Can I set up Active Directory without DHCP

March 23, 2011 at 11:57:44
Specs: Windows 20008 server
I am trying to set up a small domain for my business. I just purchased a Windows 2008 server and would like to use it as my domain controller.

Also, I just had a new ATT DSL line put in. It came with a 2Wire modem/4-port router/wireless router device, therefore the modem can handle DHCP. The line has a static IP address as well so that I can eventually use my own exchange server and web server.

I have tried 2 different configurations and couldn't get either to work so I am looking for some advice.

1) I tried to put the router into Bridged Mode and use DHCP server on my server using a PPPoe connection to connect to the Internet. I was confused as to what my static IP address and default gateway of my server should be.

2) Then I tried to turn DHCP server off on the server and routing back on the modem/router. This didn't work either.

What method would you recommend and why?

Also I have some additional questions on each method.
Method 1)
* What is the static IP address of the server. Is it in the 192.168.1.x address or the static IP assigned to my account?
* Do I need a second Nic Card And Router to connect to the rest of my network or can I use the router provide
* What would the Static IP addresses of the additional PC be. Do I need more than 1 static IP from AT&T


Method 2)
* Will this allow me to use all internal IP addresses on my machines and use port forwarding if I want a specific box to be a web server or exchange server.


See More: Can I set up Active Directory without DHCP

Report •


#1
March 23, 2011 at 12:40:01
I would:

Set the router up as a normal router.

Use the Windows DHCP server rather than the router one.

Assuming the router is using an internal address of 192.168.1.1, give the server the static IP address 192.168.1.2, netmask 255.255.255.0, gateway 192.168.1.1.

Let the Windows DHCP router assign addresses in the range 192.18.1.10-192.168.1.254.

The static address of the router is used only for connections to and from the outside world. If you want to run a web server and/or mail server then use port forwarding on the router to forward the appropriate ports to computer hosting the service.

Let your server provide DNS also, forwarding external requests to your ISP's DNS server.


Report •

#2
March 23, 2011 at 12:56:59
Fist things first, get your internet setup and working.

Because this is a server and you say you want to have a windows domain, you will want to give the server a static LAN IP address. If your router's LAN IP is 192.168.1.1, then give your server 192.168.1.10 The rest of the settings (for now) will be as follows:

Subnet Mask: 255.255.255.0
Default Gateway: 192.168.1.1
DNS: 192.168.1.1


The line has a static IP address as well so that I can eventually use my own exchange server and web server.

Your ISP will have provided you with these TCP/IP settings. These need to be applied to the WAN side of your router.

I'm not sure why you set the router into bridged mode in step 1, but you shouldn't have to and that could be why nothing worked.

What method would you recommend and why?

Once you have the internet working, your question is, should you run DHCP on the server, or on the router. If it were me, I'd do it on the router. The main reason I would do it that way is it takes that load (albeit a small one) off the DC.

If you don't mind a suggestion, I highly recommend you hire a qualified professional to help you get this setup. Especially if you want to run a windows domain. I can tell you don't have a lot of experience with this and attempting to get this all setup and working yourself is going to be problematic.

It matters not how straight the gate,
How charged with punishments the scroll,
I am the master of my fate;
I am the captain of my soul.

***William Henley***


Report •

#3
March 23, 2011 at 16:10:52
DNS: 192.168.1.1

sorry but dns should be 192.168.1.10 which is the ip of the server running dns.

otherwise it will not be able to resolve lan names because it won't be talking to its dns server.

Answers are only as good as the information you provide.
How to properly post a question:
Sorry no tech support via PM's


Report •

Related Solutions

#4
March 23, 2011 at 16:18:17
Thanks for the help.

The router was put into bridged mode because ATT provided me with one device that was a DSL modem and router combined. Great for a home network because you don't have to buy a wireless router. In order to turn off DHCP, you have to put it into bridged mode.

With it in Bridged mode, I have to set up a PPPoe connection from the server.

One of the things that confused me was the technician that partially installed the system told me that in Bridged mode, my server would obtain the external static IP address they gave me. I think I also was told this by one of their people in tech support. In fact, they advised me to have this modem/router replaced with a standalone modem.

When I have DHCP running on the server, it refuses to connect to the internet until I turn DHCP off on the router.

It is amazing to me I subscribed to an AT&T business DSL line, yet I have not been able to speak with anyone in the company that knows how I should connect using Windows Server 2008. I get a lot of conflicting information from them.


I put the modem back into bridged mode, set up the DHCP server as described by ijack. Then when I tried stating up the PPPoe Connection, I received an error stating that in could not resolve the address. I have DNS server running on the serving and I have that set as my Primary DNS.

Any more suggestions.


Report •

#5
March 23, 2011 at 16:20:29
Why should the dns be 192.168.1.10 if my server address in 192.168.1.2 and I have dns running on my server?

Report •

#6
March 23, 2011 at 16:55:50
It is incorrect that you have to put the router into bridge mode to shut off dhcp.

By doing what you did you just put yourself raw in the internet. You are now fair game for port trojans and hackers.

Hope you are ready for this....you need to put your own router between the server and the bridged router asap.

Curts suggestion was .10 which is what I was following. Point is for local name resolution to work both the work stations and the server need to point to the server dns server. You also need to configure forwarding as suggested by ijack at the end of his post.

Answers are only as good as the information you provide.
How to properly post a question:
Sorry no tech support via PM's


Report •

#7
March 23, 2011 at 17:14:26
Ok. Thanks for the the clarification.

I was afraid of that.

I was afraid of taking the DSL connection straight into my server. I thought it would create all sorts of security issues for me.

If I put the router in between, do I need to set up the PPPoe connection from the router and turn DHCP off on that.


Report •

#8
March 23, 2011 at 20:19:01
exactly right. get a router that supports ppoe. much better to be in control of your internet than the provider.

sure were right about the security concerns :-)

understand the part about configuring the forwarders in your dns server?

Answers are only as good as the information you provide.
How to properly post a question:
Sorry no tech support via PM's


Report •

#9
March 25, 2011 at 08:37:33
Ok. I am making some progress.

I took the modem out of bridged mode and performed the PPPoe connection from the modem.

Then I hooked it up to a laptop and was able to get an internet connection.

Disconnected the laptop and put the DSL into the broadband of port of a Cisco router.

Hooked the cisco router up to my server and turned DHCP off on the cisco router.

Tried to connect to the internet from the server. I no longer get a message about turning DHCP off on the router but I still don't get an Internet connection

When I try to ping an external IP address, I get the following message

Reply from 192.168.1.1.: Destination net unreachable

192.168.1.1. is the address of the Cisco router. Is there anything else I need to set up on the router so that it can connect to the internet.


Report •

#10
March 25, 2011 at 09:21:49
post a ipconfig /all from the server and the laptop when both are connected to the router.

Answers are only as good as the information you provide.
How to properly post a question:
Sorry no tech support via PM's


Report •

#11
March 25, 2011 at 09:40:26
They are both connected and can see each other but they can't connect to the laptop.

I think the problem is with the Cisco router. When I look at the status, it doesn't look like the internet is properly connected. What type of Internet connection should I use? I have a PPPoe connection at the modemDo I need to do another PPPoe connection at the router or should I use another type.

Joe


Report •

#12
March 25, 2011 at 11:09:33
do you know how to post a ipconfig /all?

if everyone is getting a correct ip address and two can "see" each other the issue has nothing to do with the router, or ppoe. Ppoe belongs only where it is now.

Most likely the laptops firewall is not allowing access from the other two machines. this is assuming its is configured correctly network wise.

Answers are only as good as the information you provide.
How to properly post a question:
Sorry no tech support via PM's


Report •

#13
March 25, 2011 at 11:16:20
Thanks,

I contacted at&t and they said they are currently experiencing a service outage in my area.

I will retry later.

The machines can see each other. It is the internet connection that I am having issues with.


Report •

#14
March 25, 2011 at 11:39:26
On the router, I have set the Internet connection to "Automatic - DHCP" and I have turned DHCP off.

When I check the status, my IP is 127.0.0.1 and my subnet mask is 255.0.0.0,

Is this normal?
-


Report •

#15
March 25, 2011 at 11:55:20
"On the router, I have set the Internet connection to "Automatic - DHCP" and I have turned DHCP off."

Sounds good. Have you enable dhcp on the server yet?

"Is this normal?"

No. Unclear where you are checking "status".

Answers are only as good as the information you provide.
How to properly post a question:
Sorry no tech support via PM's


Report •

#16
March 25, 2011 at 12:11:28
The router was put into bridged mode because ATT provided me with one device that was a DSL modem and router combined. Great for a home network because you don't have to buy a wireless router. In order to turn off DHCP, you have to put it into bridged mode.

If you're physically plugging the second router into the combo unit (combination modem/router) then you don't use bridge mode.

If you click on my name above in my response and read my "how-to" guide titled, "◦Add a second Router to your LAN" it will give you details on how to interconnect the two routers. You'll want to use the "LAN port to LAN port" connection scenario since you'll only be using one subnet. This will get rid of having to use bridge mode.


If you're connecting wirelessly, then you'd have to put one in bridge mode but if it were me, I'd go with the wired solution in this case.

Curts suggestion was .10 which is what I was following. Point is for local name resolution to work both the work stations and the server need to point to the server dns server. You also need to configure forwarding as suggested by ijack at the end of his post.

I said to use something like 192.168.1.10 because you hadn't specified what your server's IP was (you since said it was 192.168.1.2) and I was just giving an example. When you read my guide, you'll see I have .1 as the first router's LAN IP and I then use .2 for the second. This is why I said use .10 for the server. No biggie, you can configure whatever IP's you want as long as the static IP's you use are outside the DHCP Scope you have configured.

It matters not how straight the gate,
How charged with punishments the scroll,
I am the master of my fate;
I am the captain of my soul.

***William Henley***


Report •

#17
March 25, 2011 at 19:33:57
I read the how to guide "◦Add a second Router to your LAN" and it made a lot of sense. My setup is a little closer to Setup 2 except that I am running WIndows Server 2008 and it want to run its own DHCP server.

My current setup is I have my DSL modem/router connected to the internet using a PPPoe connection. AT&T has a little weird thing going on with the connection. When you first connect and try to go to a web page, it redirects you an AT&T page which downloads some software that changes some setting on the modem. Once I get this done, I can connect a PC to the router and get an Internet connection.

Then I have a Linksys router. I connect the modem to to the Linksys router through the Internet/Wan slot.

I am trying to figure out how to configure this router with DHCP off.

It sounds like I need to use Static IP Internet Connection from the router as opposed to using PPPoe on this router.


Report •

#18
March 26, 2011 at 06:13:25
My setup is a little closer to Setup 2 except that I am running WIndows Server 2008 and it want to run its own DHCP server.

Ok, I've said it before, I'll say it one last time.................

If you only have one subnet, you want to use "Version 1" which is the "LAN port to LAN port" scenario for your setup. The ONLY reason you would want to use Version 2 is if you have more then one subnet and you need to route between them.

You really need to keep the "KISS" principle in mind when working in IT.

KISS = keep it simple stupid (not pointing this at you, it's what it stands for and in the IT business, you want to live by this credo)

By interconnecting your two routers going from a LAN port on the primary (the one connected directly to the internet) to the WAN port on the downstream router you overcomplicate a simple situation and it's no wonder you can't get it to work.

Without meaning to be rude..........stop it! Listen to me and connect the second (downstream) router as per Version 1 of my guide. Disable DHCP in the router via it's management interface. I've never seen one yet that you couldn't do that. Then you can either use DHCP from the primary router, or if you're prefer to use it on your DC, disable DHCP on the upstream router as well.

The ONLY router that needs to be configured to connect with PPoE is the one that connects to the internet. The other router, the downstream one, doesn't require anything fancy and if you do listen to me, you can have everything setup and working in less than 30 minutes. If you don't, well, I can't make you listen and I'm done talking. There's no point in telling someone the right way to do something if they're not going to listen.

It matters not how straight the gate,
How charged with punishments the scroll,
I am the master of my fate;
I am the captain of my soul.

***William Henley***


Report •


Ask Question