General discussion

  • Creator
    Topic
  • #2290178

    www.www.microsoft.com.org

    Locked

    by mkfme ·

    I’m setting up a Win2K3 terminal services network and yesterday afternoon my test clients started getting redirected to microsoft.com.org when trying to access msn or microsoft.com. I found a couple of references on the Web but nothing that’s solved the problem. I’ve tried flushing DNS, emptying the cache, checked the Hosts file and I also scanned the system for viruses (none) and installed and ran Ad-aware (nothing remarkable there.) This happens using IE directly from the server or through a TS client. It does not happen from any PC not going through TS.

All Comments

  • Author
    Replies
    • #2710908

      Reply To: www.www.microsoft.com.org

      by sgt_shultz ·

      In reply to www.www.microsoft.com.org

      i wonder if your browser on server is hijacked? does netscape do this? http://www.pestpatrol.com might be a good resource for the registry entries that might be hijacked

    • #2710873

      Reply To: www.www.microsoft.com.org

      by mikex ·

      In reply to www.www.microsoft.com.org

      since i’m using opera browser, no hijacks issues – 2 years hard internet usage

      • #2710870

        Reply To: www.www.microsoft.com.org

        by mikex ·

        In reply to Reply To: www.www.microsoft.com.org

        However if you want to clean it Start=>run=>regedit=>F3=>type http://www.microsoft.com.org and delete it when you find it =>F3 again and so on to the end of the registry

      • #2709842

        Reply To: www.www.microsoft.com.org

        by mkfme ·

        In reply to Reply To: www.www.microsoft.com.org

        I downloaded and installed Firefox but still can’t access MS sites. Will be my browser of choice once problem is resolved.

    • #2709847

      Reply To: www.www.microsoft.com.org

      by zaferus ·

      In reply to www.www.microsoft.com.org

      Go to one of these systems and open the hosts file. By chance is there a static entry for these web sites to an IP?

      Also do the same in your DNS that the systems point too. If the browser is not misdirecting, it stands to reason that your name resolution is.

      Zaf

      • #2709843

        Reply To: www.www.microsoft.com.org

        by mkfme ·

        In reply to Reply To: www.www.microsoft.com.org

        This should be the answer but I see no hosts entries to an external IP. I’ve also run ipconfig /flushdns successfully with no change in results. Other thoughts?

    • #2709840

      Reply To: www.www.microsoft.com.org

      by zaferus ·

      In reply to www.www.microsoft.com.org

      I can’t shake the feeling that this is a resolution issue. Do the systems resolve to a server, firewall or ISP for their primary/secondary DNS?

      What IP address do you get if you open up cmd and ping http://www.msn.com from a system that doesn’t work. Now compare it to one that does. You won’t be able to get a ping response (MSN blocks ICMP packets) but you should get an IP resolve.

      Zaf

      • #2709836

        Reply To: www.www.microsoft.com.org

        by mkfme ·

        In reply to Reply To: www.www.microsoft.com.org

        The system has 2 nics – internal dns is another in-house server; external dns is at zoneedit. I have a second identical server set up exactly the same way with no problem. When I ping msn.com from my XP workstation I get 207.68.172.246, but when I ping from the affected server I got 0.0.0.0 – Destination specified is invalid. You’re definitely on to something, but what?

    • #2709838

      Reply To: www.www.microsoft.com.org

      by mkfme ·

      In reply to www.www.microsoft.com.org

      To Mikex: I also tried searching the registry as you suggested and found 2 key values with microsoft.com.org. They appeared to be history type entries and deleting them made no difference.

    • #2709830

      Reply To: www.www.microsoft.com.org

      by zaferus ·

      In reply to www.www.microsoft.com.org

      Hmmm, time to put this under a microscope. What I normally do now is get out a pen and paper and run through the resolution process step by step until I find the culprit. You’ve elimiated hosts, lmhosts and WINS shouldn’t be a factor in this as it is a domain resolve. I would go and check your Primary DNS (first one listed) first; but things may be complicated by the 2nd NIC.

      And it’s rather unusual that you get a 0.0.0.0 IP address when it tries to resolve msn.com. This wasn’t what I expected you to get.

      With two NICs, you still only have one default gateway, correct? Or do you have any static routes set up? I would like to eliminate this from the equation; can you temporarily disable one of the NICs and see what happens when you ping it or open it in a browser? Then try the other.

      I think we’re getting close.

      Zaf

      • #2709785

        Reply To: www.www.microsoft.com.org

        by mkfme ·

        In reply to Reply To: www.www.microsoft.com.org

        First, thanks for keeping at it! I disabled the LAN nic – pinging msn.com returned 207.68.172.246/destination host unreachable. When I disabled the external nic – pinging msn.com returned 0.0.0.0/destination specified is invalid.

        The dns on the LAN nic is the ip of another identical internal server. I performed the same procedures on that server and got the following: internal nic – pinging msn.com returns 0.0.0.0/destination specified is invalid; external nic – ping returns ping request could not find host msn.com. On this server I can access all sites.

    • #2709809

      Reply To: www.www.microsoft.com.org

      by mikex ·

      In reply to www.www.microsoft.com.org

      Here’s the link with a detailed explanation how to resolve this problems with IE (well … yeah they’ve respect IE usage a lot):

      http://support.microsoft.com/?kbid=320159

    • #2709754

      Reply To: www.www.microsoft.com.org

      by zaferus ·

      In reply to www.www.microsoft.com.org

      Destination host unreachable is a message that you commonly get when a hop in the chain (usually your gateway or the next router) doesn’t know how to direct the traffic. This is very likely a routing/DNS issue.

      I have set up people with 2 NICs before but never had a problem…

      Can you list for me the IP addresses, subnet masks and especially DNS settings for both of the NIC cards? And tell me the LAN setting for your router. If you are concerned about security change the first three octets to whatever you want but just keep it consistent so I can see what IP’s are on the same networks.

      Zaf

      • #2709746

        Reply To: www.www.microsoft.com.org

        by zaferus ·

        In reply to Reply To: www.www.microsoft.com.org

        As well, I’m interested in what the DNS settings and default gateway are of the identical server that works. I am guessing you do not use proxy servers?

      • #2709736

        Reply To: www.www.microsoft.com.org

        by mkfme ·

        In reply to Reply To: www.www.microsoft.com.org

        We do not use proxy servers. I share a cable connection via a Linksys router with ip 10.10.10.1 – common to all servers and PCs.

        Terminal server nic 1: 192.168.15.4, subnet 255.255.255.0, DNS 192.168.15.2

        Terminal server nic2: 10.10.10.82, subnet 255.255.255.0, Gateway 10.10.10.1, DNS (ZoneEdit) 69.10.134.196 and 216.122.4.151.

        DC server nic1: 192.168.15.2, subnet 255.255.255.0, DNS 192.168.15.2

        DC server nic2: 10.10.10.58, subnet 255.255.255.0, DNS (ZoneEdit same as terminal server above.)

        The reason for the 2 ip schemes is the 10 dot network is old NT4, the 192 dot is new Win2K3. I’m in the process of phasing out NT4 and converting to terminal services.

        Again, your help is greatly appreciated. I’m the IT jack of all trades for a nonprofit human services agency and don’t have the expertise myself to figure this out. – Martin I did make some changes to the first 3 ip octets as you suggested, but they are consistent.

    • #2709732

      Reply To: www.www.microsoft.com.org

      by zaferus ·

      In reply to www.www.microsoft.com.org

      Glad to help Martin, or at least so far try to help : )

      It seems strange that your DG (default gateway) and DNS are the same on a server that does work vs. a server that doesn’t. And yet all of our troubleshooting points to one of these being the issue.

      But I’m guessing that the TS server is trying to use your W2K network to get to the Internet.

      Typically on a sound W2k network, the only DNS listed is your primary and (if you have one) secondary internal DNS servers, which are normally also your domain controllers.

      Then on the DNS servers they will do forward lookups on the Internet DNS. I’m wondering if this has anything to do with your problem.

      It’s also possible that by having DNS servers on both subnets your TS server is going to the wrong DNS server to resolve an Internet IP.

      You can “cheat” a proper fix of course by editing your hosts.sam file, renaming it to hosts (no extention) and placing it in your windows\system32 folder. In here put the domains that aren’t getting resolved properly and their proper IP. But fixing your design issue is preferable to a sound network.

      Can you change your DNS settings the way I described after hours tonight? If you do let me know how it goes.

      Zaf

      • #2709729

        Reply To: www.www.microsoft.com.org

        by zaferus ·

        In reply to Reply To: www.www.microsoft.com.org

        Martin, I am “assuming” that your W2k is NOT set up as I have described above – which may not be right at all!

        But if it is, can you tell me why you have the Linksys router on the subnet of the NT network and not the W2k network?

        Zaf

      • #2711352

        Reply To: www.www.microsoft.com.org

        by mkfme ·

        In reply to Reply To: www.www.microsoft.com.org

        Good morning Zaf – the Linksys router is on the NT subnet because that’s where it was to begin with. The NT subnet is still the “production” network until I get the bugs out of the Win2K/TS network so I can move users. Once the conversion is complete I’ll shut down the NT subnet.

        I may not understand your instructions, but the TS server now has the following DNS settings: Primary 69.10.134.196 (ZoneEdit), Secondary 192.xxx.xx.2 (Win2K3 DC). Unfortunately it hasn’t changed anything. What seems odd, as you mention, is that the DC has exactly the same settings and can browse the problematic sites OK. You’re right that the TS server is trying to use the DC to access the Internet, because if I use only the ZoneEdit settings for DNS and remove the DC ip, I can’t browse at all from the TS. I’m very confused.

        Is this a DNS issue? If so, why does the DC browse OK with the same settings that don’t work for the TS server? What created the problem – malware or something that I did? Why does it only affect certain sites and not most?

        Martin

    • #2711329

      Reply To: www.www.microsoft.com.org

      by mkfme ·

      In reply to www.www.microsoft.com.org

      Don’t know if this is useful, but if I enter the IP 207.46.244.188 I get the MS homepage, but I can’t navigate to any of the links. Also, if I open the last TechNet Flash e-mail the graphical elements aren’t visible, just the red x in a blank box effect.

    • #2711311

      Reply To: www.www.microsoft.com.org

      by zaferus ·

      In reply to www.www.microsoft.com.org

      Hey Martin, hope the weekend was well – I think I’m going to call this my part time job ; )

      But I’m a little stubborn that way to a problem, I like to see it through once I’m committed to it.

      This probably doesn’t have anything to do with your problem, but you have what I would consider a small DNS flaw. You should only have 2 DNS entries if you have 2 internal DNS servers. You should have everything point to only your internal DNS with W2k domains and then a “DNS forward” to you Internet IP. Who knows this may actually make a difference to your problem. Fix this and let me know I’ll get my thinking cap on now that I’m on my 2nd cup of coffee.

      Zaf

      • #2711230

        Reply To: www.www.microsoft.com.org

        by mkfme ·

        In reply to Reply To: www.www.microsoft.com.org

        Zaf – That did the trick! Once I elimated the “small flaw” everthing started working properly. Apparently there was something about the DNS confusion created by using the ZoneEdit IP as primary on one nic and the DC IP as primary on the other that caused the redirection/lack of access. Thank you so much for taking the time to help as long as you did – if I could give you more points I would. Have a great week! – Martin

    • #2711229

      Reply To: www.www.microsoft.com.org

      by mkfme ·

      In reply to www.www.microsoft.com.org

      This question was closed by the author

Viewing 11 reply threads