Windows Server 2012 Essentials remote client loses its Internet connection, here’s your DNS-related fix

Feb 27 2013 Update: Issue is promised by Microsoft to be fixed in the next public refresh. Meanwhile, this article covers a viable workaround/tweak (not really a fix). This issue was evident in Release Candidate, and is now seen the RTM versions, but perhaps only for those who do the “skip domain join” step before installing the client connector. Scroll down to the end of the article here for all the details from Microsoft, hosts/lmhosts editing suggestions, and a lively ‘Disqus’ion below the post.

Sep 09 2012 Original Article: So, you’ve downloaded and installed the new Windows Server 2012 Release Candidate Essentials from Microsoft’s August 21st 2012 blog announcement here. And perhaps you have some clients also installed, and they run fine in your local network. But once those client connector connected PCs wander to other networks, they may find themselves in a pickle. They can’t browse the web. Turns out their DNS is pointing to your server, but they’re not on your network, so they can’t “see” your DNS server. So they’re toast. The fix is more complicated than just fixing the DNS, read on for backstory, or just jump ahead and follow along with the screenshots. And please make a comment below, to let others know of your successes (or failures). Even better, take a minute of your time to confirm with Microsoft that you’ve also had this bug bite you, just by clicking the up vote arrows and/or the “I can to” button at their site here, which looks like this: Microsoft Connect feedback

Here’s the issue. Turns out that when you install the connector, the installer routine changes just the DNS portion of your primary network connection to the IP address of your WHS2012E system, leaving the rest as DHCP. When you’re on the same network, the PC seemed to work fine after the install, and can browse the web. It’s only when it goes offsite that the trouble starts. Even if that user has Hamachi VPN installed to connect to your network, they still can’t surf. Since the Hamachi VPN service relies on DNS working as well.

If you just talk them through resetting their DNS back to DHCP, the problem will strike again in less than a day. That’s aggravating. Turns out the “Windows Server LAN Configuration” service is running on their system whenever it’s booted, user logged in or not.  And that service resets the DNS IP back to your WS2012E system’s private IP. Ouch.

This DNS issue happens even if you remove your client PC from the domain and go back to workgroup model right after installing the connector. This workgroup mode doesn’t seem to have any side effects, you can still get to network shares, do backups, use the tap-to-dial super easy VPN connection (that it set up for you) to your remote server.

If you skipped out of the domain join requirement entirely, and went with this method instead, How to skip domain joining during client deployment in a Windows Server 2012 Essentials network, I would suspect it also reconfigures your DNS. This is something I plan to confirm.

This DNS issue bit me when trying to install a remote computer that was connected to my home network via LogMeIn Hamachi VPN, where soon after the successful install and configuration, I found the network connection died. The system had gone offline in LogMeIn UI list of systems, despite the stating the system was powered up. The user also noticed the computer couldn’t browse the web, despite saying it was actually connected to the WiFi network. That was tough to troubleshoot remotely, verbally. Yeah, it’s all beta/unsupported, I realize that. My pain, your benefit, here’s my fix/workaround, that doesn’t seem to have any unexpected/adverse side-effects, hopefully helping me ride out this beta period and get some more testing/feedback done.* *A server-side fix is also being discussed with the previous release here on Microsoft’s forums, but not sure I want the remote PCs to always try to resolve through my DNS server before failing to their secondary DNS configuration, and that approach wouldn’t have help me out of the pickle I was in.


Step-by-step fix to get your client PC’s DNS back to DHCP, permanently** **Well, at least until the client connector is automatically re-installed after updates someday in the future, at which time you may need to perform this fix again. Even better would be for Microsoft to address this with a better fix, I’m reporting this to their feedback site soon of course. (update, feedback submitted here)

1) On your Windows 7 desktop or Windows 8 desktop (all the steps appear nearly identical in either OS), at the bottom-right of your Taskbar Desktop, in the Tray area, left-click the ‘Network’ icon in your system tray

 2) Left-click “Open Network and Sharing Center”:

 3) Left-click “Local Area Connection” for the Network Adapter that you’re currently using:

4) Left-click the “Properties” button:

 5) Left-click the “Internet Protocol Version 4 (TCP/IPv4)” option, then left-click the “Properties” button:

6) Note, the IP address of your Windows Server 2012 Essentials system shows up for the Preferred DNS Server, but probably don’t want that, particularly for remote computers, or that backup server isn’t left running. The fix is done by clicking on the “Obtain DNS server address automatically” option:

 7) It’ll then change to this, click the “OK” button:

 8) Click Close:

 9) Now wait about 10 seconds, and it should then say “Internet”, click the “Close” button:

 10) Notice how the connection along the top shows a solid line connected to “Internet”, you can also close this window:

11) If you have multiple network connections, say WiFi and Wired, please repeat this entire section again (back to Step 1 above), removing the fixed DNS IP for the not-currently-in-use Network Adapter as well. To get to the properties of those other adapters, click on the “Change adapter settings” link along the left edge of the Network and Sharing Center.

12) Once all network connections are fixed, In either Windows 7 or Windows 8, just press the “Windows” key, then just start typing “services.msc” (without the quotes), followed by the Enter key:

13) Scroll through the long list, looking for “Windows Server LAN Configuration” and double-left-click on it:

 14) Change “Startup type:” from “Automatic” to “Disabled” in the drop-down menu:

 15) Finally, click on the the “Stop” button, then click on the “OK” button, and you’re all done, problem resolved, and effective immediately, no reboot required:

Source: Issues With Fixed Ip Adresses? (On Client Pcs) Started by teq, Aug 30 2012 07:27 AM forum.wegotserved.com/index.php/topic/25241-issues-with-fixed-ip-adresses-on-client-pcs


Nov 20 2012: Great news, this Microsoft Connect entry was just updated: Windows Server 2012 Release Candidate Essentials remote client loses its Internet connection due to DNS issue. by tinkererguy

Here’s the excerpt, direct from Microsoft:

Posted by Microsoft on 11/19/2012 at 10:44 PM
Hi tinkererguy, Thank you very much for submitting feedback to us via Connect. Your input is very valuable to us. We are happy to inform you that the particular issue will be addressed in our next public refresh – as a result we will be closing this feedback. Best wishes, Windows Server Team

Microsoft Connect Bug ID 761868


Feb 24 2013 Update: Turns out that with Windows Server 2012 Essentials, the actual release (RTM), this DNS behavior is still very much the same right through today. The console will warn you of the potential issue, pictured below. I’ve found it safe to just ignore, since my WS2013E server is not being used for DNS services for my clients. BPA-complaint

Ignore the rule


Feb 26 2013 Update: Turns out that you may have trouble locating network shares on your WS2012E system when working remotely, using the built-in VPN. Fix is straight forward, tested it today (when working remotely). Network shares that were mapped using names (rather than IPs) began working just fine again, within about a minute. Reboot after making the changes, for a truly clean, convincing test. This does mean that your server is found via IPv4 instead of IPv6, so far, but so far, seeing no adverse side-effects of this method.

  1. Command Prompt Press ‘Alt+x’ keys, choose ‘Command Prompt (Admin)’, say ‘Yes’ to User Access Control
  2. Change Directories Assuming Windows is installed on your C: drive, type: C: cd C:\windows\system32\drivers\etc
  3. edit hosts file copy hosts hosts.bak notepad hosts add one line to the end of your hosts file, something like this (IP address of your WS2012E server, followed by a space or tab, followed by hostname): 10.10.1.100 vzilla
  4. edit lmhosts file copy lmhosts.sam lmhosts notepad lmhosts add one line to the end of your lmhosts file, something like this (IP address of your WS2012E server, followed by a space or tab, followed by hostname, careful, it’s case sensitive): 10.10.1.100 vzilla

See also Microsoft Support’s How to write an Lmhosts file for domain validation and other name resolution issues, Article ID: 180094.


Jun 18 2013 Update: The issue still exists! So this workaround is still needed, unfortunately. Even after updating to last week’s UR2 (Update Rollup 2), I had to redo the steps above, to get my DNS squared away. There is some consensus on this longstanding issue:

  1. If you’re doing the domain join skip when installing your client connectors, this workaround is probably a good idea for you, especially if your WS2012E system isn’t booted 24/7, or some client systems are remote.
  2. If you’ve joined the domain when installing your client connectors, leave it as is, discussed here.
  3. Looks like we might be waiting until the release of Windows Server 2012 R2 Essentials before this issue gets properly addressed, see also a preview release that is coming soon, discussed here.

This article, at TinkerTry.com/ws2012e-dns-fix, is apparently referenced as the workaround at the Microsoft Connect feedback site here. Even though the entry is “Closed”, I went ahead and added a comment tonight, pictured below. Details of Microsoft Connect report updated


Aug 25 2013 Update: Good news, UR3 may finally fix this issue, at last! Read all about it here: Windows Server 2012 Essentials UR3 coming soon, with the DNS fix I requested? Aug 24, 2013. See also this excellent read that Jason pointed out on the forums here, where he tips me off to this gem: Unravelling the mystery of Client DNS with Essentials family Servers Jun 17 2013 by


Nov 04 2013 Update:
New article about UR3 now out, Microsoft has acknowledged the problem, and help to (sort of) fix it:
Windows Server 2012 Essentials Update Rollup 3 has arrived, with DNS fixes by Paul Braren, Nov 04 2013.

Share Button

written by

The author didn‘t add any Information to his profile yet.

7 Pingbacks/Trackbacks

  • Drashna Jaelre (WGS)

    Instead of going to all this trouble, have you tried setting up the DHCP server to hand out the WSE2012′s IP address as the primary DNS server? That may work better, without all this …. nonsense. And you wouldn’t have to do this on each machine.

    • tinkererguy

      Hey Drashna, thank you for taking the time for some feedback.

      I was trying to talk about typical home users who have their own home routers, with DHCP leasing out their connection details. I have no compelling desire to change that. I believe I may be missing what you’re proposing, or how it’d work, and what advantages it would provide to me or them. For example, if their home’s router leases out their laptops and smart phones my (remote) DNS server’s private IP (that they cannot always see until they’re tunneled, and their smart phones can never see), and their own ISP’s DNS (or Google’s 8.8.8.8 DNS) as their secondary, why bother, what advantage does this have?

      I realize stopping a service is not ideal, and this is just a beta, and I’m glad it’s generating thoughtful conversation.

  • http://twitter.com/titlerequired Robert Pearman

    What you actually need to do is properly configure the DNS Server service to use a forwarder. In most cases where you are DNS failures like this (web browsing) the Essentials server is attempting to use root hints, and failing, or it has detected the Router and set that as a DNS forwarder. A lot of routers do not act well in this configuration. You can manually change this to your ISP’s DNS Servers and solve the problem, without the need to disable the LAN Configuration service.

    You can chose to install DHCP but in a lot of cases the will add adorinal complexity that is not required.

    • http://tinkerty.com/ Paul Braren

      Thanks for the comments Robert.

      Actually, the server itself has no trouble with web browsing, it’s DNS was happily working fine. I’m in the midst of slowly getting it rebuilt now, with the GA level code actually (I’m still on the Release Candidate).

      My issue was really just about strategy, where those family PCs that are not in my home must have DHCP enabled, and DNS fed to them from their local home’s router.

      I realize I could get proper DNS going, but I don’t wish to be the DNS admin for the whole family, whose many machines are not in my home, and shouldn’t rely on being able to get to my DNS just for basic web use. Stopping this service has worked nicely for about 5 systems already, for 3-4 months now, and counting.

      In other words, having to rely on a tunnel to get to my home’s remote DNS server is not a good option for me. That’s what this article tried to focus on, a fairly simple way to avoid the close marriage between their system and my network, for anything other than daily backups over VPN. Just have to disable a service and stop the messing around with DNS that the client connector does (that no previous home server version did), even when you tell the client code to avoid joining the domain:
      http://social.technet.microsoft.com/Forums/en-US/winserveressentials/thread/aa40963c-7235-40f7-85f5-8f8d030a7c13

      Does my perspective make sense? I do feel I missed the mark on the article, and I should probably rethink how it was written, or revisit it once I’m on the final code release with the “addressed in our next public refresh” that Microsoft has promised.

      • http://twitter.com/titlerequired Robert Pearman

        The mechanics of the LAN Configuration Service, are such, that the if the client detects the server on the LAN, (using the UPnP beacon) it finds its current IPv4 address, and sets that as it’s DNS Server. If the client does not detect the server, the theory at least, is that the LAN Config service will flip the DNS back to use the current DHCP server.

        See Sean Daniels post on 2011 Essentials:http://sbs.seandaniel.com/2011/06/basics-of-local-dns-for-small-business.html

        Because the design of the product is to be simple to use for the ‘novice’ these types of thing are done in an effort to simply, unfortunately in a lot of cases the LAN Config service is not doing that, and in that event, disabling the service is a good move, but perhaps not the ‘correct’ move.

        In an environment where you are not joining the machines to the domain it will have little effect to disable the service – assuming you can still resolve the name of the Essentials server to browse shares etc – in an environment where you _are_ domain joined, you absolutely should not do this, and instead diagnose why the LAN Config Service is not correctly moving clients back to DHCP when the server is not detected.

        Hope that helps.

  • Karl Plasser

    Thanks a lot for your workarround. I have a SBS 2011 E and exactly the same problem.
    I go with the other comments that it’s not cool having to do the workarround on every single machine. But that’s all I agree with.
    They all seem to ignore, that nowerdays most computers – at least in households and small enterprises – are notebooks and therefore mobile, meaning they change networks every now and then. So tricking with the AD-Controller won’t do the job (at least in my experience), while your’s did :-)

    • http://tinkerty.com/ Paul Braren

      So glad you took a moment to give feedback, and glad it worked out for you too!

  • digibuy

    Thanks for this article! I had the same issue, and I’m running Server 2012 Essentials RTM!

    • http://tinkerty.com/ Paul Braren

      Hey digibuy! Glad to hear this article was still of use to you.

      FYI, I noticed just today that skipping the domain join:
      http://social.technet.microsoft.com/Forums/en-US/winserveressentials/thread/aa40963c-7235-40f7-85f5-8f8d030a7c13/

      before installing the client connector seems to avoid the need for any DNS tweaks with the Release To Manufacture version of Windows Server 2012 Essentials.

      Can you confirm that you just did a normal install (no domain join skipping)?

      • http://www.digibuy.co.za/ Dovi Joel

        Hey Paul!

        Yes, I did connect that PC with a normal install.

        Incidentally, the IIS on the server broke (I think other software conflicted with the native setup, and if anyone knows how to fix it, I’ll buy them a beer), and I had to join a new PC to the domain through old method of Computer properties. Doing it that way didn’t change the DNS settings.

        Regards
        David

    • http://tinkerty.com/ Paul Braren

      Yes, I agree, I’ve since confirmed it’s true (that skipping domain join messes with DNS) for the RTM version as well, and have made appropriate adjustments to the article as well. See also:
      http://www.tinkertry.com/update-rollup-1-windows-server-2012-essentials

      Thank you!

  • Advisorbits

    I think this is a design flaw in Essentials. For a AD domain to work, there must be DNS. For DNS to work (in “modern networks where computers move between them frequently” as noted by another poster) it must be integrated with DHCP. The design of Essentials 2012 assumes that the DHCP server will be elsewhere. (It also wishes people used the dangerously insecure technology uPNP. http://www.kb.cert.org/vuls/id/347812 )

    So, for the whole design to work, EITHER the Internet facing router is insecure, or the home administrator has to know where the DHCP server is in order to change the DNS server address given to client computers.

    The DHCP server should have been left in, like it has been in SBS. I would be interested to know what the design decisions were that lead to this. (Come on… what home user sets up a Essentials 2012 server but cannot figure out how to setup DHCP?) It should be noted that the DHCP role can be added easily to Essentials if one wishes.

  • Pingback: Update Rollup 1 for Windows Server 2012 Essentials is available, testing on my busy server underway | TinkerTry IT @ home

  • Mark Berry

    Not seeing this issue here using the RTM. Haven’t applied today’s Rollup 1 yet.

    My 2012E server is a domain controller and PCs are domain-joined.

    The router provides DHCP. First DNS entry on the router points to the 2012E server.

    On the client I’m looking at, the Windows Server LAN Configuration service is running. The network card is set to get both IP and DNS via DHCP. There is no “forced” direction of DNS to point to the 2012E server, probably because it already does via DHCP.

    In a domain environment, you always want your domain controller as the first DNS entry, else all kinds of stuff starts failing (Group Policy, for example).

    If you take a domain-joined device outside the local network, it gets IP and DNS from DHCP wherever it is, but cannot access domain resources. You can log on to the device because credentials are cached. It can browse the Internet and run programs locally. You have to (and definitely should) use a tunnel to access remote (domain) resources. (Not sure about Direct Access stuff; that’s still new to me, but must be establishing some kind of tunnel itself.)

    I did remove the router from the list of DNS forwarders to resolve another issue:

    http://www.mcbsys.com/techblog/2013/02/2012-essentials-internet-connection-errors/

    Not sure how this would work without having clients on the domain, but I would give Drashna’s idea a try: set up the router of the 2012E network to hand out the 2012E address as the first DNS entry, and see if that is enough to get the LAN Configuration Service to just use DCHP for DNS. Then take a client off-site and see if it doesn’t just stay that way, i.e. no need to change the routers at other locations.

  • http://tinkerty.com/ Paul Braren

    Wow, very interesting feedback, this story just got a lot more interesting, thank you! See also my updates made to the end of this article, as well as this new article:
    http://www.tinkertry.com/update-rollup-1-windows-server-2012-essentials

    • Mark Berry

      Now that I dig into it further, I’m not sure setting the router to point to the server is a good idea. Turns out the first DNS forwarder on the server always points to the router (even if you delete it, it comes back). I’m going to try removing the server from the router’s DNS list and letting the Windows Server LAN Configuration service do its thing. I’m posting updates in the blog article linked above.

  • http://tinkerty.com/ Paul Braren

    All excellent points, thank you! See also updates I made to the end of this article, and new stories here:
    http://www.tinkertry.com/update-rollup-1-windows-server-2012-essentials/

  • Pingback: Windows Server 2012 Essentials – Connector installation | TinkerTry IT @ home

  • Pingback: Windows Server 2012 Essentials – Connector installation | TinkerTry IT @ home

  • http://TinkerTry.com/about Paul Braren
    • Alan Guggenheim

      I am running DNS and DHCP on my server and it works fine except for the issues when traveling or when the server is down, and Clients cannot access the Internet.
      Is there a way to force the Alternate DNS Server IP Address through DHCP?
      That would solve these issues more elegantly than turning off services.

  • Pingback: TinkerTry IT @ home | Superguide: Windows Server 2012 Essentials

  • Pingback: TinkerTry IT @ home | Update Rollup 2 for Windows Server 2012 Essentials is available, testing on my busy server underway

  • madbohem

    Recently set up Server 2012 and since I have been too busy to really know how to set up the server correctly, I stumbled upon this issue by accident and figured out half this fix already…

    Now after reading what you wrote, I am thinking I really want to know a bit more about Windows Server 2012 and what is the absolute best set up all together.

    If you have any useful links regarding that, I would be very grateful

  • Pingback: TinkerTry IT @ home | Windows Server 2012 Essentials UR3 coming soon, will finally include the DNS fix I requested!

  • Kory

    Error still in the release, thanks for the fix

    • http://TinkerTry.com/about Paul Braren

      Thank you for the update!
      Hoping to fully test Windows Server 2012 R2 Essentials soon, now that it’s released, which I’ve already heard has the error, but doesn’t have the service to stop, so may be forced to just hard-code DNS to 8.8.8.8 / 8.8.4.4 (Google Public DNS) and see if that gets auto-changed…

      • http://www.digibuy.co.za/ Dovi Joel

        Hey Paul!

        Have you confirmed if this is still an issue in R2? Hoping to get one up in production soon, and just started running some tests…

        • chokfulla

          Don’t see the issue in R2. Also, installed a test VM of 2012 Essentials (not R2), with DNS running, joined a computer to its domain, saw the client DNS change from DHCP to static – server IP. Connected client to a different network with no DC, just internet. Client initially got DHCP IP but not DNS. ~30 seconds later, status changed to no internet and then in another 10 seconds, back to internet access with DHCP assigned IP AND DNS. Apparently the Windows Server LAN Configuration service was working correctly on this client. IMHO, this service, running on the client, is the cause of the issues. Maybe there has been an update to this service since I observed the issues previously – Jan 2014.

          • http://TinkerTry.com/about Paul Braren

            Yeah, my focus is on folks who’d rather, for whatever reason, avoid joining the domain in the first place, which does (or did) result in the DNS issue.

            Interesting comments (about non-R2 and the service), very interesting comments. That isn’t a behavior I recall seeing, but pathes/things change, just not sure.

            FYI, I’m on R2 for quite some time now (most of this year), see also:
            http://TinkerTry.com/how-to-make-windows-server-2012-r2-essentials-client-connector-install-behave-just-like-windows-home-server

            Since writing and deploying the method I outlined in this newer article, I have over a dozen systems doing backups, some remote over Hamachi VPN autostarted, with their DNS still locally DHCP fed, despite numerous Windows updates. In other words, it’s good, one less thing for me to worry about, not needing ongoing attention (although I did have to reactivate daily backups on a few systems for mysterious reasons, but at least DNS stayed DHCP fed)

            Thank you for your thoughtful, detailed comments chockfulla!

  • Ajay Jindal

    Thanks for the article! One of clients has had this problem when using this laptop at home and I was perplexed at how the DNS kept changing back to a static one.

    • http://TinkerTry.com/about Paul Braren

      Yeah, nobody likes a mystery, at least when it comes to computers. I like detective work. It’s a lot more fun understanding what’s going on under the hood, isn’t it? Thanks for stopping by Ajay!

  • Pingback: Windows Server 2012 Essentials - Essential Tips