Windows Server 2012 r2 Domain Controller

[TyraelAC]

Hi folks,

i am trying to make a private domain for me to automate with group policies settings, updates and so on.

I am using the ASUS RT 68 AC with ASUS Merlin CFW.

I have a problem by using the Domain Controller as DHCP and DNS Server. My hosts can not find my DHCP Server.

AS settings on the Router, i deactivated the DHCP Server of the Router and linked the DNS Server settings to the DC.

I also opened ports for DHCP and DNS.

What else of settings am I missing on the Router?
Does anyone now which settings I need to do that the DHCP Server tells the clients which gateway ip addres exists and how to connect them directly with an ip adress when i pull them into a switch/into the router?

I used to read the documentations of Microsoft for the DHCP and DNS server, also google around to find anything useful.

Kind regards

Tyrael

 

[leszek]

What does your network topology look like? Are both - your clients and your windows server on the LAN side of the router? Or is your router in-between? (I'm trying to understand why you're changing the router's firewall)

 

[AdvHomeServer]

It's been awhile since I played around with this, but my recollection is keep it simple. Let the router be a router. Let dhcp reside on the router. Use DNS on windows server minimalistically. Everything on the network should fall into place nicely. Once you find a need that is not met, not just not the way you like, then play around with the settings. Unless your network is too large for this to apply ... such as multiple subnets.

 

[RMerlin]

What I typically do with my customers who have a Windows domain is to disable the DHCP on the router. Have the Windows server handle both DHCP and DNS duties (Windows clients will register in its DNS, making LAN name resolution more reliable). Just configure the DHCP server to give the router's IP as default gateway.

Don't forward or open any port on the router - this is only needed if you'd have something on the WAN side needing to access the LAN side.

Make sure everything is in the same subnet as well.

 

[AdvHomeServer]

What I typically do with my customers who have a Windows domain is to disable the DHCP on the router. Have the Windows server handle both DHCP and DNS duties (Windows clients will register in its DNS, making LAN name resolution more reliable). Just configure the DHCP server to give the router's IP as default gateway.

Don't forward or open any port on the router - this is only needed if you'd have something on the WAN side needing to access the LAN side.

Make sure everything is in the same subnet as well.

I would respectfully disagree with this advice (except the port forwarding advice ... keep closed what you specifically do not need to open.). Windows server can support both small and the very largest networks quite well. A large network would almost certainly have multiple subnets. A small one might have them to promote security (keep finance and HR separate from the shop system for example.)

Writing in the abstract here adds complication because the poster did not mention the size of the network. Is it comfortably supported with Windows Server 2012 Essentials or are multiple servers in play? It make sense for a one server system to have one subnet. A large system with multiple servers would be using different equipment and likely have Windows server manage a great deal more, including dhcp.

When I first learned how to use Windows Server, one thing I read in multiple places is to let the router do dhcp on a small system. You get problems otherwise. The router can do it better and is optimized for it. That being said, I have little practical experience supporting windows server in a corporate environment so I would defer to someone who manages servers on a daily basis. On my little practice VM network, the router manages the system quite well if the VM network is bridged to the main network.

 

[RMerlin]

I would respectfully disagree with this advice (except the port forwarding advice ... keep closed what you specifically do not need to open.). Windows server can support both small and the very largest networks quite well. A large network would almost certainly have multiple subnets. A small one might have them to promote security (keep finance and HR separate from the shop system for example.)

The way he described his setup, it sounds like a SOHO, or a plain home network. Subnets would be overkill, and an unnecessary pain to manage in such small deployments.

My largest customer has around 35 employees on a Windows domain, and they don't need subnetting or VLANs.

 

[smagus]

remember that in Active Directory environment you have to authorize DHCP server to unlock respond for queries. https://technet.microsoft.com/en-us/library/cc754493.aspx

 

[TyraelAC]

Hey folks, thank you very much for all your answers. I am a trainee for software engineering but i also want to learn system integrations. Like u guys figured out, it is a small home server. I know that i can still use the router as dhcp server. My goal is to set it up with windows server 2012 r2 for learning purposes. I fugired today out that i do not need a dhcp role for ad. I always thought u needed also...[...]. As DHCP options I configured Router, DNS name, DNS Server and Domain name. Is there any other DHCP Option I should set up, which is needed it I don't use the DHCP Server of ther Router?

Thanky you again very much for your solicitousness.

 

[AdvHomeServer]

Hey folks, thank you very much for all your answers. I am a trainee for software engineering but i also want to learn system integrations. Like u guys figured out, it is a small home server. I know that i can still use the router as dhcp server. My goal is to set it up with windows server 2012 r2 for learning purposes. I fugired today out that i do not need a dhcp role for ad. I always thought u needed also...[...]. As DHCP options I configured Router, DNS name, DNS Server and Domain name. Is there any other DHCP Option I should set up, which is needed it I don't use the DHCP Server of ther Router?

Thanky you again very much for your solicitousness.

Go to Pluralsight and consider signing up for a video subscription. Their Windows Server videos are outstanding. Look over the 70-410, 70-411, and 70-412 videos. Some of the Amazon books on this topic are pretty bad and an expensive waste. Technet is hit or miss, but everything is there. You really need to set up a multi-server VM network. Try using Hyper-V since it has professional features. Win 8 pro allows you to load it as a feature. It's the full deal. I think there's a place where you can get on line access to a server network for educational purposes. They also offer exercises to learn Windows Server. It's a little expensive but compares favorably to college tuition.

 

[TyraelAC]

Thank you very much. I will give them a hit.