browstat returning different results when run agains domain and domain.net

I am using browstat.exe to test the browser configuration on our network and I get different results depending if I add .net to the domain or not.

Browstat status domain returns

Status for domain domain on transport \Device\NetBT_Tcpip_{D5445D2E-6909-4A55-BD58-A0ECC5590156}
    Browsing is active on domain.
    Master name cannot be determined from GetAdapterStatus.  Using \\PSTEST
        Master browser is running build 3790
    3 backup servers retrieved from master PSTEST
        \\PSTEST
        \\XAVIER
        \\SESKA
    There are 545 servers in domain daiglobal on transport \Device\NetBT_Tcpip_{D5445D2E-6909-4A55-BD58-A0ECC5590156}
    There are 7 domains in domain daiglobal on transport \Device\NetBT_Tcpip_{D5445D2E-6909-4A55-BD58-A0ECC5590156}


Browstat status domain.net returns

Status for domain domain.net on transport \Device\NetBT_Tcpip_{D5445D2E-6909-4A55-BD58-A0ECC5590156}
    Browsing is NOT active on domain. Status : 6118
    Master name cannot be determined from GetAdapterStatus.

Our domain is domain.net

I am running this check because about two weeks ago some users started being able to browse the network, some computers started trying to authenticate to DCs in other sites, and some computers could not find the domain when attempting to join the domain (sorry exact error not available yet as I am getting the info second hand).

Our network consists of all Windows 2003 domain controllers spread out in about 100 sites world wide.

Any one have any idea on the browser problem?

eb
LVL 23
Erik BjersPrincipal Systems AdministratorAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

oBdACommented:
This is not a browser problem, this is as it should be.
The browser service dates back to NT4, it knows exactly nothing about AD (and it's in fact not even required in an AD unless you still have NT4 clients and if you can live without the network neighborhood).
The browser list will be built for the *NetBIOS* domain name (as this is all the browser service is aware of), never for your AD domain name.
Not being able to find the domain is usually DNS related; check the articles below for the proper configuration.
Authenticating in other sites can happen if the sites aren't configured correctly, or based on DNS problems as well.

10 DNS Errors That Will Kill Your Network
http://redmondmag.com/features/article.asp?EditorialsID=413

Frequently asked questions about Windows 2000 DNS and Windows Server 2003 DNS
http://support.microsoft.com/?kbid=291382

Best practices for DNS client settings in Windows 2000 Server and in Windows Server 2003
http://support.microsoft.com/?kbid=825036
0
Erik BjersPrincipal Systems AdministratorAuthor Commented:
what you said about the browser service makes sense, hadn't thought about that.

As far as DNS problems, I can rule those out.  Nslookup returns the correct IP addresses for the domain, when pinging the domain the DC in the site responds (you change sites and the DC from the new site responds).  %logonserver%s shows the correct DC for the site.

So basically everything looks like it is working correctly, there is nothing in any of the logs, but there is a problem and it just started a few weeks ago.

eb
0
oBdACommented:
Neither of those methods will reliably tell you whether DNS is configured correctly.
In short: Nowhere in your domain may external DNS servers appear except for the Forwarders tab in the properties of your DNS servers, full stop. "External DNS" means any DNS server that is not authoritative for your AD domain name (including DNS servers on routers or the like).
nslookup doesn't verify this, ping doesn't verify this, %logonserver% doesn't verify this.
Check these for more troubleshooting (verify SRV entries in DNS, dcdiag.exe, netdiag.exe):
How to Verify the Creation of SRV Records for a Domain Controller
http://support.microsoft.com/?kbid=241515

SRV Resource Records May Not Be Created on Domain Controller
http://support.microsoft.com/?kbid=239897


How Domain Controllers Are Located in Windows XP
http://support.microsoft.com/?kbid=314861

HOW TO: Use the Network Diagnostics Tool (Netdiag.exe) in Windows 2000
http://support.microsoft.com/?kbid=321708

Do not install the Support Tools from your installation CD, some tools were updates by the Service Packs. Here are the current versions:

Windows Server 2003 Service Pack 1 32-bit Support Tools
http://www.microsoft.com/downloads/details.aspx?FamilyID=6ec50b78-8be1-4e81-b3be-4e7ac4f0912d&displaylang=en

Windows Server 2003 Service Pack 2 32-bit Support Tools
http://www.microsoft.com/downloads/details.aspx?FamilyID=96a35011-fd83-419d-939b-9a772ea2df90
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Erik BjersPrincipal Systems AdministratorAuthor Commented:
Our DNS is configured correctly, netdiag and dcdiag both come back clean.  The only place external DNS servers are used are as forwarders.  All SVR records are in place.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Networking

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.