Topic: Domain Controller over VPN

[brentonv]

hi there. i need help trying to login an xp machine to SME Domain Controller over VPN. It says "The Domain could not be contacted" I can ping the SME Server by ip-address but not by NetBios name. Other forums suggest that this is why it can't connect (because it can't see it's name over the vpn). Suggestions are to Add Wins server? i thought SME was already a WINS server? Can anybody help please.

regards,
brenton

[brentonv]

i worked it out. the best way it seems (because it's by force and permanent) is to create a file called lmhosts (no .extension) in Windows/System32/drivers/etc and add the PDC Server details to file:

10.0.0.2   SERVER.NAME   #PRE #DOM:DOMAIN.NAME
10.0.0.2   "DOMAIN.NAME    \0x1b"   #PRE

CAPS are essential. SERVER.NAME is your server name, DOMAIN.NAME is of course your domain name and also there must be precisely 20 characters between the "inverted commas" so the domain name must be a maximum of 15 characters.

\0x1b equals PDC
\0x1c equals BDC

in dos, type nbtstat -R to refresh the NetBios name cache
type nbtstat -c to view the Netbios cache and it will now show the newly added domain

                  NetBIOS Remote Cache Name Table

        Name              Type       Host Address    Life [sec]
    ------------------------------------------------------------
    SERVER.NAME         <03>      UNIQUE          10.0.0.2            -1
    SERVER.NAME         <00>      UNIQUE          10.0.0.2            -1
    SERVER.NAME         <20>      UNIQUE          10.0.0.2            -1
    DOMAIN.NAME        <1C>      GROUP           10.0.0.2            -1
    DOMAIN.NAME        <1B>      UNIQUE          10.0.0.2            -1

to confirm that you are able to connect to the domain, type nltest /dsgetdc:DOMAIN.NAME in dos which shows:

C:\Documents and Settings\Administrator>nltest /dsgetdc:DOMAIN.NAME
           DC: \\SERVER.NAME
      Address: \\SERVER.NAME
     Dom Name: DOMAIN.NAME
The command completed successfully

This is all great, but i still wouldn't mind working out how to allow NetBios names to automatically traverse the VPN if anyone knows

regards,
brenton

[jaapie23]

I'm able to use netbios names over VPN, no additional settings required.
Are you using an older version than SME 7.0?
Are you using DHCP settings on the server to resolve IP and DNS settings?
Did you set up your clients to use static IP?

Logged in with VPN i'm able to acces all computers in the domain.
why put the remote VPN client in the domain manually?

[brentonv]

what do you use/how do you connect vpn.
i use openVPN site-to-site configuration. i have a main central system with all 8 external locations dialling in.
i have also tried using the road-warrior setup that is buit into sme and again same, no NetBios names.
i am on SME7.2 and it's the same for static or dynamic ip systems.
what are you doing different?

regards,
brenton

[jaapie23]

my SME 7.2 is in server gateway mode, with DHCP on
Clients are configured to use DHCP settings on the VPN connection.
This is not configured on the network connection, but the vpn connection.
Clients can even join the domain if connected with VPN, and can use their own login, to connect to other shares on computers in the domain.

Another SME server 6. is configured with static IP and is not providing netbiosnames.
I'm using lmhost in Windows/System32/drivers/etc then.
Clients need to connect using IP adresses to access computershares on the network, if not added to the lmhost file.


So first create VPN connection, make no changes or whatever to the connection, login with VPN, leave DOMAIN blank. Then add your computer to the domain if you wish.
Your VPNclient is now just like a normal client on the network.