Building an Active Directory Domain Controller for Development using VMware Workstation – Pt. 2
In my last post, we created a VM (Virtual Machine) using VMware Workstation 6.5.2 running Windows Server 2003 R2. If you’re getting started here with a VM of your own, or physical hardware, the current status of the VM for this tutorial is a standard Windows Server 2003 R2 installation, with all recommended updates / patches applied.
If this server is running in VMware Workstation, feel free to snapshot the VM at this point so that you have a clean build of Windows Server 2003, that can then be sysprep’ed and used to deploy multiple other servers.
Moving right along, we’re going to jump right into the configuration. We’ll be configuring this server to be a Domain Controller, DNS Server, and Certificate Authority (CA) for the domain. Installing the CA role on this server will allow it to issue SSL certs. If you’re using this domain to test and develop web applications, IIS can automatically request / receive certificates from this server.
Before we get started, please make sure that you have your Windows Server 2003 R2 disk ready and available. If you load it into your drive, or mount the ISO, you may not be prompted for it.
1. First things first… We’ll need to assign a static IP address to this server. Click on ‘Start’ > Control Panel > Network Connections, then with the mouse over ‘Local Area Connection’, Right-Click and choose properties.
In the properties window that opens, highlight ‘Internet Protocol (TCP/IP)’, then click on ‘Properties’.
In the next property window, select the ‘Use the following IP Address’ radio button. Type an an IP Address and a subnet mask, default of 255.255.255.0 should suffice, and retype the same IP Address that you used for in the top area (192.168.25.10 in the picture below) into the field for ‘Preferred DNS server’. Click ‘OK’, then in the previous property window that returns, click ‘Close’. Feel free to use the same address space I’m using, it’s really pretty irrelevant as long as you follow with the same IP space with any machine that needs to connect to this DC. IP addressing and routing is unfortunately beyond the scope of this post and would require it’s own long and intricate post. Hopefully if you’re following this, you have a basic understanding of IP Addressing.
2. From the Manage Your Server wizard, which if not open can be opened by choosing ‘Start’ > ‘Manage Your Server’, click on ‘Add or Remove a Role’. Click the ‘Next’ button.
After a short wait, you’ll be presented with another window. Click the ‘Custom Configuration’ radio button. Click ‘Next’.
Select ‘Domain Controller (Active Directory)’. Click ‘Next’. Click ‘Next’ again to begin the installation.
3. At the Active Directory Installation Wizard, click ‘Next’ twice.
Select ‘Domain controller for a new domain’. Click ‘Next’.
Select ‘Domain in a new forest’ and click ‘Next’.
in the ‘Full DNS name for new domain’ textbox, type in your domain name. I used ‘dev.local’. Click ‘Next’.
I accepted the default ‘Domain NetBIOS name’ or short name for the domain, in my case ‘DEV’. Click ‘Next’.
In the ‘Database and log folders’ window, accept the defaults and click ‘Next’. In the ‘Shared System Volume’ window, accept the default and click ‘Next’.
In the ‘DNS Registration Diagnostics’ window, click the middle radio button titled ‘Install and configure DNS server on the computer…’, and click ‘Next’.
In the ‘Permissions’ window, accept the defaults and click ‘Next’.
In the ‘Directory Services Restore Mode Password’ window, type in the password you would like to set. I use the same as the administrator account for development environments.
At the Summary / Review window, click ‘Next’ and the configuration will begin.
After a few minutes, you’ll be done with that step. Click ‘Finish’. Your new domain is up and operational after a reboot.
4. We’ll now install IIS. In the ‘Manage Your Server’ window, click ‘Add or remove a role’. Click ‘Next’ at the ‘Preliminary steps’ window. Select ‘Application Server’ and click ‘Next’.
In the ‘Application Server Options’ window, click ‘Next’ without selecting ASP.NET or FrontPage Server extentions. Neither are needed for IIS to provide certificate services. Click ‘Next’ again at the summary page to begin installation. You may be asked for your Windows Server 2003 R2 disk during the installation.
When the installer completes, click ‘Finish’.
5. Now we’ll install certificate services. ‘Start’ > ‘Control Panel’ > ‘Add or Remove Programs’. When the window opens, click ‘Add/Remove Windows Components’ on the left side.
Click the ‘Certificate Services’ checkbox, which will prompt you with a warning about renaming your computer or domain. Click ‘Yes’ to continue. Then click ‘Next’.
Select ‘Enterprise Root CA’ and click ‘Next’.
Choose a Common Name for the CA, I used ‘ent’. Click ‘Next’.
On the ‘Certificate Database Settings’ window, accept the defaults and click ‘Next’. You will then receive a warning that Certificate Services needs to stop Internet Information Services (IIS). Click ‘Yes’ to continue. You may be asked for your Windows Server 2003 R2 disk.
Certificate Services will then prompt you again, saying that it needs to activate Active Server Pages. Click ‘Yes’ to allow the activation. Click ‘Finish’. You can now close the ‘Add or Remove Programs’ window.
6. From the ‘Manage Your Server’ window or from the ‘Control Panel’ > ‘Administrative Tools’, open ‘Active Directory Users and Computers’. If you’re using the ‘Manage your Server’ window, the exact title of the link is “Manage users and computers in Active Directory”, in the Domain Controller subsection of the window.
Click the + sign next to the domain name that you just created, dev.local in my case, then Right-Click on the domain name itself.
From the menu that displays, select ‘New’, then ‘Organizational Unit’ known and abbreviated as “OU”.
Type in ‘Service Accounts’ in the ‘New Object – Organizational Unit’ window and click ‘OK’.
You now have a new container in which to put your service accounts for whatever you are doing. You can also apply policies to this OU or any of the others without affecting one-another.
_______________________________________________________________________________
To wrap this all up, you now have a domain controller, DNS server, CA for issuing SSL certificates, ability to use IIS online certificate requests from any webserver that is a member of the domain, and a location for storing service accounts. You can create another OU to store test accounts to see how policy may affect user experience within your applications.
Good luck, enjoy, and as always, hope this helps someone out.
PS. I know some infrastructure / AD person is going to pipe up that using DCPROMO is the way to go, but for non-infrastructure people, I think the wizard approach is a bit easier and allows the user to see exactly what is happening. 
About the author
- More at
Thanks!!! Great 2 part post. I really appreciate you taking the time to post this with screen shots and all. Awesome!!!
My pleasure Bill. Glad you found it useful.
Great post.
Now that the AD/DC have been setup how do I add /connect more VMs
ie. VM 2 – SQL Server, VM 3 – MOSS , VM 4 – MOSS backup.
How does each additional VM need to be setup ? My thought
was to add each new VM as a server to the AD/DC just created for
a virtual SharePoint farm.
Just point me in the right direction.
Thanks
Hey Danny, from there you set up the rest of your servers with static IP addresses in the same subnet as the domain, ie. domain controller is 192.168.10.20, and the rest of the servers are 10.21, 10.22, and 10.23 in the subnet of 255.255.255.0. Then join each server to the domain via the computer properties box.
Let me know if you want me to go into further detail.
Hope this helps.
Thanks for the quick reply. Before I came across your post, I was
able to setup 3 VMs using VirtualBox. VM1-AD/DC, VM2 and VM3 all
of them are Windows Server 2003. VM2 and VM3 are workgroups should
they be DNS servers ? VM2 and VM3 are clean and have no software installed as yet. I did not use a MS Loopback adapter for any of them.
I don’t recall doing all the steps as you show above for my VM1.
I was able to ping across VMs using IP addresses. However, I could not ping VM1 by name but VM1 could ping both VM2 and VM3 using either a name or ip address. When I tried to add/join VM2 to my dev.local domain in VM1 it could not find the domain. Do VM2 and VM3 have to be registered with VM1 first ?
Are you saying it’s the domain and subnets that matter and not whether it’s a workgroup or DNS server ? Do VM2/VM3 require a Preferred DNS
entry ?
I read somewhere that in order to add a new computer(s)in this case VM2/VM3 to an existing domain they must be a DNS server. Can VMWARE WorkStation 7 Teams make this easier ? Please provide further detail in VMware as time permits I have version 7.
Thanks in advance.
Hey Danny,
When you set up your DC, did you also install DNS services? It should have warned you to. The domain controller will provide all of your DNS services, so you want to configure the other servers on its network and pointing to the domain controller as the primary DNS server. Don’t make the other servers DNS servers, and you shouldn’t have to install MS Loopback. If you’re already able to ping all the servers, configure them to use the AD/DC as their DNS.
Example:
Domain Controller
IP Address: 192.168.1.10
Subnet Mask: 255.255.255.0
DNS: 192.168.1.10 (pointing to itself for DNS services)
Server 2
IP Address: 192.168.1.20
Subnet Mask: 255.255.255.0
DNS: 192.168.1.10 (pointing to domain controller)
Server 3
IP Address: 192.168.1.30
Subnet Mask: 255.255.255.0
DNS: 192.168.1.10
After configuring your servers like that, they should be able to ping each other by IP Address and after adding them to the domain, they should be able to ping each other by name. When you add the servers to the domain, the DC will create DNS entries for each of them.
With the other servers pointing to the domain controller for DNS services, when you try to add the servers to the domain, they should be able to find it (ie. dev.local). You can test this by trying to ping dev.local after you point to the domain controller. (Assuming your domain name is dev.local)
Make sure your VMs, if you’re set to bridged networking, are not conflicting with IPs on your physical network.
This configuration should work no matter what virtualization platform you are using.
Using Workstation 7, you can set up a team, and network fence that team if you want to, but for simplicity’s sake, I think making sure that you can get the servers to communicate with each other should be the priority.
Let me know how these steps go, and we’ll take it from there.
Good luck.
Thanks again for the quick turnaround. I’ll try to configure VM2 to talk to VM1-AD/DC and get back to you. As for the adapters used in my 3 VirtualBox VMs they were Adapter 1 – Fast III/NAT Adapter 2 – Fast III Bridged/Ethernet 10/100. I’ll verify that VM1 has DNS Services installed and go from there.
As for good luck – I consider myself fortunate you’ve taken the time to
guide a neophyte through this learning process. BTW, not sure if you’ve heard of ScottGU. His posts provide excellent content and screenshots similiar to what you done above and he always ends each post with a ‘hope this helps’.
Great. Let me know how it goes. We all had to start somewhere and the reason that I came up with posts like these is no one ever seems to cover the infrastructure side of application development… oh, and it’s fun.
I’ve heard of Scott Guthrie by name and reputation only. He’s all over the communities, but I haven’t had the chance to happen across his blog yet that I recall. Glad to know that I’m sort of following a paradigm established by someone who has done so much for the community.
We’ll get this running.
Next step, btw, if you have trouble, might have you send me some screenshots and settings. Maybe disable one of the network adapters. Like I said though, we’ll get this running.
FYI, The GU as he’s known by is a VP at MS and runs the ASP.Net, VS, Silverlight and ASP.Net MVC teams amoung other things. If you’re familiar with a design pattern called MVC, the GU made it happen for
MS and was also involved in bringing the first open source javascript library to Visual Studio – JQUERY. He’s surrounded by a great team
of people.
I started with a clean Windows Server 2003 VM image. NO AD/DC, DNS Server and DHCP Server installed. Fired up Manage Your Server – Add or Remove role.
Ran wizard which showed status msgs along the way – Installing
DHCP Server , Installing Active Directory, Installing DNS Server etc.
At the end received a dialogue with mulitiple items checked off except for DNS forwarder – 127.0.0.1. with Can’t complete msg etc.
I think my mistake was not creating the static IP address as stated
in the beginning of your post above. Did learn one thing though -
I copied the Virtual Box folder to a USB drive. The original set of
VMs were created on a VISTA laptop when I tried to load the VM on a Windows 7 laptop the Ethernet 10/100 adapter was not on the dropdown list. Oh well back to Vista.
You do want the static IP, but since you’re only running a single domain controller, you can re-IP it without much issue. As for the DNS forwarder, in the DNS manager, you can right-click on the host name, select properties, and then go to the forwarders tab. This should allow you to configure your DNS forwarding for zones that aren’t under the control of your DNS server (ie. everything except your domain). This will allow the other servers that join the domain, and your DC to resolve queries outside of your domain.
I just put in my ISPs standard DNS servers.
Keep me posted on how it’s running. (I almost typed, hope this helps.
)
I’m reading the Effin Blog above and starting from scratch. In VM1,
I have a Local Area Connection and a Local Area Connection 2 – Does
it matter which one I set the static IP 192.168.25.10 in ?
What would be an example of a forwarder/zone ? Is it the name of the other VM ie. VM2 its IP address and server name. When I configure the forwarder/zone does VM2 have to be up and running ?
Thanks
I went ahead using Local Area Connection 2 and followed your excellent directions to setup VM1 with AD/DC. Will configure IIS etc. later.
Here’s where we are – I was able to ping VM1 from VM2 and vice versa by name and by IP address. I joined VM2 to dev.local and was
prompted with a logon dialogue and voila Welcome to the dev.local domain ! I’ll follow the same pattern to add VM3 to dev.local.
Since VM2 and VM3 will be part of the dev.local domain, can I assume all 3 VMs can now ‘communicate’ with each other. My thought is to install SharePoint on VM2 and Sharepoint/SQL Server on VM3. At this
point is DNS Forwarding/Zones required ?
Thanks for your patience.
Awesome! Glad to hear that you’ve got them talking and successfully joined VM2 to the domain!
If you have more than one NIC, you might be able to reach the Internet without DNS forwarding. If your VMs are able to browse the web without it, then don’t do it, but if not, you will have to set up DNS forwarding. If your VMs don’t need the Internet, then you don’t need to worry about forwarding either. As for zones, you should only have 1 zone to manage (dev.local), and it should pretty much be automatic.
As you create SharePoint sites to work on, you can set up custom URLs in your DNS dev.local zone and set up host headers when creating the web applications, which will allow you to have multiple sites on the same server without having to set up IP addresses and host header files. Example URLs: test.dev.local, stage.dev.local, development.dev.local, and so on.
Glad it’s getting to the next step!
A quick note about DNS zones. A zone is simply a domain (not necessarily AD but in this case they are the same) management area that allows you to set names up that point to IP addresses (A records) or machine names and other DNS entries (C Name or alias).
An example of a DNS zone on the Internet would be google.com. That name, google.com, lives in a zone on a DNS server, and when you type in google.com it tells your system what IP address to use to navigate there. It also controls sub-domains like mail.google.com and lab.google.com. Those would all be entered typically as (A records) pointing to google’s server or load balancer that hosts those sites. Now it may also hold a record (C Name) for gmail.google.com that points to mail.google.com instead of an IP address.
That’s just a quick and dirty on DNS zones. But if you wanted to configure another zone on your DC to be managed in DNS, you could create a zone called stage.local, and add C records that point back to sites on VM2 or VM3.
Hope that makes sense.
I did not setup any zones for either VM1 or VM2 but was able to
get to Google.com from both. Seeing the Internet from within each VM allows me to install the Windows updates amoung other things. I think
the NAT adapter helped in this case. I noticed you’ve prepared several posts on MOSS. Lessons Learned – sound familiar. Read the Effin MOSS posts first. Can I get back to you with any questions ?
BT
Thanks
Absolutely! Happy to help in any way I can.
I see you’ve put together a five part series on MOSS. It’s going to be a long night.
Just finished reading your MOSS series including the AD post.
Need confirmation on these – in Part II MOSS Installation
there’s a reference to a ‘domain’ for the mossFarmAdmin id.
Provided VM1-AD/DC dev.local is up and running and I’m installing
SQL Server and MOSS 2007 on VM2 – dev.local\mossFarmAdmin should be ok?
Also, if VM3 only has MOSS 2007 can this server be added using the Central Admin web interface ? VM2/3 are also application servers.
I had originally planned to call my 3 VMs – Moe, Larry and Curly.
Informative and good series of posts. Thank god for screenshots !
Yes on the mossFarmAdmin account, reference it by using either (dev\mossFarmAdmin if you chose dev as the shortname) or (mossFarmAdmin@dev.local). Both ways should work. The domain would be what you named your domain, and you would create the mossFarmAdmin account on the domain controller using Active Directory Users and Computers (often referred to as ADUC), which is located in Control Panel > Administrative Tools. Make that account local admin on both MOSS servers.
Re: VM3. After installing MOSS, run the SharePoint Configuration Wizard, which will start by default right after installation. In this wizard, it’ll ask you if you want to create a new MOSS farm or connect to an existing one. Choose existing and point to VM2. Then you should have 2 MOSS servers attached to the same farm. You should then be able to pick it up from configuring SharePoint through Central Admin.
If you missed the configuration wizard, I believe you can start it up again through the SharePoint folder in Start > Programs.
Keep me posted on how things are going.
Glad you like the MOSS series. That series was a lot of work. 
I’m on it. Good weekend.
Several questions, answer as time permits. In Part IV of your MOSS series, we create several new accounts WssSearchService etc. are these AD accounts or Windows accounts in the VM where MOSS 2007 was installed ?
Also, a question about Forward Lookup Zones – Here’s an excerpt from
your earlier reply – ‘That’s just a quick and dirty on DNS zones. But if you wanted to configure another zone on your DC to be managed in DNS, you could create a zone called stage.local, and add C records that point back to sites on VM2 or VM3.’
Can I create from my AD/DC an Intranet zone ie. intranet.danny.com and add a C record that points to Sql Server 2005 on VM3 ? Trying to
explore NLB.
That’s what VMs are for – you blow yourself up and no one else gets hurt.
Thanks
@Danny
The accounts are AD accounts, all of them. Local accounts won’t work unless you using a single server scenario.
Yes you can create as many DNS zones as you want, from the DNS Manager. So in the example that you gave above, you would create a forward lookup zone named ‘danny.com’, and then you would create a record in that zone for intranet and point it to whatever system you want (as a A record or a C Name.
I may try to drop a quick post on adding zones and records to DNS this weekend. Let me know if you have trouble finding the interface, and I’ll see if I can get a post done today.
I just posted an article on DNS: http://d3planet.com/rtfb/2010/04/17/creating-and-managing-a-dns-zone-using-windows-server-quick-dns-primer/
Thanks for taking the time especially on a weekend. I briefly QA’d and reviewed the DNS Primer. No typos , however the screenshots were a little tough to see. As for the ping Google example , it returned a 404
using the given IP address. I opened a command prompt and pinged Google.com which returned an IP which I then copied and pasted into
my browser – worked fine.
Please confirm – Under Forward Lookup Zone create a new
primary zone ie. intranet, add a new record called danny.com, provide the target host/ip/server information which in this case is VM3.
Would I reference it as intranet.danny.com ?
I’m assuming since all three VMs are in the ’same’ domain any forwarding requests can be handled provided the ‘IP address’
is correct.
This exercise is a bit more realistic than running everything within a single VM.
@Danny, not sure what happened with Google’s IP. Maybe they rotate, or have different IPs for different regions, but glad you got the gist of it. If you click on the screenshots, are they still hard to read?
Re: your question about the forward lookup zone: You would create the zone and name the zone ‘danny.com’ since that will be the base URL. Then any records you add into the zone (A or CNAME) will yield the URL nameOfRecord.danny.com. So if you created an A record for ‘intranet’ and pointed it to the IP of VM3, then you would be able to navigate to it via ‘intranet.danny.com’. (recordName.zonename). Does that make sense?
Yes on the forwarding requests question. Since they are all in the same domain, they should all be using the DC as their DNS server, and the DC would forward requests as necessary.
Ideally this is how dev environments would be set up (multiple servers with DNS and AD), so ‘yes’ on the realism. A dev environment set up like this adds complication to development but mimics real world situations. If you’re developing on a single server implementation, then you should have a staging environment to test in that would mimic the production environment. Easier to handle these days with virtualization, but you still have to have a powerful enough computer to run all the environments.
I understand a VM is limited by both memory and hard drive capacity
on the host operating system.
The DOS screenshots are fine. The screenshots in color are the
ones in question.
Thanks
Using our 3 VMs as a real world scenario. Here’s a scenario :
VM1 – AD/DC speaks for itself
VM2 – is a WFE / application server with MOSS 2007 only
VM3 – is a WFE / application server with MOSS 2007 & SQL Server 2005
I take it the users are pointed to VM3. What happens if VM3 takes a
hit ? Is VM2 an alternate site used in backup / retore of VM3 without disruption of service to the business ?
Thanks
Ideally you would load balance VM2 and VM3 having them be part of the same farm. You could use Windows Load Balancing if you want to go that route. If VM3 takes a hit, you’ll lose your SQL Server so you’d lose the whole farm. The scenario that you have running is basically a load balanced SharePoint farm. In order to make SQL redundant, you would have to set up a cluster (2 SQL servers serving up a virtual IP). That way if any one server went down, the other’s services would take over, but to my knowledge, creating a SQL cluster with VMware workstation isn’t really an option unless you have the ability to present shared storage, ie. simulating a SAN.
You may be able to use OpenFiler or the EMC Celerra VSA to simulate a SAN infrastructure and try it out, but SQL clustering is a project in and of itself.
VM3 has already been built with MOSS 2007 and SQL Server 2005. I’ll do some more digging on the clustering issue and get back to you. So you’re saying there would be an additional VM ie. VM4 which only contains SQL Server and its sole purpose being a backup of the SQL Server instance on VM3.
Thanks
In thinking about it, I’d stay away from the clustering for dev. Unless you’re planning on publishing from the servers that you’re working with. The way clustering works, is you’d need 2 servers, each with their own IP information, then you’d create a cluster and a virtual IP that would be shared between the two servers. You would point MOSS at the virtual IP instead of any specific SQL instance. How deep do you want to go with this? And what do you want to use the final product for? Or is it more for familiarization and experimentation?
It’s only for experimentation and familiarization. I’ve already
done some r&d on this. I’m only targeting the VMs we’ve been
referring to not a live environment.
I’ll keep you in the loop.
Thanks
Ran into an issue when installing MOSS 2007 on VM2. VM2 will only have MOSS 2007 and nothing else. I’m trying to point setup to the instance on VM3. However,setup was not able to find the SQL Server 2005 db on VM3. I allowed remote connections using the Surface Area Configuration Tool. Now SQL Server on VM3 is hosed.
Did you cover any of these issues in previous tutorials ?
Thanks
@Danny – Ouch! What OS are you running? In the VMs? If you’re running Server 2008 or Server 2008 R2, it’s likely that the firewall was blocking traffic. SQL doesn’t self configure the firewall, so if you’re running either of those OSs, that is likely the issue. Not sure what to do about SQL being down.
Otherwise, SharePoint should have seen the SQL Server. In the SQL Server configuration tool, you should be able to see what protocols are enabled. I believe the Surface Area Tool is more of a security wizard than an access wizard.
Word of advise… start taking VM snapshots when you get them to a place that is stable. The one with SQL on it should be snapped before you start moving things around. After you add VM2 to it making it a small farm, snaps will help less because SharePoint gets out of sync on the timer jobs.
Let me know how it goes.
FYI,
All 3 VMs are running Windows Server 2003. VM3 is the one with MOSS 2007 and SQL Server 2005. When I tried to load MOSS 2007 on VM2 and point it to the instance on VM3 it failed. A review of the error log under the 12 hive mentioned something about allowing remote connections with tcp/ip
and or named pipes. Both options were a no go. Now the SQL Server instance on VM3 got hosed. Previously, I was able to open the default instance without an error msg. The Surface Area Configuration tool shows all protocols as enabled. I also used this tool to enable remote connections.
Now I have a real issue which has to be investigated and resolved.
I have backups and can start over meaning a clean VM2/3. Snapshots ? Good idea. I’m thinking it’s something else. Not sure if it’s a good idea to turn off the firewall on VM2.
I could try to add a new server ie. VM2 using the SP Central Admin dashboard in VM3. If it adds the new server successsfully, I could try and install WSS 3.0 / MOSS 2007.
Thanks
Resolved the above issue and installed WSS 3.0 on VM2.
MOSS 2007 is next. Central Admin shows two servers from either VM2
or VM3.
So you’re up and running and good to go @Danny?
When I setup MOSS on VM3, I clicked the Advanced Settings button and enabled AD. On VM2 WSS installed without a problem however, MOSS complained about AD. Couldn’t figure out the AD issue but managed to fix the SQL Server issue so WSS could install.
I have a clean VM2 and will attempt to install WSS and MOSS only and point VM2 to the SQL Server on VM3. Figured you got busy decided to keep going.
Minnie Ripperton. lalalala lalalala ? That Minnie Ripperton ?
MOSS is up and running on VM2/VM3 but not configured.
I’d like to investigate the SQL Server cluster issue before I
configure MOSS. Can I read up somewhere for a best practice
configuration/scenario for a two server farm ?
Thanks
Yep… Got busy. Glad you pushed forward. Minnie fan huh? Gotta love that voice. I don’t have an article on SQL clustering but you can likely find one. Just make sure it’s specific to workstation. There’s a few crazy things you have to do to enable sharing of the disks. If I come across one, I’ll post it.
Thanks.
Here’s two more for you.
Coco had a good voice – remember SWV ?
as did Lauren Hill remember Fugees ?
Nice! I do remember them!
Thanks for all your help.
Just reading this nice post. I think I get it, but I am missing something. I have VMWare Workstation 7. I have a DC set up on 192.168.0.1 and another machine on 192.168.0.2. When I try to ping from one to another by IP I get a “request timed out”. This is true if they are Brigded and if the are NATted. Do you know what I might be missing?
TIA
@TIA: Do you have any IP or DNS conflicts on the network using Bridged Mode? This would be the only reason that I could think of in why it wouldn’t respond. Or maybe something in your host machine is blocking it? Is the windows firewall of the VMs itself blocking ping? By default, in 2008/2008R2 I believe the firewall is set to block pings. Do you know how to check/edit the firewall settings?
Actually in thinking about it, if you’re using 2008 or 2008R2 the firewall is most likely the problem.
Try using a host-only network and seeing if the VMs can ping each other. Other thing to check, make sure that the NICs on both VMs are in “connected” state.
You can also try setting up a VM Team with those VMs and tieing them to a single network switch via the team.
Let me know.
Ah, firewall. Turning it off on both VMs allows traffic. For what I am doing they will stay off. This system is transitory. If I do it again I will try to make an IPSec thingy to do a better job.
Great!
You can also set up rules that allow communication between specific servers instead of the IPSec thing. It’s common to open up ports based on the server’s roles, like 1433 & 1434 for SQL, but you can also restrict the servers that are allowed to hit those ports.
Glad it’s all working for you now. Let me know if you have any other questions I might be able to help with.
Oh and LOL Skip, just realized that TIA was thanks in advance.