DHCP Server Errors
-
Saturday, January 19, 2013 7:39 PM
Our server is running 2008R2 Enterprise. It's running DNS, AD, Exchange, and DHCP.
I'm seeing the following errors on our server:
Event ID 1059, Source DHCP-Server
The DHCP service failed to see a directory server for authorization.
Event ID 10020 DHCP-Server:
This computer has at least one dynamically assigned IPv6 address.For reliable DHCPv6 server operation, you should use only static IPv6 addresses
Any ideas on how to fix this?
All Replies
-
Saturday, January 19, 2013 10:02 PM
Make sure you have working name resolution. For this you can test using dcdiag /test:DNS. Please post here the output along with ipconfig /all.
Have you checked this article? http://technet.microsoft.com/en-us/library/cc774849(v=ws.10).aspx
Have you tried restarting the Netlogon Service?
Also about the second error you can ignore it. It says that you have a link local ipv6 address which is automatically assigned. Link Local is like APIPA.
-
Sunday, January 20, 2013 12:27 AM
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server =ABCD-SERVER08
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\ABCD-SERVER08
Starting test: Connectivity
......................... ABCD-SERVER08 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\ABCD-SERVER08
Starting test: DNS
DNS Tests are running and not hung. Please wait a few minutes...
......................... ABCD-SERVER08 passed test DNS
Running partition tests on : ForestDnsZones
Running partition tests on : DomainDnsZones
Running partition tests on : Schema
Running partition tests on : Configuration
Running partition tests on : ABCD
Running enterprise tests on : ABCD.local
Starting test: DNS
......................... ABCD.local passed test DNSIPCONFIG /ALL:
Windows IP Configuration
Host Name . . . . . . . . . . . . :ABCD-SERVER08
Primary Dns Suffix . . . . . . . : ABCD.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : ABCD.local
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connection
Physical Address. . . . . . . . . : 00-0C-29-9A-47-27
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::19bb:83ca:bcd9:5df0%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.10(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.0.2
DHCPv6 IAID . . . . . . . . . . . : 234884137
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-F4-21-86-00-0C-29-9A-47-27
DNS Servers . . . . . . . . . . . : ::1
192.168.0.10
127.0.0.1
127.0.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter isatap.{17FA9FD7-A3DD-41FE-9039-0C12EDB47A1D}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Teredo Tunneling Pseudo-Interface:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : YesI looked at that article but it was sounding as though it was referring to two different servers: An DC server and a DHCP server. This server is running both services. Probably not best to have this server as a DC, AD, DNS server, DHCP server, and exchange server, but this is what the client wanted despite us suggesting that he at least put exchange on a different server.
-
Sunday, January 20, 2013 2:31 AM
Exchange on a DC is really not ok, even the setup warned you, but let pass over that. (your custumer wanted a homemade SBS.. and the cost of you installing it and the license surelly bypass by 2 the cost of a SBS)
I think it has to do with IPv6. If your DHCP work for IPv4 I would ignore those errors. Just double check to be sure on your NIC that you are not setupped as DHCP client on it (thus someone could give you a DHCP's bail in IPv6 on that card) (and yes, it's a security's hole)
Exchange need IPv6 during the setup, it's hard to bypass if you don't know, but if your entire DC was not setupped for IPv6 (bind in the DNS in exemple), then your IPv6's setup is surelly not ok in the end. (like http://www.virtualizetheworld.com/2010/09/disabling-ipv6-on-server-20082008r2.html) My guess is that IPv6 was enabled to make the setup, and it leave you with the default's option, like the dhcp's setting on the card.
MCP | MCTS 70-236: Exchange Server 2007, Configuring
Twitter - @yagmoth555 (
)
Blog: http://www.jabea.net | http://blogs.technet.com/b/wikininjas/ -
Sunday, January 20, 2013 3:28 AMso I did that and now it shows that it is currently connected to "Network" under Network and sharing center. It should say that it's connected to ABCD.local.
-
Sunday, January 20, 2013 3:44 AM
You disabled ipv6 ? or you put a static ip ??
It's a mess between the ipv6 and ipv4 IMO.
MCP | MCTS 70-236: Exchange Server 2007, Configuring
Twitter - @yagmoth555 ()
Blog: http://www.jabea.net | http://blogs.technet.com/b/wikininjas/ -
Sunday, January 20, 2013 3:47 AM I just fixed it. Local security policy -> Network List Manager Policies -> Network. Just changed name to "ABCD.local" fixed it. Event logs for DHCP seem good now! Thanks!
- Marked As Answer by Jeremy_WuMicrosoft Contingent Staff, Moderator Tuesday, January 22, 2013 9:07 AM
-
Sunday, January 20, 2013 4:05 AMI disabled Ipv6. The server already had a static assigned Ipv4 address before we began. It's running smoothly now.
-
Sunday, January 20, 2013 6:07 AM
Hi,
The dcdiag /test:DNS results you posted are not complete. I don't see the tests against the root hints and others. You might also get something like Missing AAAA record at DNS server which happens because you are using a link local IPv6 address and the do not get dynamically registered in DNS.
Also I noticed that the first DNS entry in the IP configuration you posted is ::1 which we all know its the IPv6 loopback. That means that the server will first try name resolution looking at himself but using IPv6 then falls back on the other entries. If you are not using IPv6 you might use the local ipv4 IP address or loopback first, and use the ::1 second or third in the DNS servers list. If you hadn't disabled ipv6 I would have asked you to post a simple nslookup result.
That is probably why the DHCP server "can't find a domain controller" because there are no ipv6 records in DNS.
As a workaround, you can check in the DHCP MMC in the ipv6 node, advanced, bindings and make sure its not bound to the ipv6 address.
And the question of weather to disable ipv6 has been discussed a lot and in short Microsoft recommends you do not disable it. You can disable it but first make sure you understand the implications.
Here are some articles about this:
http://blogs.technet.com/b/netro/archive/2010/11/24/arguments-against-disabling-ipv6.aspx - Arguments against disabling IPv6
http://msmvps.com/blogs/acefekay/archive/2010/05/27/how-to-disable-rss-tcp-chimney-feature-and-ipv6.aspx - Should I Disable IPv6
http://support.microsoft.com/kb/929852 - How to disable IP version 6 or its specific components in Windows
http://technet.microsoft.com/en-us/magazine/2009.07.cableguy.aspx - Support for IPv6 in Windows Server 2008 R2 and Windows 7
http://blogs.msdn.com/b/dgoldman/archive/2009/11/03/ip-v6-is-a-must-if-you-are-trying-to-install-exchange-2010.aspx - IP_V6 is a must if you are trying to install Exchange 2010
Hope it helps.
- Marked As Answer by Jeremy_WuMicrosoft Contingent Staff, Moderator Thursday, January 24, 2013 6:11 AM
-
Sunday, January 20, 2013 6:38 PMGreat. So one expert tells me to disable it and another tells me not to. I already disabled it. Would re-enabling it cause problems?
-
Sunday, January 20, 2013 6:40 PMIMO The key is, does it work, yes ? then don't touch it again :)
MCP | MCTS 70-236: Exchange Server 2007, Configuring
Twitter - @yagmoth555 ()
Blog: http://www.jabea.net | http://blogs.technet.com/b/wikininjas/ -
Tuesday, January 22, 2013 9:12 AMModerator
Hi Vanessa,
Just to add, we can also refer to the following DNS client best practices:
DNS client and server best practices for ADDNS: DNS servers on <adapter name> should include the loopback address, but not as the first entry
More information:Best Practices Analyzer for Domain Name System
Hope this helps.
Jeremy Wu
TechNet Community Support
- Marked As Answer by Jeremy_WuMicrosoft Contingent Staff, Moderator Thursday, January 24, 2013 6:11 AM
.png)
