Solved

Cannot browse workgroup computers or domain computers on SBS2003 domain

Posted on 2006-06-13
10
1,069 Views
Last Modified: 2008-01-09
Hi all,

I replace a  Win2000 domain w/ a Win2003 SBS domain a while back, but have yet to solve a problem with browsing on the network.
Originally, all 4 clients could browse with no problem, now all 4 clients (or any machine connected to the network as part of ANY workgroup) allways get the same error message when simply browsing the network in Windows (all clients are either WinXP or Win2K).

"JoeDomain is not accessible. You might not have permission to use this network resource. Contact the administrator of this server to find out if you have access permissions.

No more connections can be made to this remote computer at this time because there are already as many connections as the computer can accept."

On Win 2000 networks, I don't recall ever needing permission to see the network computers (regardless of whether they are in a domain or workgroup).
None of the clients even get a chance to see a listing of the available workgroups or domains (there are 2 workgroups and 1 domain).

Somehow, SBS has completely taken over the network browsing ability of ANY client.

The only machine that can browse the network is the SBS2003 server itself.  It also makes no difference whether the client(s) are logged into the domain or logged into the workstation - no one can browse.

Mapping drives works fine.
TCP/IP forward and reverse resolution works just fine.
The only thing is that browsing stopped once SBS2003 became the DC (so it appears to be a "feature" of SBS2003 )

Windows IP Configuration

        Host Name . . . . . . . . . . . . : delta
        Primary Dns Suffix  . . . . . . . :
        Node Type . . . . . . . . . . . . : Unknown
        IP Routing Enabled. . . . . . . . : No
        WINS Proxy Enabled. . . . . . . . : No
        DNS Suffix Search List. . . . . . : joedomain.local

Ethernet adapter Local Area Connection:

        Connection-specific DNS Suffix  . : joedomain.local
        Description . . . . . . . . . . . : Intel(R) PRO/100 VE Network Connection
        Physical Address. . . . . . . . . : 47-A8-A2-00-03-3D
        Dhcp Enabled. . . . . . . . . . . : Yes
        Autoconfiguration Enabled . . . . : Yes
        IP Address. . . . . . . . . . . . : 192.168.1.15
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 192.168.1.1
        DHCP Server . . . . . . . . . . . : 192.168.1.250
        DNS Servers . . . . . . . . . . . : 192.168.1.250
        Lease Obtained. . . . . . . . . . : Tuesday, June 13, 2006 1:00:11 AM
        Lease Expires . . . . . . . . . . : Wednesday, June 21, 2006 1:00:11 AM



If this is a license issue (there are 5 client licenses and 4 domain clients), then maybe it's not installed correctly.  But why on Earth would SBS kill browsing for non-domain machines?

0
Comment
Question by:simplyamazing
  • 6
  • 4
10 Comments
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 16898121
Is this the IPCONFIG of your server? or a workstation?

But the bigger question is, "How did you "replace" the domain"?  You cannot just add an SBS to a network, it must be installed as the root of the forest and the holder of all FSMO roles.  (what used to be called a Primary Domain Controller).  SBS has very specific deployment requirements and it's important to follow all instructions regarding any sort of migration from a previous domain.  There is a specific paper about migrating from a Windows 2000 domain which you can find here:  http://sbsurl.com/migrate.

If you did not follow that procedure, then there may be many more issues than just browsing the network.

Specifically, workstations must be joined to an SBS domain using the connectcomputer wizard.

I'd suggest that you review http://sbsurl.com/itpro and you can find all sorts of documentation at http://sbsurl.com/techguide

Jeff
TechSoEasy
0
 

Author Comment

by:simplyamazing
ID: 16899398
That is a workstation IPCONFIG.
The SBS Server was a new domain and holder of all the FSMO roles.  
I knew SBS was handicapped, so I did not take any chances and built an entirely new domain. It was not transferred.
The installation is a "default" installation and I followed all the wizards, though it's had errors since its first virgin install so I figure either I did the wizards in the wrong order.  Who knows?
I've never dealt with SBS before, so I am sure my ignorance of all the features that were removed from the standard server version has a lot to do with many of these problems as I set it up as if it were a large company
I've run dcdiag and addiag - no errors (though the 1058 and 1030 errors still keep coming up!) - go figure.

I've never heard of a "connectcomputer" wizard.  My real point is that I have 2 machines that are in a workgroup that is completely different than the domain - they will NEVER login to the server.  But SBS makes an assumption that they will and somehow blocks these computers from seeing the network (workgroups, domains, printers, anything).  Is this the way it's supposed to work?
This makes no sense at all to me.

I'll check out your links.

Thanks


0
 

Author Comment

by:simplyamazing
ID: 16899519
Those links basically answered my question.  It does consider all devices on that network to be a client, regardless.
I'll just break up the network into 2 subnets, 1 for SBS, 1 for everything else. (hopefully this will work)
0
 
LVL 74

Accepted Solution

by:
Jeffrey Kane - TechSoEasy earned 500 total points
ID: 16900715
First of all, SBS is not handicapped... and there are NO features that are removed.  The ONLY limitations that SBS has are these:

There can be only ONE SBS on a network and it must be the root of the forest and hold all FSMO roles
You can't establish trusts with other domains
All components must be installed on one machine
Maximum 75 users or devices

That's it.

When you compare that to the features offered by SBS as well as the savings of being able to manage everything together, it's hardly a "limitation".  Especially since none of those items matters much at all to a company with 25 employees.

As for your workgroup machines?  There is absolutely NO problem having those on an SBS network.  There are usually two reasons that 1030 and 1058 come up and they are covered here:
http://support.microsoft.com/kb/888943
http://support.microsoft.com/kb/839499

My guess is that 839499 is whats causing your problem, because SBS does not block machines from seeing the network...

I would suggest that you follow the KB, and that you also name your workgroup the same as your domain and then if you use DHCP the machines will get the appropriate WINS information from the SBS.

Jeff
TechSoEasy
0
 

Author Comment

by:simplyamazing
ID: 16903519
Thanks again.  
The 1058 issue is because the "\\joedomain.local\sysvol" cannot be reached by the server itself (looks like a DNS problem because "\\omega\sysvol"  is readily accessible )
I can ping "joedomain.local" fine, so it's resolving correctly. (omega is name of the server)

The share security and folder security for "sysvol" share and folder are set to Administrators=Full, Authenticated Users=Full, Everyone=Read  (the default setup).

The WINS was not installed - I'll install it and try again.

I did a little test with SBS running and not running.  When it is running, non-domain workstations (that have never joined the domain before - ie brand spankin' new) cannot browse network neighborhood.
After shutting down SBS, the workstations can browse again.
I'll try removing the DNS server address from the workstations (maybe SBS requires a license for each DNS query?)

As far as the 1030/1058 errors and the group policy (which I can't change as the snap-in does not work either), the drive mapping will suffice until I completely rebuild the server from scratch to get it to work correctly (I've learned my lesson to ONLY use wizards for SBS from now on ;).
 
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 16903628
I should have noticed in your IPCONFIG above that you didn't have a WINS server listed... you souldn't have to install it... it should already be installed.  But you will have to designate it in the NIC settings.  After doing that, rerun the CEICW to get everything else configured properly with it.

The reason that the workstations can't browse network neighborhood is WINS again.  When the SBS is running they are using DNS, but when it's not they need WINS which you don't have configured.

Legend has it that you will only get SBS to work after your THIRD install.  (It took me four times).

Jeff
TechSoEasy
0
 

Author Comment

by:simplyamazing
ID: 16903866
It's a WINS thing then, I've never used WINS before - never needed to with the standard and enterprise editions before, at least not to browse (I thought MS was going to get rid of WINS once and for all).

This will be the third install (the first one, I really botched).

Thanks again for all the input.
0
 

Author Comment

by:simplyamazing
ID: 16904528
I thought wrong.  I'm just going to reinstall the whole thing (the time I've wasted on SBS has now exceeded the cost savings - geez!)
0
 

Author Comment

by:simplyamazing
ID: 16906067
I figured it out.  I disabled the other network card and all the errors went away.
Apparently, SBS did not know where to look for the domain name, so it was picking the wrong NIC.
(The DNS Server appeared to be set up correctly and did reverse lookups without any problems on both NICs, but it appears that the NIC chosen by windows when the file share was created was the NIC w/ file sharing turned off - counter-intuitive, but maybe on the next version of server, MS could provide a way to pick which NIC goes with which share).

The reason for the additional NIC was to be able to have a backup "backbone" (just like a SAN, but w/o the insane cost) completely isolated from the regular network (I do this at the datacenters as well for both speed and security) - SBS must be designed to prevent this configuration as well, but I have no more time to mess with it.
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 16908054
It's actually the binding order of your NICS, which you can change in Network Connections > Advanced > Advanced Settings.

If you have two nics, then you need to configure your SBS according to this recommendation:  http://sbsurl.com/twonics

The cost savings is long term if you configure it properly.

Jeff
TechSoEasy
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

A lot of problems and solutions are available on the net for the error message "Source server does not meet minimum requirements for migration" while performing a migration from Small Business Server 2003 to SBS 2008. This error pops up just before …
I've often see, or have been asked, the question about the difference between the Exchange 2010 SP1 version, available as part of Small Business Server (SBS) 2011, and the “normal” Exchange 2010 SP1 Standard. The answer to the question is relativ…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now