How to fix errors when computers join the domain????

Double check your DNS settings. Make sure your primary DNS server has 127.0.0.1 as the Primary DNS in the LAN adapter settings. Are you using DHCP on a server? or a router?

we are not using DHCP everything is static

the LAN settings primary DNS is set to 127.0.0.1

i think the biggest issue that we are seeing now is when a user wants to get to a share through network neighborhood on their machine sometimes they can and others are getting the error of they do not have permissions to do this

on the primary domain controller which is also the DNS server i set the LAN settings primary DNS to 127.0.0.1, what should i set the secondary to??  my isp has a DNS server that i can put in there

ok great that is what i originally did was had the primary DNS settings on the DC which is also the DNS server set to the IP address of the server.

for my isp's DNS servers i put them into the forwarders so that anything not resolved internally goes out to them.

we only have one DNS server

what would be the cause of users not being able to navigate to the domain controller through network neighborhood on their computers??

we have no WINS servers

every computer has NETBIOS over TCP/IP enabled

this issue with network neighborhood is happening on all clients not just one or two.

i have checked all the switches that we have and they are perfectly fine.

Frzlbuck! Browsing issues are one of the hardest things to troubleshoot. Are you seeing anything in the system log of the server?  Even warnings or informational messages indicating either LSASRV or other types of issues? Any messages about forced elections on the network because something thinks it is the master browser?

i am not seeing any errors at all on the server

i do know that all the client computers are set to NETBIOS over TCP/IP,  is that the right setting on the computers??

if it is a master browser issue how do i fix that because my users have to be able to navigate from their computers to the server shares that are not mapped to them

also we did migrate from novell and all of these computers had novell clients on them, but they were cleaned off and reimaged and no novell is in any of the computers anymore

Ok to rule out DNS being the issue, I would add your DC name and the name of your domain to a HOSTS file on one of the client computers. Then reboot it a few times and confirm that the problem still exists. Your host file is located in:

C:\windows\system32\drivers\etc\HOSTS

note that the file has no file ending, open it with notepad. Once you are done it should look like this:


# Copyright (c) 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
#      102.54.94.97     rhino.acme.com          # source server
#       38.25.63.10     x.acme.com              # x client host

127.0.0.1       localhost
192.168.1.2     servername
192.168.1.2    domainname



make sure to swap out the names and IPs with your information.

ah great point.  i do know that the all the computers hosts files were statically set on the novell network when they had it and i think the hosts files are still there with novell servers in them,  could that be the issue with the network neighborhood??

ok i will do this and post again tomorrow

awesome help and i will post again tomorrow

cheers

Yes, definitely clean out those hosts files.  Regardless of DNS, WINS or anything else, the HOSTS file is checked first, so it could definitely be interfering.

Browser is one of my favorites to troubleshoot.

Is this a multi homed server?

What is your network topology, include any VPNs.

we have no VPNs available to anyone.  this server is for internal use only

If they are all on the same subnet, I think this will cover you:

For anyone with browser issues, I always provide this article as a good reference: (I think your problem is cached Netbios transports or edited and saved LMHost records.)
https://www.experts-exchange.com/questions/23316668/Cannot-Browse-Entire-Network-under-My-Network-Places.html

1) Try a NBTSAT -rr. This flushes the netbios cach, also known as the WINS cache. These cached entries may be pointing to the wrong computer.
2) Check out the problem child computer's LMHOST file and remove all entries except the loopback address.  A text editor, like notepad, can open this file. A computer will first go to the local computer's cached entries then look to the LMHOST file before using the netbios connection to your other servers for a WINS lookup or netbios broadcast.  
3) In the network bindings under TCP/IP properties>>advanced tab, make sure Netbios over TCP/IP and also allow LMHost lookup.
4) Under services, make sure the Browser Service on the server is started by going to the Start button selecting "RUN" and typing "SERVICES.MSC"
5) Make sure the registry keys allow this to participate in the browser service. You will see these registry keys in the NT4 article that was provided. (By default, the clients and servers will look to the highest operating system with roles as its domain master browser. So, that key may not need to be set.)
6) You could try to disable netbios over TCP/IP on a second NIC for a multi homed server.
7) If all that is in place, look towards a firewall. The domain master browser service uses Netbios port 137, and UDP ports138 and 139.

Here is another article for your reference, but get back in touch if you run into any snags:
https://www.experts-exchange.com/questions/23316668/Cannot-Browse-Entire-Network-under-My-Network-Places.html

ok i cleaned out the host files and put in the host file below

127.0.0.1  localhost
server ip   servername
server ip   domainname.local


so of the machines that fixed the browsing issue

on a lot of the others it did not fix anything.  and those computers i rebooted three or four times and nothing

ok great post.  it helps thank you, am i doing most of this on the computers or on the DC???

also all my computer are not on the same subnet, but it is happening on all subnets with multiple computers

i looked at the LMHost file on the computers and there is nothing in there except the default examples

 but i have to get it fixed.  please let me know if you have any other ideas.

i looked all over the server and on the computers and i see no errors or anything bad in the event logs that pertains to the master browser.

i am still looking and i will let you know if i see anything weird.  but please if you have any suggestions please let me know.

ok when i run NBTSAT -rr as suggested above i get an error that says "NBTSAT is not a recognized internal command""

any suggestions??

That was just a typo on Chief's part - it's NBTSTAT.

when i run NBTSTAT -rr on a computer it now gives me the error "failed to access NetBT driver--NetBT may not be loaded

how do i load it??

Are you logged on as admin?

Failed to access NetBT Driver - NetBT may not be loaded.

Back to the top
CAUSE
This issue occurs because users without administrator rights, including power users, do not have sufficient permissions to run nbtstat when the user includes a command-line switch.

http://support.microsoft.com/kb/888373

NBTSTAT is a tool on the 2003 support tools. Though these tools were for a 2003 server, it works with XP boxes.

LMhost.SAM file can be found in two places:
1) C:\i386\LMHOST.SAM
2) C:\windows\system32\dirvers\etc\LMHost.sam

If you have addresses configured in the host file, this will mess up your DNS settings. LMHOST is for Netbios and WINS, Host is for DNS. On both, you want the server to provide you with the translation record. But, the client will go to those records first before going to the server. Remember DNS and WINS are separate entities, so don't confuse them.

I should have mentioned that NBTSTAT and Browstat are a part of XP support tools.
You will need to download the XP SP2 support tools. It is also known as 2003 server support tools. On those tools, you will have two files you need {{download bot the CAB and MSI file}}. The tools you want are 1) browstat.exe  2) nbtstat.exe
(You may have them, try a Browstat /status)
http://www.microsoft.com/downloads/details.aspx?FamilyID=96a35011-fd83-419d-939b-9a772ea2df90&DisplayLang=en#filelist )

OK: Let's define what's done on client and what's done on server, (good question)

Client and server:
1) Remove all addressess except the loopback address in C:\i386\host.sam and C:\i386\LMhost.sam, and C:\windows\system32\dirvers\etc\LMHost.sam. These can be edited by a text editor, like notepad.
2) Go into the NIC configuration(NIC bindings)>>TCP/IP properties>>advanced>>WINS tab>>enable netbios over tcpip.
3) Go to start>>Run>>type in "services.msc" and scroll down to make sure the Browser service is set for atuomatic and is started.

On client:
Download the XP tools provided above:
Go to the command prompt and type NBTstat -rr
then type:
Browstat /status and let's see what you have.

Also check My Network places and see where you are at.

ok i ran the NBTSTAT -rr comand and everything was 0 except that the registered by broadcast was 6

the browser is set to automatic

on the server there is nothing in the host file except 127.0.0.1

should i put in

server ip  servername
server ip  domainname.local

like i did on the workstations??

When you are done with that, I'll bet you want an idea of what we are doing:

So, let me show you:

The anser to the below link is a chronology to a DNS query. WINS queries operate the exact same way.

The client will try to resolve a query, (either DNS or WINS), itself prior to seaking out your domain controller for translation to an IP. You are basically removing old records and cache from the client that may be pointed in the wron direction. When the records are removed, the client has no choice but to go to your server for the Netbios translation or DNS translation.

https://www.experts-exchange.com/questions/23204162/DNS-seems-very-slow-since-I-got-a-new-server-what's-going-on.html
Here are the subtle differences between a DNS and WINS query:
~~Instead of DNS we have WINS
~~Instead of a FQDN Host record (computername.domain.local) we have a netbios LMHost record (computername)
~~Instead of a Host file, we have a LMHost file.
~~Instead of DNS cache, we have Wins cache (AKA: Netbios cache)
~~Instead of DNS IP port 53, You have WINS IP port 137


After reading that link, this is what we are doing for DNS and WINS:
1) so we are removing Host (DNS records on the client) and LMHost (WINS records on the client) records and therefore forcing the client to go to the server for translation instead of the client taking it upon itself to figure it out.
2) We are deleting the cached records so a bad cached record can't provide you with a bad resolution.
3) We are enabling the browser service on client and server. This is the service that allows the clients and server to communicate with. The client will send out a netbios broadcast saying "I am here" and the Domain master will pick that up and populate the browselist with that, then send a broadcast back that says "I see you" so the client doesn't randomly elect a browser.
4) Finally, we are enabling netbios over TCP/IP- netbios over TCP/IP is the medium that these broadcast go over. It's like your phone line.
5) Then, I asked what your status was.

If this doesn't resolve your issue, you should look into what blocks ports 137,138 and 139. (Probably a firewall)
Or your server is multihomed. Multihomed is defined as a server with multiple IPs, (this could mean 2 or more nics, or multiple IPs on the same nic)

If you still have errors: we can troubleshoot firewall and multihomed nics together.

should i put in

server ip  servername
server ip  domainname.local

like i did on the workstations??

NO, if your workstations are on the same subnet and IP space, they should have those files cleaned out as well. Netbios broadcasts will pick them up and will be added to the browselist.

First, go to all machines and make sure the Browser service is started and all have Netbios over TCP/IP enabled. That is the medium in which they communicate. Start with the servers first. Then remove the cached and LMhost records on servers first, then clients.

ok we only have one NIC on the DC and it only has one ip

the windows firewall is the only firewall out there and it is disabled

what do i have to do on the server itself?????

should i put in

server ip  servername
server ip  domainname.local

like i did on the workstations??

i ran the browstat /status on the workstations and it will not run says bad internal command.  all the workstations have SP2 on them but i guess not the support tools

what can i do next????

i can ping by name and by ip from the server and workstations.

the only browser that i see on the workstations and the server is computer browser which is in services.

should i put in

server ip  servername
server ip  domainname.local

like i did on the workstations??

Nope, these records should not exist anywhere on ANY machine, in the Host or LMHost files. Doing so, would prevent your client, workstation, or member server from going to the prefered DNS server, or to the domain controller for the browselist. You should only use HOST and LMHOST files if you don't have a DNS server.

See DNS chronology:
If you have Host files configured on either client, workgroup computer, or server will look at those records prior to looking at the preferred DNS server's host A record. These records mess up the DNS server.

If you have LMHOST files configured, the client will skip netbios query to the DC and you will NOT get a browselist populated from the DC. Also, if you have WINS, WINS is effected the same way as DNS. WINS in your case is not necessary for the browser service.

Take all HOST files and LMHOST files back to the default state by removing all records on all computers except the loopback address. In doing so, your clients and servers will go to the PREFERED DNS AND WINS SERVER instead of trying to resolve the query on its own. The PREFERED DNS server is your server.

awesome.  ok below is what my configurations are on the server and workstations

on the server
all i did was enable netbios over tcp/ip

on the workstations
the host files have
127.0.0.1   localhost
serverip   servername
serverip   domainname.local

i ran the NBTSTAT -rr command

enabled netbios over tcp/ip

now it all works, yeah

now have said all that what stays and what goes????

You are close, but there is one more thing:

I am glad the browser service is working. However, I am pretty sure you will have DNS problems on your workgroup computers.

***These are bad records and are not needed if you have a DNS server:***
serverip   servername
serverip   domainname.local

If your workstations are using your DNS server as the prefered DNS server, You do not need or want these records. Otherwise the clients will revert to the HOST file, see those records, and think those are the only records to go by for DNS translation. With these two lines in the record, your workgroup computer will not go to the prefered DNS server to get a Host A record. It will skip your server or at the very least slow down your DNS query. I recommend you delete these two lines in the HOST files and leave DNS translation up to the DNS server.

I have workgroup computers on my LANs all the time. A prefered method to DNS on a workgroup computer is to do is go to the workstation's nic>> TCP/IP settings>>advaced>>DNS tab and type in your DNS suffix, (your FQDN Example: domainname.local). Then, click the box that says "register this connections address in DNS". Now go to the command prompt and type IPconfig /registerDNS. That creates a HOST A record for your workgroup computer in DNS. Now, domain computers can find it through DNS. And with those host file lines deleted, your workgroup can find domain computers with DNS.

Delete thse lines is the prefered method:
serverip   servername
serverip   domainname.local

Manually configured HOST files are bad JOOJOO when you have a DNS server that provides the full list of DNS addresses. Manually configured LMHOST files are bad JOOJOO when you have a WINS server or are trying to populate the browselist.

alright cool i will fix this.

so what do i do about the settings that i enabled on the server and workstations for netbios over tcp/ip???

do i leave those as is or do i change those back to the default???

awesome help

another question

in the LAN connection properties on the workstations and the DC i enabled netbios over tcp/ip is this right or do i have to change them all back to the default??

since i changed the host files on all the workstations to have
127.0.0.1   localhost
serverip   servername
serverip   domainname.local

will this mess up my AD or DNS???

in the LAN connection properties on the workstations and the DC i enabled netbios over tcp/ip is this right or do i have to change them all back to the default??

leave netbios over TCP/IP enabled. That's how you got the browser service up. That is your medium for the browser and other netbios functions.
_________________________________________________________________
since i changed the host files on all the workstations to have
127.0.0.1   localhost
serverip   servername
serverip   domainname.local

will this mess up my AD or DNS???

Just DNS: Let me give you a diagram to follow. If you have a host file configured with those two lines manually, the client will stop its DNS query at that host file and NOT go to the preferred DNS server for DNS.

Follow along with me on this pic:
Client tries to resolve DNS by istelf. It sees the Host file is configured with two lines. Client thinks this is all it has to work with whent trying to do a DNS query. So, it stops right there and comes back with an error that says something like "host can not be found or you do not have access to that resource". You do not want the host file configured so the client reaches the Prefered DNS server with its query.
DNS-query.gif

awesome.  no problem i completely understand.  great description and picture.  this really helped.

i guess the last question is since i went to local area connection---properties----advanced----WINS---enable netbios over tcp/ip is this good to leave alone or do i have to cahnge them all back to default in the WINS tab???

awesome picture and explaination

Yes:

You need netbios over TCP/IP for the browser and other netbios functions.

I should have said:

Leave Netbios over TCP/IP enabled.

awesome so i need to do then is clean the host file and the only thing that should be ion the host file on the machines is

127.0.0.1  localhost

right??  and nothing else should be there except that right???

you are the best.  awesome truely awesome help

Yep, only that loopback address:
127.0.0.1  localhost

Don't forget to register your workgroup DNS address on the server:
1)go to the workstation's nic>> TCP/IP settings>>advaced>>DNS tab and type in your DNS suffix, (Example: domainname.local).

2) Then, click the box that says "register this connections address in DNS".

3) go to the command prompt and type ipconfig /registerdns.

@ amoos: I am going to request a moderator come in and distribute points to hypercat and alikaz3 because some of the things they said prior we used in the fix to your systems. It is only fair to them.

I really appreciate the good comments. That means a lot more than points to me. Thank you!

@hypercat and alikaz3:
I hope this agrees with you all.
https://www.experts-exchange.com/questions/23503998/Will-you-help-me-be-fair-on-points.html

truely the best help i have gotten.  it was through and perfect in everyway.  thank you very much