Can't browse workgroup after adding DNS Suffix

Posted on 2007-09-28
Last Modified: 2012-05-05
In our small hosting service we have a total of EIGHT multi-homed Windows 2003 Servers - two NICs each, one nic assigned one or more public IPs, the other NIC assigned a single private IP.  All are a member of the same workgroup... we'll use "MYWORKGROUP-NET" for this case.  All machines *were* able to see one another -- network browsing used to be quite fast, and very reliable.  Then I added DNS services to four of the 8 machines -- two DNS servers as non-recursive, authoritative for their zones only, and two that we consider "outbound" recursive DNS servers for all the servers to use.

The problem started (i believe) when we added the DNS servers.  On those servers, we were prompted that the server did not have a FQDN.  Made sense, have seen it before.  So we went to My Computer --> Properties --> Computer Name tab --> Change... button --> More... button --> Primary DNS suffix, and added our domain name "" to ALL the servers (seemed wise, since they are all servers on our Internet domain, so "why not?" :)

Now, when we try to drill down through My Network places, etc... into the workgroup, where we used to quickly and easily see all the servers, now we see a dwingling few, OR we get an "access denied" message.

Workgroup browsing (on the private NICs) is desired.  What did we break by adding the Primary DNS suffix, and how can we have our cake and eat it too?

The servers CAN see one another -- Clicking Start --> Run and typing \\servername of any of the other servers does bring up a window containing all of the shares on that server... network connectivity / firewall is NOT the issue, as this was all working before... until we added the Primary DNS suffix.


Question by:funaroma
    LVL 51

    Expert Comment

    Add the DNS suffix to all your workstations (or in the search path).

    Author Comment

    There are no workstations, only servers. DNS Suffix added to all - no network browsing is working at this point.
    LVL 51

    Expert Comment

    You may want to take the DNS suffix out of where you added it and add it on the NIC (DNS suffix used by this connection).


    Author Comment

    Can't take out the DNS Suffix when you're running an authoritative DNS server.  You'll get this message:


    Event Type:      Warning
    Event Source:      DNS
    Event Category:      None
    Event ID:      414
    Date:            9/28/2007
    Time:            10:42:39 PM
    User:            N/A
    Computer:      D77Z8HD1
    The DNS server machine currently has no DNS domain name.  Its DNS name is a single label hostname with no domain (example:  "host" rather than "").
    You might have forgotten to configure a primary DNS domain for the server computer. For more information, see either "DNS server log reference" or "To configure the primary DNS suffix for a client computer" in the online Help.
    While the DNS server has only a single label name, all zones created will have default records (SOA and NS) created using only this single label name for the server's hostname.  This can lead to incorrect and failed referrals when clients and other DNS servers use these records to locate this server by name.
    To correct this problem:
      1) open Control Panel
      2) open System applet
      3) select Computer Name tab
      4) click the "Change" button and join the computer to a domain or workgroup; this name will be used as your DNS domain name
      5) reboot to initialize with new domain name
    After reboot, the DNS server will attempt to fix up default records, substituting new DNS name of this server, for old single label name.  However, you should review to make sure zone's SOA and NS records now properly use correct domain name of this server.

    For more information, see Help and Support Center at


    I'm beginning to suspect this has less to do with the DNS suffix, and more to do with LAN-based Computer Browser service.  There were a bunch of new errors in the logs related to Browsing and elections... I've chosen one of the 8 servers to be the Computer Browser for the Private LAN, and disabled Computer Browser on all others... we'll see if that clears things up.

    Author Comment

    Yeah, it's looking like the loss of browsing capabilities was a coincidence with the change of the DNS suffix... browsing is fully back now.  I don't know what was going on, but the Browse Master of this little network must have been lost for a time because of the in-fighting between the servers during "elections".  I removed the "democracy", and made one server "supreme dictator" of network browsing, and all seems to be working.  The dictator browse master will rarely be rebooted, so this should solve whatever was going on.

    Thanks anyway... we'll need points refunded on this one if you agree, netman?
    LVL 51

    Accepted Solution

    Interesting coincidence indeed.

    NetBIOS and the Master Browser do control all of this.  If elections were happening consistently, then you did the right thing by forcing it.

    Glad it's fixed.

    No issue with refund here.


    Featured Post

    Courses: Start Training Online With Pros, Today

    Brush up on the basics or master the advanced techniques required to earn essential industry certifications, with Courses. Enroll in a course and start learning today. Training topics range from Android App Dev to the Xen Virtualization Platform.

    Join & Write a Comment

    Trying to figure out group policy inheritance and which settings apply where can be a chore.  Here's a very simple summary I've written which might help.  Keep in mind, this is just a high-level conceptual overview where I try to avoid getting bogge…
    This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
    Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
    In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor ( If you're interested in additional methods for monitoring bandwidt…

    745 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    14 Experts available now in Live!

    Get 1:1 Help Now