Q: I have 6 computers behind a router on my cable modem. 5 of them are Windows XP and the latest Windows Server 2003. I recently decided to set up the machine as a 2K3 domain controller for Active Directory.
My motivation for doing this was so people could use the same username / password on each of the computers without the account to any computer .
Anyway, so Im setting it up, and I have no domain (. Com. Net or other), and because it was just going to be on my private network (192.168 .*) I thought I would just like a private address I chose, nix do. The name of the computer is “Shinra”.
I set it up what looks good, but when I go to login with another computer, I get an error that the system can not log you on now because the domain NIX is not available. “
Id want to get this working, can anyone point me in the right direction to get this set up? Thanks
Best Answer: Server 2003 doesn't have ICS it uses NAT. NAT requires the appropriate internal and external interfaces be added to the routing and remote access console. It also requires that a default static route be added to the routing and remote access console. For this static route the destination and network mask should be entered as 0.0.0.0. DHCP is also required to be properly configured for internal clients. You'll need to be sure that the DHCP allocator is enabled on the Address Assignment tab of the NAT/Basic firewall properties dialog box.
For NAT to be used with DNS a DNS server must be either configured on the server or specified through the DNS proxy in NAT.
Re:i have 2k3 ent edition and have dabbled with a/d on a cd microsoft gave me in one of my classes that simulates a/d with 30 differant domains and you can set and write gpo's and all kinds of cool things. but what i dont like is when it gets pushed down from the net admin it goes to everyone and it is hard to single out just one domain.?? why do you think microsoft didnt think of this problem.
Re:what do you think of active directory all together good or bad idea.???
Re:works like a charm now, thanks
Re:By the way, you usually get "domain cannot be found" errors when there are DNS problems. Make sure the client is only pointing to the domain controller for its preferred DNS server. Alternate should be left blank, unless you have another DC.
Re:The 2003 GPO refresh command is much simpler:
gpupdate /force
Re:i did exactly what it said, except for
"secedit /refreshpolicy machine_policy /enforce" because it didn't work on the win2k3 console. it gave the error message
The syntax of this command is:
secedit [/configure | /analyze | /import | /export | /validate | /generaterollback]
C:\Documents and Settings\Administrator>
Re:before i saw you replied, i reloaded win2k3 server on the server machine because of a technical problem. I then readded the workstation to the "nix" domain and when trying to logon it gives the error message:
The local policy of this system does not permit you to logon interatively.
Checked this site (http://support.microsoft.com/default.aspx?scid=http://support.microsoft.com:80/support/kb/articles/Q247/9/89.ASP&NoWebContent=1), looked like it's helping but we'll see for sure
Re:Re-add the computer account to the domain. I usually do it from the workstation itself.
0 Comments.