NetBIOS name resoltion issue in domain environment
Posted on 2006-04-01
I am desporate! I am running a windows production environment with 4 windows Server 2003 computers, three being domain controllers and one across a VPN. So basically I have two sites, site A and site B, connected by a Linux based VPN. At site A there is three Server 2003 machines (two Active Directory/DNS servers, and one exhcange/file server) and one Clark Connect Linux Gateway, which provides VPN, firewall, content filtering, etc., at site B, there is the same Clark connect box functioning as the other end of the VPN and one server 2003 domain controller/file server. At site A there is aproximately 10 workstations and one of those workstations is acting as a terminal server using the Nstation. But back to my underlying problem. After implementing the VPN between the two sites, I decided to allow the computers in site B to be able to browse the computers in site A through my network places by enabling a WINS server on server01, the first domain controller in site A (I should note here that the Clark connect linux box is providing DHCP for both locations). I knew that because DHCP was on the CC linux box I would have to manually configure all the clients to use the WINS server. Well, somewhere along these lines, somthing when catastrophically wrong. None of the computers in site A were able to browse the network anymore getting the error message when trying to browse the workgroup "brodienet (my active directory domain name) is not accessable. you might not have permission to access this network resource. Contact the administrator of this server to find out if you have access permissions. Windows cannot find the network path. Verify that the network path is correct and the destination computer is not busy or turned off. If windows still cannot find the network path, contact your network administrator" So immediately, I uninstalled WINS and undid all of the changes I made. Furthurmore, the Server 2003 machine at site B (the only machine configured to use WINS at site B) could not browse site A, although it could access the workgroup and browse it own shared folders. But even after everything was undone, and all the computers were told not to use the WINS server (I should also mention that I discovered the problem before enabling WINS on two computers, and even then, they could not browse the network), the network was not able to be browsed and the same error message as above came up every time. The only exception was server01, this server was able to browse all the computers and the workgroup at site A just fine (it is also the origional server WINS was on and the Primary domain controller, the first server active directory was installed on). Distraught, I did my fair share of research, using utilities such as nbtstat, and browstat from the support tools, and got results that I am not exactly sure of. I do know that the -MsBrowse- registrant is registered in the nbtstat -n table on server01 in site A, and server04 in site B, that entry is only on those two computers. From my research, I believe these signify these computers as browse masters. I should also note that even the other servers are not able to browse the network. I can ping all the computers by IP address, DNS name, and NetBIOS name, although when I use windows XP's computer search tool and search for server01, I get no results. All the other computers I can search for and they show up. I can access all shares on all computers and servers by using UNC (\\servername\sharename), even server01 which does not show up when I search for it. There is two constantly recurring errors in the event viewer of the workstation I am using now, event ID 8032 and event ID 8021 which microsoft claims to indicate poor network health. Conectivity to all the computers NetBIOS port has been somewhat verified using a utility called nmap from insecure.org. As far as security products go, it is Symantec Antivirus Corporate edition 8, and it has been used from the beginning and the firewall portion of the product was not installed. Speaking of firewalls, windows XP's firewall has been disabled on all clients because it interfered with the Symantec client communication to the server (server01), again, all these products were used well before I had this problem. I can provide nbtstat and browstat information upon request aswell. From my research I suspect eiter a communication problem or more likely a browse master or browser problem. Remember, all these events took place after I installed WINS and eventually uninstalled it. That about wraps it up, I appriciate anyone who attemps to try and solve my problem as, really, I'm in a bad spot right now! THANK YOU!!!
P.S. Just to clarify, I don't mind if the solution involves re-enabling WINS or just using plain NetBIOS