Solved

Unable to browse all computers on domain.

Posted on 2008-06-09
9
351 Views
Last Modified: 2010-04-18
We have a Windows server 2003 domain with two sites CS & AJ.  An AD server in the AJ site was failing so we ran dcpromo to create another DC and moved DNS and DHCP to this server.  DNS is AD integrated and is set as a Primary Server.  The old AD server at this site failed before we were abe to run dcpromo to demote it.  We then followed the MS instructions for removing it from AD with ntdsutil metadata cleanup.

The FSMO is held by a DC in the CS site.  There are currently 3 DCs in the CS site and just one in the AJ site.  There are two DNS servers at CS and all DNS servers are AD Integrated and Primary servers. Everything appears to be working OK, dcdiag doesn't show any errors and replication appears to be working correctly.  There are not relevant errors in the Event Log.  However, NTDS replication connector was not automatically created from AJ to CS (did automatically from CS to AJ) so we manually created it.  

Our problem is that SOMETIMES all computers (servers and workstations) do not show when browsing the Entire Network and selecting our domain.  Sometimes only the computers in the local site show, sometimes we see all computers in the domain and other times no computers show.  We are always able to find computers using the search option.

We have run browstat status from servers at each site and the results appear to be correct, however, I'm not sure if servers at the remote site should show up as backup browsers, i.e. if we run browstat from CS should the AJ server show as a backup browser and vice versa?

I would appreciate any advice on how to resolve this issue.
0
Comment
Question by:jpond
  • 5
  • 3
9 Comments
 
LVL 58

Expert Comment

by:tigermatt
ID: 21748903
You will need to have the Computer Browser service started on at least one server in each location, so please do that first and see what happens.
0
 

Author Comment

by:jpond
ID: 21749102
Thanks Tigermatt,
All servers including DCs are running Computer Browser service.
0
 
LVL 70

Assisted Solution

by:Chris Dent
Chris Dent earned 100 total points
ID: 21749610

'lo guys,

Do you run WINS? You will need to if you require network browsing across multiple subnets.

It would also be beneficial to get a few registry keys to ensure certain servers always win browser elections (Domain Controllers).

Specifically you want IsDomainMaster and MaintainServerList (although the latter should be default it doesn't hurt to make sure).

http://www.microsoft.com/technet/prodtechnol/windows2000serv/reskit/cnet/cnfi_brs_vcer.mspx?mfr=true

Chris
0
Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

 

Author Comment

by:jpond
ID: 21749835
Thanks Chris,

We do have WINS running but it has not picked up the new server or the recent change to FSMO.  There are very few computers showing in WINS at all.  Should this be populating automatically?

Jan
0
 
LVL 70

Expert Comment

by:Chris Dent
ID: 21749867

It should be, but only if all your network clients (and servers) are given the WINS server address. Are you handing that out with DHCP at the moment?

WINS doesn't actually populate the Browse List, but it does help the Domain Master Browser find out where other Master Browsers are so it can attempt to create a bigger list.

Chris
0
 

Author Comment

by:jpond
ID: 21749875
Hi Chris,
Is the IsDomainMaster setting used only once in a Domain and if so does that increase traffic across the WAN from the other site?  Or, can it be set at each site?  From the name I assume it is one per Domain.
Thanks, Jan
0
 
LVL 70

Expert Comment

by:Chris Dent
ID: 21749929

One per Subnet if I remember all this properly.

IsDomainMaster has two meanings.

If running on the PDC Emulator (used to be the NT 4 PDC only) it will act as a Domain Master Browser, that server is the only one that can draw together separate browse lists and combine them to present back to clients and other browse masters.

But we also want a known system to be browse master at the remote site. Setting IsDomainMaster will make it a preferred master browser. It should win any Browser Elections.

Chris
0
 

Author Comment

by:jpond
ID: 21749979
Hi Chris,
I've added the correct WINS servers to DHCP so hopefully this will help.  I'll look into your recommendation about IsDomainMaster.
Thanks, Jan
0
 

Accepted Solution

by:
jpond earned 0 total points
ID: 21905578
It seems the RAS server was conflicting with the local network adapter both trying to register same names inside WINS under different IP addresses.
As RAS and WINS installed on the same server the only real work around we found was to prevent the RAS server from registering its Netbios name with WINS through a registry setting.  Problem now resolved.  Thanks all.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
This script can help you clean up your user profile database by comparing profiles to Active Directory users in a particular OU, and removing the profiles that don't match.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question