Ace Fekay, MCT, MVP, MCSE 2012/Cloud, MCITP EA, MCTS Windows 2008/R2, Exchange 2007 & 2010, Exchange 2010 Enterprise Administrator, MCSE 2003/2000, MCSA Messaging 2003
Microsoft Certified Trainer
Microsoft MVP: Directory Services
Active Directory, Exchange and Windows Infrastructure Engineer
www.delcocomputerconsulting.com

Ace here again. Yea, I had to post a blog about this because many people ask, why do you want that? Just for the IP address??

Nope. Not just for the IP.

Good question.

There is quite a bit of information that an ipconfig /all provides us configuration data as a precursor for a diagnosis. Sometimes the ipconfig /all results will help us fix it, but not always.

Many admins are reluctant to provide this sort of information citing security reasons.

In some cases, I sympathize and agree, but in many cases, security really isn’t much of a concern, because for one, your internal IP range is a private range, and two, you can substitute your actual internal domain name with something more generic, such as substituting “microsoft.local” with “mydomain.local. You should also substitute your DC names using something generic, such as dc-01. dc-02, etc. But definitely keep track of the substituted DC names if we have additional questions regarding them.

Let’s take a look at each value in an ipconfig /all

Believe it or not, the results of an ipconfig /all has numerous information that helps us get an inside view of a DC’s basic network configuration, as well as basic service configuration.

Let’s break it down:

C:\>ipconfig /all

Windows IP Configuration

Host Name . . . . . . . . . . . . : company-dc-01  

• Name is under 15 characters – good for NetBIOS compatibility. Not a huge concern for many compani
• Possibly indicates more than one DC based on the –01 portion of the name

Primary Dns Suffix  . . . . . . . : company.com 

The AD DNS Domain name is not a single label name.

In some cases, we’ll also ask for the name in ADUC. If the name in ADUC does no match this name, then it’s a Disjointed Namespace condition).

Node Type . . . . . . . . . . . . : Hybrid   

If Hybrid is set, it tells me that WINS is in use.

Hybrid mode, specifically 0x8 (as you would set a WINS server Hybrid mode in DHCP Option 046), tells the client side resolver to use WINS first when attempting to resolve a single name query, and if it can’t resolve it, to then try a broadcast to resolve it. Of course, this is only after DNS resolution fails, since DNS is used first anyway, where the client side resolver will suffix the Search Suffix when attempting to resolve it as a DNS hostname query.

If the Node Type is set to “Unknown,” then no big deal. It just means that WINS is not being used, and the resolver service will use broadcast for a  single name resolution.

IP Routing Enabled. . . . . . . . : No

• Means RRAS is not installed
• If set to Yes, it means RRAS is installed, and it will interfere with AD communications on this DC. 
   

WINS Proxy Enabled. . . . . . . . : No  

• On a DC, “No” is what we want to see.
• If set to Yes, then it means “Enable broadcast name resolution” is checked under General tab in RRAS properties.
  • If this is set to Yes, and there is only one NIC. it could mean either:
  • RRAS is installed only for VPN use
  • RRAS was disabled, but the setting stuck
• Either way, if it is set to Yes, it will cause problems with AD communications.

DNS Suffix Search List. . . . . . : company.com

• This is what the client side resolver will use when attempting to resolve a single name query. For example, if I run nslookup against a single name such as computer1, the resolver will suffix company.com to it, resulting in a query of computer1.company.com.
• If there are multiple domains in the forest, such as a parent and child domain, or multiple child domains, then each domain must be configured with a search suffix for all other domains in order to be able to resolve everything in the forest. This is also true for additional Trees in the forest.
• The company.com in this example, was devolved from the Primary DNS Suffix.
  • If the Primary DNS suffix has multiple levels, such as Chicago.ad.company.com, then the resolver will devolve it to show search suffixes of chicago.ad.company.com, ad.company.com, and company.com.
  • However, if ad.company.com is the parent root domain, if using Windows 2008 or newer, it will only devolve to ad.company.com. Windows 2000 and 2003 devolved all levels, which led to some confusion.

Ethernet adapter Team 1:

• Obviously this interface is a team.

Connection-specific DNS Suffix  . :

• If this is a DHCP client, and DHCP Option 015 is configured with a domain suffix, then it will populate this value. It’s used for a specific interface that gets this configuration, such as if it is a wireless, then that value will populate the wireless connection, but not the wired connection, and will be used as suffix for identification and DNS registration only for that interface, but it is not used as a search suffix.

Description . . . . . . . . . . . : BASP Virtual Adapter

• This is the vendor brand name of the adapter

Physical Address. . . . . . . . . : 00-18-8B-47-F0-D1

• This is the MAC address of this adapter or Team.

DHCP Enabled. . . . . . . . . . . : No

• This means the NIC has a static configuration.

IP address, mask and subnet

   IP Address. . . . . . . . . . . . : 192.168.80.10
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.80.1

• In the above three values, we make sure the IP address and mask are on the same subnet as an ipconfig /all of another machine, if one was provided. You would be surprised how many times we’ve seen subnets mis-configured with an incorrect subnet mask. 

DNS Servers . . . . . . . . . . . : 192.168.80.5
                                                192.168.80.10

• What we look for with DNS address, is only to specify the internal DNS servers hosting the AD zone. If an external DNS addresses are specified, or your router’s DNS address is specified (for example, 192.168.80.1), then you should expect to see numerous problems. This is because your machine is sending the external DNS servers or your router a query whenever it tries to login, authenticate, find domain resources, etc. The external DNS servers or your router, does not have an answer when queried for internal resources. It’s the same as me asking the first person I see walking by out front of my house, “Where’s that beer that was in my refrigerator last night?” Besides the person not having an answer, he’ll probably give me a funny or dirty look. Your DNS server and DC won’t give you a funny look, but you’ll probably get some sort of error and your machine will fail to find your AD domain.
• The addresses you see listed in this example are showing that it is pointing to a partner DC as the first entry, and itself as the second entry.
  • You may also find in some configuration the loopback as the second entry. This is ok, too. DCPROMO puts in the loopback. Matter of fact, if you were to run the AD BPA, one of the things it looks for is the loopback as the second entry. You can leave it there if you like, or you can change it to the IP of itself, but if you do, just ignore the BPA’s warnings, if you were to run it again.

Primary WINS Server . . . . . . . : 192.168.80.10

• This tells me the server is running WINS. Why? Because it is pointing to itself, as it should be for a WINS server.
• If a WINS server is pointing to any other WINS servers, it will cause numerous problems with WINS record ownership.

NetBIOS over Tcpip. . . . . . . . : Enabled

• Of course this one is obvious. But here’s one for you. If you have NetBIOS disabled, but you are using WINS, what’s the point??