Windows 2008 SBS + Restarting

[Izi]

When I need to restart the server, all the computers on the network can no longer access the internet.

I assume that is because SBS is acting as DHCP and DNS client?

Is there a way to use the server as primary, but then role back to default so to speak when it is being restarted?

I tried Googling but my Google skills fail me

 

[edscdk]

if you are restarting so often its causing issues with internet access you seriously need to look at reaplcing or sorting the server... or not restarting it during the day

pick a free DNS server and set dhcp to send out its IP as a secondary DNS server..

 

[Izi]

pick a free DNS server and set dhcp to send out its IP as a secondary DNS server..

I dont restart often, just seems like a bit of a flaw for a SB. What if the server needs to go for repair?

I like the idea above, I will set the secondary DNS server to 8.8.8.8 which is Googles free DNS, this should work?

 

[howler]

yeah you could do that

Do you have a router on your lan that you could set as secondary DNS?

Clients that boot up while the server is off or not present will also fail to get an IP and have no access, those that already have IP's will have access until their lease expires, probably 8 days on the default SBS setting

 

[iaind]

I dont restart often, just seems like a bit of a flaw for a SB. What if the server needs to go for repair?

I like the idea above, I will set the secondary DNS server to 8.8.8.8 which is Googles free DNS, this should work?

"go in for repair"

Your server should have redundancy and be managed properly - it should never go anywhere and definitely shouldnt be restarted throughout the day.

Dont set the secondary DNS to something like that, you'll only run into problems with domain stuff further down the line.

If you're at the size where such a thing is an issue, you should be using full blown windows server with multiple domain controllers. From the sounds of it, it's either a non issue or it's down to poor management/unsuitable hardware

 

[christophe52]

I had the same problem as you describing its a sbs2008 problem he the awnser for you

Question
In SBS 2008, when first installed or rebooted, DNS queries succeed, but after a period of about 1 day users report that they are unable to access some web sites. On inspection, it may be noticed that the inaccessible web sites are in the .uk and .eu Top Level Domains (TLDs) or certain other TLDs that are outside of the USA.

If left for several days, the problem may appear to resolve itself then re-occur after another day or so.

If the DNS server service is restarted, or the DNS cache on the server is cleared, then the problem is temporarily resolved but re-occurs after a day or so.



Awnser

The cause of this problem is that in EU countries (and certain other TLDs outside the USA), nameserver records are typically cached for more than 1 day. SBS2008 has a cap on the maximum time that it will allow nameserver records to be cached, which defaults to 1 day. This default works fine in the USA but When the .uk and .eu records become stale, they are not deleted from the cache but are no longer returned as valid records. Therefore, they effectively prevent DNS lookups in those TLDs from succeeding until the records expire and are deleted from teh cache, or the DNS Server service is restarted.

The fix is to increase the maximum Time To Live (TTL) setting in the DNS server so that it recognises records older than 1 day. Experience has shown that setting the value to 4 days is usually enough, but the maximum setting is 30 days.

Workaround
This problem can be temporarily resolved by restarting DNS Server service or by clearing the DNS cache on DNS server.

Permanent resolutions include - increasing the maximum DNS cache TTL value. - Reconfiguring the DNS server to use DNS forwarders instead of relying on Root Hints.

Solution
For a permanent work around, the MaxCacheTTL value needs to be changed to a value larger than the TLD TTL (Default value is 1 day, maximum value is 30 days). On SBS2008 there is no negative impact since this is the TTL for the cache of Resource Records. This is just the maximum value that it will be stored on DNS server. If the actual TTL is shorter, the shorter value will be used.

1.Start Registry Editor (Regedit.exe).
2.Locate the following registry key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Parameters
3.On the Edit menu, click New, click DWORD (32-bit) Value , and then add the following value:

Value: MaxCacheTtl
Data Type: DWORD
Data value: 0x69780 (432000 in decimal = 5 days)

4.Click OK .

5.Quit Registry Editor.
6.Restart the DNS server.
As an extra precaution, clear the DNS resolver cache using

IPCONFIG /FlushDNS
After the change, the server should be monitored to check if the issue occurs again. Since this value won’t affect the normal behavior on SBS2008, we can increase this value to a larger value if the issue persists.

Hope this helps

 

[Izi]

"go in for repair"

Your server should have redundancy and be managed properly - it should never go anywhere and definitely shouldnt be restarted throughout the day.

Dont set the secondary DNS to something like that, you'll only run into problems with domain stuff further down the line.

If you're at the size where such a thing is an issue, you should be using full blown windows server with multiple domain controllers. From the sounds of it, it's either a non issue or it's down to poor management/unsuitable hardware

really? for a small company? Redundancy? Its all well and good if you can afford what you describe but what if you can't?

Windows SMALL business server was surely aimed at people like myself - am I supposed to be running two SBS's in tandem in case one goes down, could this even work?

@christophe52 - thanks I will give it a go.

 

[iaind]

A couple of disks in a RAID array would be a good start, but generally server hardware will be high enough quality to never be down for any significant length of time. If you've cobbled it together from desktop parts, then thats a different story.

In a small business, with the amount of time a server ever has to be restarted throughout the day, shouting "guys, you wont be able to access the internet for 5 minutes" across the room would be sufficient. Bodging your DNS settings isnt really the answer - properly scheduling maintenance work is.

The above solution doesnt describe your problem so wont help

 

[christophe52]

@Izi - No worries worked like a charm for me the other way around it is to set static ip's on your machines and pint the dns to you router or somewhere else this works but with sbs it makes it require you to put your credentians in to outlook for exchange everytime you open it and sharepoint homepage wont load so i would try my solution first

 

[iaind]

@Izi - No worries worked like a charm for me the other way around it is to set static ip's on your machines and pint the dns to you router or somewhere else this works but with sbs it makes it require you to put your credentians in to outlook for exchange everytime you open it and sharepoint homepage wont load so i would try my solution first

Uuuuurgh dont do this either

If you for some reason want to set your DNS to your router (what if that needs restarted??!) then do it through DHCP, but remove the machines from the domain first as you'll loose domain functionality and cripple the user experience.

There is no "solution" here, what you've posted above doesnt apply and that suggestion is just ludicrious. Of course they will loose internet connectivity when the DNS server is being restarted, the answer is...dont restart it!

 

[Izi]

snip

Fair enough. You are right, a restart is needed once in a blue moon when updates are applied or similar which can normally be done outside of office hours.

The server is a dell server with a mirrored raid array. I am also going to get a Drobo box for attached storage.

The reason this all sparked off was because the server through a BSOD which meant everyone went off line. I thought it really should be able to reroute traffic so when the server is off line people can still work - it makes sense to.

I let it dump to disk, whats the best way to find out what caused the BSOD? I am going to install the latest dell drivers to start.

 

[iaind]

Fair enough. You are right, a restart is needed once in a blue moon when updates are applied or similar which can normally be done outside of office hours.

The server is a dell server with a mirrored raid array. I am also going to get a Drobo box for attached storage.

The reason this all sparked off was because the server through a BSOD which meant everyone went off line. I thought it really should be able to reroute traffic so when the server is off line people can still work - it makes sense to.

I let it dump to disk, whats the best way to find out what caused the BSOD? I am going to install the latest dell drivers to start.

You can schedule windows updates to install and restart at a suitable time - small hours of the morning at a time backups arent running is a good idea.

Event logs are a good place to start, see if you had any errors before it happened. Did you catch the error on the BSOD?

It really is a fact of life - I've got more than 400 users at the moment with 2 domain controllers. If they both go down, everything goes down. It really isnt worth the risk trying to tweak your way around it for the occasional and minor hassle it will cause

 

[Izi]

Where in the server logs would I expect to see something?

 

[iaind]

Application or System logs in event viewer - hopefully the logs just before it went down would give you some indication what was going on

 

[Izi]

Dont set the secondary DNS to something like that, you'll only run into problems with domain stuff further down the line.

thanks iaind for your help re bluescreen.

Re the above - what problems might I encounter? Doing this does indeed fix the issue, but obviously not worth it if the world will come to an end by doing so.

 

[iaind]

thanks iaind for your help re bluescreen.

Re the above - what problems might I encounter? Doing this does indeed fix the issue, but obviously not worth it if the world will come to an end by doing so.

It shouldn't be too much of a problem, but not worth the risk IMO.

Active directory domains rely on DNS absolutely. Without it, a domain cannot function. If, for some reason one of the PCs decides to start using the secondary dns server more than it should then it will have issues interacting with the domain.

You could always write a netsh script to reconfigure the dns settings when the server reboots, but i wouldn't bother.

I'd be worried that the users were complaining more about Internet access than being able to access any of their files, emails etc

 

[Izi]

fair enoguh

OK final question promise! With folder direction, is a copy of the users files kept on both the local pc and the server storage location? I.E does it 'cache' user files on the local hardrive for offline use/faster speed? How does it know what to sync to the server?

 

[iaind]

You can do it either way, the proper terms to google are folder redirection and offline folders.

To be honest, I've never had any issues with speed doing it without offline folders, waiting for the changes to copy back at logoff is really annoying IMO

 

[Izi]

You can do it either way, the proper terms to google are folder redirection and offline folders.

To be honest, I've never had any issues with speed doing it without offline folders, waiting for the changes to copy back at logoff is really annoying IMO

the only reason I ask is because most of the computers are development machines and reading many thousands of small files over a network is slow, normally.

 

[iaind]

the only reason I ask is because most of the computers are development machines and reading many thousands of small files over a network is slow, normally.

Shouldn't be any slower than local really. Problem is, when you log off it copies any files that have changed back if you're using offline folders. It'll often throw an error so won't shut down, meaning people have to wait for all the files to copy back before leaving work.... It really annoys people!