Solved

Windows cannot browse other domain pcs but can ping them

Posted on 2008-10-08
12
655 Views
Last Modified: 2013-11-05
Hi all,

I have windows server 2003 domain server.
I have another window server 2003 which is not on the domain.
before updates on the second server..all was fine.. S2 can ping and connect and browse other domain pcs.. but after updates it is not able to do so..it can only ping but cannot access them or even see the domain in the network places.

from other pcs on the domain..we can ping and connect to that server remotly but not access it and browse it..

what is the problem ?

thanks
0
Comment
Question by:t_itanium
  • 6
  • 6
12 Comments
 
LVL 38

Expert Comment

by:ChiefIT
ID: 22667320
This is because Netbios is not routeable:
Make a WINS connection between the Domain PDCe's.

It's all right here on the below article. I call it the WINS/WAN configuration of the domain master browser>
http://www.experts-exchange.com/Software/Server_Software/File_Servers/Active_Directory/Q_23667903.html
0
 
LVL 5

Author Comment

by:t_itanium
ID: 22667403
i enabled the netbios from the NIC but still not working can you calrify more what to do
0
 
LVL 38

Expert Comment

by:ChiefIT
ID: 22667559
Let me make sure I am clear on what you want to do:
As I understand it, you have two sites (call them A and B). You want to browse comptuers on site B when on site A. Then, visa versa.

If so, you need to set up a WINS connection between the Site A master browser and Site B master browser. The reason is, netbios broadcasts are not routeable through a VPN connection.

To set up your WINS connection, follow the information on this article that tells you how to set up your browser service using a WINS connection over the WAN. This article is an all-inclusive article on the browser service.
http://www.microsoft.com/resources/documentation/windowsnt/4/server/reskit/en-us/net/chptr3.mspx?mfr=true


browser-interaction.jpg
0
 
LVL 5

Author Comment

by:t_itanium
ID: 22667617
let me explain it again.
 I have a sever connected to internet acting as web server..it has two NICs..one connected to internet and one to the domain..but it has its own workgroup.

first I can ping to the domain computers from this web server and can see the domain from networkplaces and access them from run: \\ipaddress

now after updates..i dont know what happens I can still ping the domain but not access them.



0
 
LVL 38

Expert Comment

by:ChiefIT
ID: 22673471
Go to the command prompt of your webserver and type:

Browstat Status

Post your results on EE.
0
 
LVL 5

Author Comment

by:t_itanium
ID: 22675990
well man it is showing nothing !! i tried also to save the result directly to a txt file also nothing inside..
0
6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

 
LVL 38

Expert Comment

by:ChiefIT
ID: 22676673
Well, like you said:

On the inside NIC, Enable netbios over TCP/IP (NOT Netbios over DHCP)
On the outside NIC, disable Netbios over TCP/IP.
Make sure your software firewall isn't blocking ports: 137,138, and 139
Then, go to the command prompt and type, NBTstat -RR.

0
 
LVL 5

Author Comment

by:t_itanium
ID: 22677130
thanks ChiefIT for your fast replies..

let me give you new good information after investigations.

1- although I am enabling netbios from the prorperties..it is giving disabled when writing ipconfig.all in    cmd.
2- NBTstat -RR is giving this error: Failed to access NBT drive -- NBT may not be loaded.
3- After installing the updates long time ago. I noticed that I can not access event viewer any more. access denied.

I have several ideas inmind may help you.. the update may have changed something by mistake in the security policies preventing from accessing the event viewer..the NBT service couldnot be started becuase it is trying to access the event viewer under the logon account annd couldnot..this may be the problem..how can we fix this !!??

Thanks
0
 
LVL 38

Expert Comment

by:ChiefIT
ID: 22677507
You disabled the outside NIC's ability to perform Netbios, Netbios is bound to that outside NICs transport. So, in IPconfig /all you will see netbios disabled, but in NIC configuration properties, it might be enabled. You might have to change the Netbios bind order of the nics being used.  

Now, I think you have to change the Net bios bind order. To do this go to Control pannel>>Network Connections>>Dialup connection properties>>Networking tab, WINS and change the order of what NIC is being used for Netbios.

Section 5:
http://sonic.net/support/ss/windows/xp/xp_general/dialup_settings.shtml#tw

______________________________________________________________________________

If this works for you, let's troubleshoot your event viewer problem.
0
 
LVL 5

Author Comment

by:t_itanium
ID: 22677559
HI..

I have no dialup connection both network connection..what to do>

isnt it related to security?
0
 
LVL 38

Expert Comment

by:ChiefIT
ID: 22677846
No, Netbios is binding to that outside NIC that you disabled Netbios over TCP/IP on.

Even though this is a second NIC, I assumed it was for a VPN connection and will have a "dial up connection". I know it sounds odd, because you are not dialing up to anything.

____________________________________________________________
I would like to point out something to you.

Multihomed domain controllers are problematic for this very reason. There are two defined paths to things like DNS, ICMP, and Netbios translation. Those are the protocols that are used for AD authentication, Network troubleshooting, and the browser service. So, having two NICs can really hose up a domain. If you are routing over the server, consider getting a router to do this for you. If you are not routing over the server, then consider ridding yourself of the second NIC and sticking with the internal NIC. My point is, the need for a second NIC is not very often and with these communications problems, you might consider evaluating the need for the second NIC.
______________________________________________________________________
0
 
LVL 5

Accepted Solution

by:
t_itanium earned 0 total points
ID: 23866313
sorry all for being late... nothing helped :( i tried everything ..at last i restored the whole server.
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

by Batuhan Cetin In this article I will be guiding through the process of removing a failed DC metadata from Active Directory (hereafter, AD) using the ntdsutil tool in a Windows Server 2003 environment. These steps are not necessary in a Win…
I guess it is not common knowledge to most Wintel engineers/administrators: If you have an SNMP-based monitoring system in your environment (and it's common to have SNMP or Syslog) it's reasonably easy to enable monitoring of the Windows Event logs,…
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
This video discusses moving either the default database or any database to a new volume.

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now