Solved

Network Discovery - Each network in the domain seems isolated after switching to Windows Server 2008 AD

Posted on 2009-07-08
8
325 Views
Last Modified: 2012-05-07
We recently replaced our Windows Server 2003 Active Directory with a Windows Server 2008 one.

The problem we're facing is that suddenly each network seems isolated (in the Microsoft Windows Network domain) and workstations/servers can only see their own network (for example 192.168.2.* can only see PCs on the 192.168.2.* and so on).

This doesn't affect the overall network since most of the services between servers and workstations work fine but certain software rely on the Windows Network to discover PCs (most importantly McAfee ePolicy orchestrator).

I'm not pointing the Windows Server 2008 AD as the source of the problem but it immediately occurred after switching to the new AD.
0
Comment
Question by:fbmeit
  • 4
  • 2
8 Comments
 
LVL 58

Expert Comment

by:tigermatt
ID: 24803202

The information you've given seems to imply that it is NetBIOS browsing which is failing. If most services are working and being routed correctly between subnets, then it is not a network issue.

Standard NetBIOS announcement broadcast traffic does not cross between subnets, so the browse list from one subnet will not present itself to another.

To resolve this issue, you'll need to install the WINS Server role onto one of your servers. You then point (through DHCP for dynamic addressed clients) all the workstations and servers at the WINS server, and you should find your browse list comes back properly.

I expect the migration of servers failed to migrate WINS, which would explain this issue.

-Matt
0
 
LVL 17

Expert Comment

by:OriNetworks
ID: 24811079
Can you ping between subnets by ip address?

Maybe a firewall issue?
You can try temporarily disabling the upgraded servers firewall since on 2008 it is turned on by default.

What was doing the routing of traffic between the subnets before the upgrade?
0
 
LVL 1

Author Comment

by:fbmeit
ID: 24811224
We can ping between subnets with no problem and its not a WINS either.
The problem should be something on the active directory, as after the movement of FSMO roles from 2003 to 2008 the issue started.
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 58

Accepted Solution

by:
tigermatt earned 500 total points
ID: 24817880

None of the 5 FSMO roles do any form of tracking of network browsing themselves, although it is quite common for the holder of the PDC Emulator role to be nominated the 'Master Browser' for the domain automatically.

On the PDC Emulator role holder, check the Computer Browser service is set to 'Automatic' and is Started. This maintains the browse lists so must be running at all times.

If you wish to obtain browsing across subnets - or you have some sort of routing device between two segments of the network - a WINS server is required because the broadcast traffic cannot cross the subnet-boundaries and is not relayed by any routers.

-Matt
0
 
LVL 1

Author Comment

by:fbmeit
ID: 24970763
Eventually the problem has nothing to do with Netbios, Nothing to do with WINS, the issue was resolved by enabling the Computer Browser service from windows services.
0
 
LVL 58

Expert Comment

by:tigermatt
ID: 24971334
"...the issue was resolved by enabling the Computer Browser service from windows services..."

That is what I stated in my comment http:#a24817880:

"...check the Computer Browser service is set to 'Automatic' and is Started..."
0
 
LVL 58

Expert Comment

by:tigermatt
ID: 24978684
Objecting per my last comment (http:#a24971334)
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Remove Extension 3 36
Windows 2012 PKI in a hybrid org 3 47
non-domain members are not prompted for credentials 18 35
Robocopy all drives in windows 2 21
The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
This tutorial will show how to push an installation of Backup Exec to an additional server in both 2012 and 2014 versions of the software. Click on the Backup Exec button in the upper left corner. From here, select Installation and Licensing, then I…
This tutorial will walk an individual through locating and launching the BEUtility application and how to execute it on the appropriate database. Log onto the server running the Backup Exec database. In a larger environment, this would generally be …

805 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question