Topic: SME and Win2k Domain

[Matt]

Apologies if this has been covered previously, my search yeilded little.

First, the standard required info:
-----------------------------------------------------------------------
- SME version - 5.6 standard, no addons.
- LAN Connection: 1 x PCI NIC
- LAN Config: Win2k Server Controlled DHCP + DNS
- ISP Connection type: Dialup/Standard Modem.

Currently Working:
-----------------------------------------------------------------------
- SME setup as private server and gateway
- SME will dial out to ISP
- SME is able to be pinged from LAN
- SME will ping address it has dialed out to (but no other external)

Problems:
-----------------------------------------------------------------------
1:Pinging any other host on WAN/Internet results in "host not found"
2: Emails to an external address (someone@anywhereelse.com) are bounced with a send failure notice, including info as follows:

(mywin2kdomain) = domain name of my Win2k Domain
(mySMEdomain) = domain name of the SME Server

Sorry, I couldnt find any host named (mywin2kdomain)

Return Path: <>
Received : (qmail 2508 invoked for bounce);
Date: ....
From: MAILER-DAEMON@(mySMEdomain)
To: admin@(myWin2kdomain)
Subject: failure notice

Hi. This is the qmail-send program at (mySMEdomain)
I'm afraid I wasn't able to deliver your message to the following addresses.
This is a permanent error; I've given up. Sorry it didn't work out.


Connected to xxx.xxx.xxx.xxx but sender was rejected.
Remote host said: 553 (myWin2kdomain) does not exist.

3: Attempts using Lynx bowser to connect to any URL fail with a message stating it is unable to locate the host etc.

-----------------------------------------------------------------------
Configuration attempts
-----------------------------------------------------------------------
1: I have attempted changing the domain name of the SME server to the same name as the Win2k domain, and different from the Win2k domain.
2: I have attempted using the domain/LAN address of the Win2k DNS server in the SME configuration, and without using the domain/LAN address.
3: I have not focused on the Email side of the SME server, because I would consider the inability of the SME server to locate any external hosts to be the primary concern, before mail settings.

-----------------------------------------------------------------------
Questions:
-----------------------------------------------------------------------
1: Are there any specific requirements or confurations required by the SME server to run on an established Win2k Domain?
2: What domain name should I be using for the SME server? Same as the existing domain or different? or doesnt it matter?
3: Would the domain be affecting the connection to the ISP? Obviously its reporting back on the emails that the Win2k domain is not known, so my guess its influencing it.


Any advice or suggestions would be greatly appreciated.
Thanks in advance.

[Matt]

Addition:
I was not intending or attempting to add the SME server to work with the users list in the Win2k Active Directory.
My searches through this forum did yeild that others were attempting to add their SME server to the local domains and use the Active Directory, by altering the Samba config on the SME server.
If this is the cause of the problems I am having, advice would be appreciated.

Another note:
The web based admin for the SME server (http://mySMEserver/server-management) is viewable, and also the webmail system, using the domain name and direct LAN IP of the SME server setup at install/config.

[James Pybus]

Never worked with linux and dialup but sounds like you have not got any external dns setup for SME to use.

HTH
James

[dave]

I think James is correct.  When you dialup to your ISP, they should provide DNS servers through the dialup connection.  If they don't, you can configure SME with DNS info by going through the configure this server option from the console menu screen.

[Matt]

>> When you dialup to your ISP, they should provide DNS servers through the dialup connection.

Yes true, as the ISP does when dialed using a PC in normal situations.
However, SME is not handling this.

My assumption was the Win2k Domain is overiding the connection.
Hence my questions.

Questions Repeated
-----------------------------------------------------------------------
1: Are there any specific requirements or configurations required by the SME server to run on an established Win2k Domain?
2: What domain name should I be using for the SME server? Same as the existing domain or different? or doesnt it matter?
3: Would the domain be affecting the connection to the ISP? Obviously its reporting back on the emails that the Win2k domain is not known, so my guess its influencing it.

[Michael Smith]

I assume you've already checked to see that your SME box isn't also acting as a DHCP server, yes?  Just making sure ...

You need to modify your Win2K's DHCP server to hand out the SME server's LAN IP address as the default gateway, and also to tell client machines that the SME machine and your ISP's DNS servers are the DNS servers they should use.  (Though since SME is a caching DNS server, it alone will suffice.)

The inability of the SME box to see the Internet is another problem entirely.  I don't think domain name as set in SME config has anything to do with this.  I'd be more inclined to suspect that you're not actually authenticating fully to your ISP.  What does ifconfig show?  

Though if you have messed with the SME configuration, trying to get it to use the Win2K server as your DNS server, that could result in the problems you're showing.  

If I were you, I would proceed thusly:  

Isolate your SME box from the rest of the network.  Return the SME box to server/gateway defaults, including letting it be a DHCP server and removing specifically any modifications to the stock DNS settings.  Re-set up your connection to your ISP, and see if the SME box sees the Internet.  If so, add one client to the mix, preferably on a separate hub or via crossover cable, and see if the SME box hands out correct information via DHCP and if the client can see the Internet.  If so, add the relevant info to your Win2K server's DHCP scope, manually add the info to your Win2K server's TCP/IP configuration so it can see the Internet if desired, and force your clients to release & renew.

If the SME box does NOT see the Internet, try another modem.  Are you using internal or external? (External is typically preferred.)  Is your SME box patched up to Update 4?

[ryan]

I use SME on a small AD domain.  First, I would NOT have dhcp tell your clients to use SME or ISP dns servers...this will screw up how Active Directory functions.   I made this mistake.  All 2k clients should be pointed to a 2k AD dns server if you are using Active Directory.   Active Directory needs Microsoft AD dns to function.  (the samba dev team is working on AD for samba....this will be cool).  

I have SME 5.6 dialing up to a earthlink dialup account using a good (us robotics) external modem.  SME is able to resolve/ping any internet address.  Maybe you should test another ISP connection, or possibly a different modem.  

I did set my AD 2k dns server to use SME as the forward server for requests not found in the local AD dns records.  When a 2k client types ping yahoo.com, it queries the AD server, which will then forward to 192.168.11.1 (sme 5.6), which then will forward to the ISP dns server which is handed down by the isp dhcp (or SME will use a root server).   Keep in mind if your AD domain ends in .com or .net or any legitimate internet domain, you can not set a forward server as AD will think it is a root server.  I use the something.lan for AD domains.  MS education classes pushed using 'something.local'.  If you end up on a broadband connection with a static IP, your forward dns server for AD dns can still be SME, or a dns server provided by your broadband service.  

hope that helps.

ryan

[Matt]

Since my original post, (without altering the SME setup) the internet connection to my ISP works, and Lynx etc will work and I can connect/browse without any problems ON the SME server. I can only put it down to a ISP side error at the time.

Reading the replies so far, and working on the problem more, I'm assuming its a DNS problem on my Win2k server. (ie: as Ryan stated, setting the forwarding for external DNS queries)


Yes - you are correct, SME isnt operating as the DHCP server, as it shouldnt be, since the Win2k server is for the LAN. So no conflicts there.



I think this may be the cause of my problems now and is something I am not able to do through my own lack of knowledge in this area.
I have no additional zones etc setup on the Win2k server, from the default DNS entries made from a clean install of Win2k server. I assume its a fairly easy thing to do, but have found no specific references in my research thus far on adding a "forward" for something like this, and I'm hesitant to simply start experimenting without an example.
I know this would realistically be more of a Win2k server question, not SME, though its necessary to be able to use SME in the Win2k domain.

Can you or anyone point me to a reference / instructions in how to do this?

Thanks to those replies so far, and in advance for any to come.

[ryan]

Matt,

I sent you an email with attachments of screen shots to your hotmail address.

ryan

[iwan]

my bet is, your dns server on windows 2000 server is configured as a root server.
simply remove the (.) on the dns server, that will enable dns forwarding.

google search turn up with this; for a more clear directions:
http://www.petri.co.il/no_forwarding_or_root_hints.htm

Iwan