intruderblue
asked on
How do I configure my domains so that I can see them with network places
I have a 2 domains each running windows 2000 server.
They are connected with VPN
The ips scopes are different for each 192.168.1 and 192.168.2
I can ping the remote site and workstations
I can connect to the domain and computers with unc (\\computer name.domain)
I have AD, DNS and DHCP set up on each domain
I have established a secondary dns forward lookup of the remote domain and did the same for the local.
What I can't do is see the network on the my network places.
Can anyone help?
intruderblue
They are connected with VPN
The ips scopes are different for each 192.168.1 and 192.168.2
I can ping the remote site and workstations
I can connect to the domain and computers with unc (\\computer name.domain)
I have AD, DNS and DHCP set up on each domain
I have established a secondary dns forward lookup of the remote domain and did the same for the local.
What I can't do is see the network on the my network places.
Can anyone help?
intruderblue
ASKER
NetBios ports are open. Our SonicWall appliance that runs the VPN on both sites has an option to allow netbios thru. This is selected for both sites. In addition I set up a rule on the firewall to allow this port to be open on the Lan to VPN tunnel
Doug
Doug
Sorry - I had meant to add that you might try using a wins server in conjunction with this, are you running wins at all?
Deb :))
Deb :))
ASKER
I thought that if DNS is set up correctly it would resolve the names and that WINS would not be necessary.
I just downloaded a tool called nbtscan that scans the netbios ports on the network. I tried it and it shows all the ip's, domain\computername as well as what user is logged on.
I also checked it over my remote connection and it worked as well.
This tool is similar to nbtstat but it will scan multiple computers instead of just one.
I checked my logs on both firewalls to see if any 137 - 139 ports were being dropped and they aren't
I does show that DNS on port 53 is allowed
I just downloaded a tool called nbtscan that scans the netbios ports on the network. I tried it and it shows all the ip's, domain\computername as well as what user is logged on.
I also checked it over my remote connection and it worked as well.
This tool is similar to nbtstat but it will scan multiple computers instead of just one.
I checked my logs on both firewalls to see if any 137 - 139 ports were being dropped and they aren't
I does show that DNS on port 53 is allowed
Hi
The problem's with computer browser service - Using wins was the only way I could get browsing working on our network through network places across a site-to-site vpn. We have wins server running on both site servers, and replicating across it,
What is the Microsoft Computer Browser service?
http://www.petri.co.il/what's_the_microsoft_computer_browser_service.htm
Deb :))
The problem's with computer browser service - Using wins was the only way I could get browsing working on our network through network places across a site-to-site vpn. We have wins server running on both site servers, and replicating across it,
What is the Microsoft Computer Browser service?
http://www.petri.co.il/what's_the_microsoft_computer_browser_service.htm
Deb :))
ASKER
i set up the wins server on each site and they have replicated to the other site.
I ran the find by name and it listed the computers from both domains.
I would assume that it is working correctly.
I also check the DNS records in the event logs and they show that the dns is being replicated to the opposite site with out error.
Doug
I ran the find by name and it listed the computers from both domains.
I would assume that it is working correctly.
I also check the DNS records in the event logs and they show that the dns is being replicated to the opposite site with out error.
Doug
ASKER
I am checking on the browstat utility to verify what master browser I have.
Doug
Doug
ASKER
This the information that I got after running browstat.exe to check what my master browser was.
Status for domain WCS on transport \Device\NetBT_Tcpip_{F2D16
E8EE64FC9FE9}
Browsing is active on domain.
Master browser name is: SERVER
Master browser is running build 2195
1 backup servers retrieved from master SERVER
\\SERVER
There are 33 servers in domain WCS on transport \Device\NetBT_Tcpip_{F2D16
6-1100-4872-BB6D-E8EE64FC9
There are 2 domains in domain WCS on transport \Device\NetBT_Tcpip_{F2D16
-1100-4872-BB6D-E8EE64FC9F
C:\>
I don't know why it shows that I have 33 servers in the domain.
I have two servers on this site.
I still can't view the other remote domain with network neighboorhood.
Doug
Status for domain WCS on transport \Device\NetBT_Tcpip_{F2D16
E8EE64FC9FE9}
Browsing is active on domain.
Master browser name is: SERVER
Master browser is running build 2195
1 backup servers retrieved from master SERVER
\\SERVER
There are 33 servers in domain WCS on transport \Device\NetBT_Tcpip_{F2D16
6-1100-4872-BB6D-E8EE64FC9
There are 2 domains in domain WCS on transport \Device\NetBT_Tcpip_{F2D16
-1100-4872-BB6D-E8EE64FC9F
C:\>
I don't know why it shows that I have 33 servers in the domain.
I have two servers on this site.
I still can't view the other remote domain with network neighboorhood.
Doug
Ah
That's probably due to any machine being able to be browse master in an election. Basically browser elections can be a pain on any network, so you can set a registry key on client pc's to prevent them winning a browser election (IsDomainMaster value set to No or False). However if you're not getting any problems with elections (you'll see them in event logs) then leave it as it is. The dc should be automatically browser master, so you shouldn't need to change anything on it. You also need to make sure that wins servers are replicating across the sites - am not at work right now so haven't got direct access, but the wins article is pretty good,
Controlling network master browser elections
http://www.sanx.org/tipShow.asp?articleRef=121
"To control network master browser elections:
Use a registry editing tool to navigate to the following key:
HKEY_LOCAL_MACHINE\SYSTEM\
Insert or change a value with the following details:
Data Type: SZ
Value Name: IsDomainMaster
Value:
Yes: Is the master browser
No: Is not the master browser
Auto: Resolve through browser elections (default) "
Windows 2000 WINS
http://www.serverwatch.com/tutorials/article.php/10825_1472611_1
Deb :))
That's probably due to any machine being able to be browse master in an election. Basically browser elections can be a pain on any network, so you can set a registry key on client pc's to prevent them winning a browser election (IsDomainMaster value set to No or False). However if you're not getting any problems with elections (you'll see them in event logs) then leave it as it is. The dc should be automatically browser master, so you shouldn't need to change anything on it. You also need to make sure that wins servers are replicating across the sites - am not at work right now so haven't got direct access, but the wins article is pretty good,
Controlling network master browser elections
http://www.sanx.org/tipShow.asp?articleRef=121
"To control network master browser elections:
Use a registry editing tool to navigate to the following key:
HKEY_LOCAL_MACHINE\SYSTEM\
Insert or change a value with the following details:
Data Type: SZ
Value Name: IsDomainMaster
Value:
Yes: Is the master browser
No: Is not the master browser
Auto: Resolve through browser elections (default) "
Windows 2000 WINS
http://www.serverwatch.com/tutorials/article.php/10825_1472611_1
Deb :))
ASKER
I restarted a client computer and opened up Network Places and viewed entire network.
Both domains showed up.
I clicked on the remote domain and got a message.
"Matmor is not accessible
The list of servers for this workgroup is not currently available".
OK
Matmor is the name of the remote domain
When I clicked ok and then exited out and back in to this network browser the domain was gone.
Each time I restart the computer it does the same.
Any Ideas why it shows the network but will not list the servers or client on the network?
Doug
Both domains showed up.
I clicked on the remote domain and got a message.
"Matmor is not accessible
The list of servers for this workgroup is not currently available".
OK
Matmor is the name of the remote domain
When I clicked ok and then exited out and back in to this network browser the domain was gone.
Each time I restart the computer it does the same.
Any Ideas why it shows the network but will not list the servers or client on the network?
Doug
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Assuming it's a secure site to site vpn - look at permitting traffic over the vpn from both sites using netbios, and enabling netbios over tcp/ip on nics. It resolved our network browsing issue,
UDP ports
137: NetBIOS name resolution (name service), WINS
138 and 139: NetBIOS datagram (browsing)
TCP port
139: NetBIOS session (NET USE)
Deb :))