I'm not sure if this is the right place to ask this, if not please move this in the right session (sorry for that) Here's my situation: PC1: Windows Server 2008 with Active Directory, DHCP Server and DNS Server. 1 network Card, No Internet connection, only Domain PC2 & 3: Windows Xp. 2 network cards, 1 card directly connected to Internet via ADSL Ruoter coming from my internet provider and 1 other card connected to the domain via a Switch. On my XP Clients I have 2 item under Network Connection view, both are connected, typing "ipconfig" crom the command line i will see 2 network device with right IP addresses, subnet masks and so on, so al seems to be ok... but with Domain connection enable all internet connection on the other network card fails, if I disable Domain network connection all traffic on the other card will be ok... Recently I update my domain server (PC1) from Windows Server 2003 (that never bring up problem like this) with Windows Server 2008 rebuilding the domain from scratch... I guess that should be somthing linked to the new Operating System on PC1, maybe there's some Group Policy in my domain that block all internet connection on my clients, is there? If yes, where is it? Thank you for your help

can you confirm this is IP connectivity issue, not DNSZ-Hire -- Automate IT Account creation process ( AD / Exchange / Lync ) Z-Term -- Automate IT account termination process ( AD / Exchange )

Actually the problem is both IP connectivity and DNS... From ipconfig result it seems all ok, I can also do a ipconfig /renew getting a correct ip from my provider, but pinging www.google.com will fail without resolving the name, and pinging its ip address will fail for timeout...

You can't run a domain like that. You need to set things up properly. You do not need two network cards in the client machines. You do need to modify how DHCP works on your ADSL router (or disable it and run DHCP on the DC). Active Directory depends on DNS. If you try to set up your clients to access the Internet directly, AD will not work properly. You need to configure your guests so that they use the ADSL router as their gateway but use the DC for DNS. You then need to configure your local DNS (on the DC) to forward to a public DNS server (at your ISP or a provider like 4.2.2.2 or 8.8.8.8) so that it can resolve public URLs for itself and for its clients. Internet | ADSL 192.168.1.1 | DC 192.168.1.11 dns 192.168.1.11 dg 192.168.1.1 | | members 192.68.1.x dns 192.168.1.11 dg 192.168.1.1 Bill

I was perfectly able to browse the net and to work with AD when I used Windows Server 2003 before upgrading my domain controller to Windows Server 2008. Is 2008 different from 2003? What is changed? A part from this, I don't want DC to gain access to internet, what I need to have is a network Domain without internet access and a separate network with internet access... More over I'm not able (actually is not so easy) to bring internet conenction on the DC, due to its location; I'm not able to manage DHCP on ADSL router because it's not managed. It's not actually a real router, my ISP call it also "Home Access Gateway" but I'm not sure it is a real gateway too, it's just a box with 1 input port for net cable coming from the extrnal world and 3 net output for PCs plus 2 phone cable for voice comunication (no VoIP but analogic telephone network), also the DHCP is located in my Internet Service Provider company network and I have no way to play with it. Several years ago I've tryed to connect Windows Server 2003 Domain Controller to the router (it was more accessible than now) but it fails to gain an IP address from my ISP DHCP, I didn't play much with DC configuration, I just try to build up 2 separated network and it works, since that I never change network topology, just moving devices around rooms. Since some days ago it works fine, but I'd like to upgrade my DC from 2003 to 2008 and things doesn't work anymore...

Any other suggestion? Still looking for a solution... Problem seems to be quite random, 1 PC can access the web quite often, but the other quite often can't

Why people didn't read entire posts before reply? 1) I don't want the DC been able to surf internet it and it domain must work on an isolate network 2) The domain controller won't be active 24/7 so it can't forward internet traffic all the time to the ISP, I need XP clients able to access the web also while the DC is turned off 3) XP clients must be part of 2 separate networks with no interconnections. One network will have interent acces through my ISP and one other network will have access only to the domain 4) Last but not least, and PLEASE reply only to this question. Why Windows Server 2003 Domain Controller let this configuration works for about 6-7 years while Windows Server 2008 not? What's different in the 2 operating system? Moreover, at the moment Domain Network connection are enabled on both PC (I can ping the DC and both XP, the DNS domain works perfeclty, I can browse shared folders and printers in the domain with no prpblem) and both PC are browsing the web (it means that at the moment the problem disapear without any intervantion) but this morning the problems was present on both PCs? Please reply only to question number 4.... These kind of network configuration works for years with Windows Server 2003 and at the moment it's working perfectly, so what Bill says is completely wrong. I can run the domain configuration... but it sometimes give problem.... why?