Ace
Sat Feb 02 07:03:14 PST 2008
In news:%23bP1nGSZIHA.4028@TK2MSFTNGP06.phx.gbl,
F3 <f3_evans@hotmail.com> typed:
> I inherited a SOHO setup with a W2K Server Small Business, a W2K3
> Server, and a handful of PC's.
>
> I installed a new WiFi router (Linksys w/VPN, RADIUS, etc. support),
> and a new switch (Linksys). I setup this router as the gateway and
> DNS1. I also re-installed the O/S's on the 2 servers and setup the
> W2K3 Server as the DC and DNS2. The new domain name is different
> than before (now, web/email hosting is off site). On the W2K3
> Server, I started to re-create user names and logins in Active
> Directory.
> The PC's are still looking for the "old" servers for "My Documents"
> synchronization, anti-virus updates, etc. How do I fix the
> synchronization issue (new A-V software is going to be installed)?
>
> Also, how do I setup Active Directory to do RADIUS for the WiFi
> router, and what settings must I copy to the router (I can change the
> encryption and authentication in the router, but both router and DC
> have to agree)?
> Thanks a bunch!
>
> F3
> <><
To properly setup AD, you CANNOT use the router as a DNS address in any
internal machine.All internal machines must ONLY use the SBS as their DNS
address. Setup a forwarder using your ISP's DNS address, in DNS properties
in the SBS to forward external requests to the ISP's DNS. If you are not
sure how to setup a forwarder, read the following article:
323380 - HOW TO Configure DNS for Internet Access in Windows Server 2003 :
http://support.microsoft.com/?id=323380
Also, do NOT use the router as a DHCP server. Use the SBS' DHCP service.
Microsoft DNS supports more features that work with AD features, including
secured updates (option 081) that the router does not support.
To clean up synchronization, on each machine, you must disable Offline
files, delete the cache, restart then renable it. To do that, go into
Windows Explorer, Tools, Options, Offline Files, uncheck the box. Then go
into \Windows\system32\CSC folder. Delete the contents. Then restart. Go
back and now renable offiline files in folder options, and select what you
want to be available offline.
As for AV, I have no idea what you are using. Maybe the best bet is to
reinstall or re-deploy the client side so they know who the new server is.
The procedure for that will depend on the vendor. Read their docs.
As for wireless and RADIUS, this is a whole topic in itself. Many articles
and books have been written on this topic. Basically as long as the Linksys
supports it, then it would send the authentication request from the router
to the SBS' IAS service, which you would have needed to have already
installed IAS on the SBS server (which is the Microsoft RADIUS service).
Read the Linksys docs. You can also configure it to use certs to
authenticate, which requires the installation of the CA services on the SBS.
The steps for this is just too much to explain here and I would need the
Linksys router admin page in front of me to explain it.Maybe these articles
wil lhelp.
Checklists Configuring IAS for Wireless Access:
http://technet2.microsoft.com/windowsserver/en/library/1061b536-de9e-4ad7-a6da-e37b6bbef4981033.mspx?mfr=true
Ultimate wireless security guide Microsoft IAS RADIUS for wireless
authentication:
http://articles.techrepublic.com.com/5100-1035-6148579.html
Wireless Networking in Windows 2003:
http://www.windowsnetworking.com/articles_tutorials/Wireless-Networking-Windows-2003.html
WLAN Radius configuration - (Linksys shown here too):
http://www.hansenonline.net/Networking/wlanradius.html
Good luck.
--
Regards,
Ace
This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.
Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT,
MVP Microsoft MVP - Directory Services
Microsoft Certified Trainer
Infinite Diversities in Infinite Combinations