:34 am

KuRe wrote:Well after some reading...I've managed to get the server to act as a Domain controller, DHCP, DNS, Streaming Media, NAT server...

One question though, whenever I try to get a client computer to join the server's domain, I need to set its dns address in TCP/IP settings to the server ip for it to find the domain. For example, if I do not type in 192.168.0.1 as the DNS entry, when I try to join home.local domain, it cannot find it. However, when I DO type it in and try again, I can join. Is there any way to avoid this?

You don't want to avoid that...you NEED to have all NT workstations have your DC as their one and only DNS server. As I stated in the 4th line in my first reply. You do not use your ISP's DNS servers...you use your DCs DNS for both itself, and for the clients.

If your server is that 192.168.0.1 address, in your servers TCP properties, it should have itself as its one and only DNS server. And for all workstations, NT OS workstations MUST have 192.168.0.1 as their one and only DNS server. Your Win9X workstations should have it to, to cut down on broadcast and falling back on WINS as much.

2K and XP rely on DNS for local name resolution as well as internet surfing...therefore DNS MUST be configured properly, else you'll always have hiccups, have lots of broadcasts and poor name resolution across your network.

The one and only place you should have your ISP's DNS servers on any computer on your network, as under your DNS servers forwarding tab..found under the properties of your DNS server in MMC.

KuRe · Post by **KuRe** » Mon Aug 02, 2004 8:57 pm

Thanks for the response.

Howwweevverr.. I've managed to somehow cut out the internet connection from every computer (even the server) from just installing my printer. What did I do wrong? The server server can't even access the internet, and the cable modem is directly connected to it!

Right now I'm using a client computer to directly connect to the cable modem. I know there is something wrong with my domain setup because once I left the domain (on this client computer) the internet works fine.

KuRe · Post by **KuRe** » Tue Aug 03, 2004 12:00 am

Well I managed to get my internet working again, by doing a simple, but inefficient reinstall of Active Directory. I still have yet to find out what I did wrong. Any ideas?

KuRe · Post by **KuRe** » Tue Aug 03, 2004 1:49 am

Well, after it happened AGAIN, I actually gave support.microsoft.com a try, and lo and behold, there was my answer. I had a problem where my clients would try to access a server role before the actual role was ready on the server, therefore causing event errors in my event log.

Post by **YeOldeStonecat** » Tue Aug 03, 2004 6:33 am

KuRe wrote:I had a problem where my clients would try to access a server role before the actual role was ready on the server, therefore causing event errors in my event log.

Can you explain this further? What event log ID and quotes? Was DNS not functioning?

You basically have it setup secure NAT? (2K servers fancy version of ICS)
I'm not fond of that, my choice would be a single NIC server, have everyone behind a router. You have your external NIC (WAN NIC) of the server exposed...hanging its butt out in the internet for everyone to rape. But....troubleshooting internet connection sharing shouldn't be too hard.

supahfatpipe · Post by **supahfatpipe** » Tue Aug 03, 2004 9:42 am

KuRe wrote:The server server can't even access the internet, and the cable modem is directly connected to it!

You are headed for a MAJOR disaster. A server machine with multiple clients connected, and connected DIRECTLY to the internet? I would be very surprised if you have not already been hacked.

I would highly recommend good anti-virus, good spyware removal tools. Install and run. Only AFTER you put the server behind a hardware router/firewall.

Post by **YeOldeStonecat** » Tue Aug 03, 2004 9:44 am

What' the Local Address Table list?

KuRe · Post by **KuRe** » Tue Aug 03, 2004 8:12 pm

Alright I'm taking your advice. For the router settings (ISB SOHO) what do I disable/enable? (NAT/DHCP/etc.) Just wondering... the NAT on the router IS the firewall, right?

KuRe · Post by **KuRe** » Tue Aug 03, 2004 9:29 pm

Okay, I now have the server and all of the clients behind my ISB Router. the ISB is handling the NAT while my server is doing the DHCP and the DNS for the clients. Does this sound right?

Post by **YeOldeStonecat** » Tue Aug 03, 2004 9:45 pm

Yes to both prior posts. Router is NAT which is your firewall, and you want your server to run DHCP and DNS. All workstations must use your servers LAN IP as their DNS, server must use itself as it's DNS also.

KuRe · Post by **KuRe** » Tue Aug 03, 2004 9:52 pm

Alright, gotcha. Now, if I wanted to forward ports TCP 81 to a client computer, where would I do that? In the router?

m4a2t0t · Post by **m4a2t0t** » Tue Aug 03, 2004 10:46 pm

ya you do that in your router