We help IT Professionals succeed at work.

Can't browse workgroup after adding DNS Suffix

Last Modified: 2012-05-05
In our small hosting service we have a total of EIGHT multi-homed Windows 2003 Servers - two NICs each, one nic assigned one or more public IPs, the other NIC assigned a single private IP.  All are a member of the same workgroup... we'll use "MYWORKGROUP-NET" for this case.  All machines *were* able to see one another -- network browsing used to be quite fast, and very reliable.  Then I added DNS services to four of the 8 machines -- two DNS servers as non-recursive, authoritative for their zones only, and two that we consider "outbound" recursive DNS servers for all the servers to use.

The problem started (i believe) when we added the DNS servers.  On those servers, we were prompted that the server did not have a FQDN.  Made sense, have seen it before.  So we went to My Computer --> Properties --> Computer Name tab --> Change... button --> More... button --> Primary DNS suffix, and added our domain name "mydomain.net" to ALL the servers (seemed wise, since they are all servers on our Internet domain, so "why not?" :)

Now, when we try to drill down through My Network places, etc... into the workgroup, where we used to quickly and easily see all the servers, now we see a dwingling few, OR we get an "access denied" message.

Workgroup browsing (on the private NICs) is desired.  What did we break by adding the Primary DNS suffix, and how can we have our cake and eat it too?

The servers CAN see one another -- Clicking Start --> Run and typing \\servername of any of the other servers does bring up a window containing all of the shares on that server... network connectivity / firewall is NOT the issue, as this was all working before... until we added the Primary DNS suffix.


Watch Question

Top Expert 2005

Add the DNS suffix to all your workstations (or in the search path).


There are no workstations, only servers. DNS Suffix added to all - no network browsing is working at this point.
Top Expert 2005

You may want to take the DNS suffix out of where you added it and add it on the NIC (DNS suffix used by this connection).


Can't take out the DNS Suffix when you're running an authoritative DNS server.  You'll get this message:


Event Type:      Warning
Event Source:      DNS
Event Category:      None
Event ID:      414
Date:            9/28/2007
Time:            10:42:39 PM
User:            N/A
Computer:      D77Z8HD1
The DNS server machine currently has no DNS domain name.  Its DNS name is a single label hostname with no domain (example:  "host" rather than "host.microsoft.com").
You might have forgotten to configure a primary DNS domain for the server computer. For more information, see either "DNS server log reference" or "To configure the primary DNS suffix for a client computer" in the online Help.
While the DNS server has only a single label name, all zones created will have default records (SOA and NS) created using only this single label name for the server's hostname.  This can lead to incorrect and failed referrals when clients and other DNS servers use these records to locate this server by name.
To correct this problem:
  1) open Control Panel
  2) open System applet
  3) select Computer Name tab
  4) click the "Change" button and join the computer to a domain or workgroup; this name will be used as your DNS domain name
  5) reboot to initialize with new domain name
After reboot, the DNS server will attempt to fix up default records, substituting new DNS name of this server, for old single label name.  However, you should review to make sure zone's SOA and NS records now properly use correct domain name of this server.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


I'm beginning to suspect this has less to do with the DNS suffix, and more to do with LAN-based Computer Browser service.  There were a bunch of new errors in the logs related to Browsing and elections... I've chosen one of the 8 servers to be the Computer Browser for the Private LAN, and disabled Computer Browser on all others... we'll see if that clears things up.


Yeah, it's looking like the loss of browsing capabilities was a coincidence with the change of the DNS suffix... browsing is fully back now.  I don't know what was going on, but the Browse Master of this little network must have been lost for a time because of the in-fighting between the servers during "elections".  I removed the "democracy", and made one server "supreme dictator" of network browsing, and all seems to be working.  The dictator browse master will rarely be rebooted, so this should solve whatever was going on.

Thanks anyway... we'll need points refunded on this one if you agree, netman?
Top Expert 2005
Unlock this solution and get a sample of our free trial.
(No credit card required)

Gain unlimited access to on-demand training courses with an Experts Exchange subscription.

Get Access
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Empower Your Career
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE

Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a sample view!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.


Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.