Solved

Network Discovery - Each network in the domain seems isolated after switching to Windows Server 2008 AD

Posted on 2009-07-08
8
332 Views
Last Modified: 2012-05-07
We recently replaced our Windows Server 2003 Active Directory with a Windows Server 2008 one.

The problem we're facing is that suddenly each network seems isolated (in the Microsoft Windows Network domain) and workstations/servers can only see their own network (for example 192.168.2.* can only see PCs on the 192.168.2.* and so on).

This doesn't affect the overall network since most of the services between servers and workstations work fine but certain software rely on the Windows Network to discover PCs (most importantly McAfee ePolicy orchestrator).

I'm not pointing the Windows Server 2008 AD as the source of the problem but it immediately occurred after switching to the new AD.
0
Comment
Question by:fbmeit
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
8 Comments
 
LVL 58

Expert Comment

by:tigermatt
ID: 24803202

The information you've given seems to imply that it is NetBIOS browsing which is failing. If most services are working and being routed correctly between subnets, then it is not a network issue.

Standard NetBIOS announcement broadcast traffic does not cross between subnets, so the browse list from one subnet will not present itself to another.

To resolve this issue, you'll need to install the WINS Server role onto one of your servers. You then point (through DHCP for dynamic addressed clients) all the workstations and servers at the WINS server, and you should find your browse list comes back properly.

I expect the migration of servers failed to migrate WINS, which would explain this issue.

-Matt
0
 
LVL 17

Expert Comment

by:OriNetworks
ID: 24811079
Can you ping between subnets by ip address?

Maybe a firewall issue?
You can try temporarily disabling the upgraded servers firewall since on 2008 it is turned on by default.

What was doing the routing of traffic between the subnets before the upgrade?
0
 
LVL 1

Author Comment

by:fbmeit
ID: 24811224
We can ping between subnets with no problem and its not a WINS either.
The problem should be something on the active directory, as after the movement of FSMO roles from 2003 to 2008 the issue started.
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 58

Accepted Solution

by:
tigermatt earned 500 total points
ID: 24817880

None of the 5 FSMO roles do any form of tracking of network browsing themselves, although it is quite common for the holder of the PDC Emulator role to be nominated the 'Master Browser' for the domain automatically.

On the PDC Emulator role holder, check the Computer Browser service is set to 'Automatic' and is Started. This maintains the browse lists so must be running at all times.

If you wish to obtain browsing across subnets - or you have some sort of routing device between two segments of the network - a WINS server is required because the broadcast traffic cannot cross the subnet-boundaries and is not relayed by any routers.

-Matt
0
 
LVL 1

Author Comment

by:fbmeit
ID: 24970763
Eventually the problem has nothing to do with Netbios, Nothing to do with WINS, the issue was resolved by enabling the Computer Browser service from windows services.
0
 
LVL 58

Expert Comment

by:tigermatt
ID: 24971334
"...the issue was resolved by enabling the Computer Browser service from windows services..."

That is what I stated in my comment http:#a24817880:

"...check the Computer Browser service is set to 'Automatic' and is Started..."
0
 
LVL 58

Expert Comment

by:tigermatt
ID: 24978684
Objecting per my last comment (http:#a24971334)
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
For anyone that has accidentally used newSID with Server 2008 R2 (like I did) and hasn't been able to get the server running again because you were unlucky (as I was) and had no backups - I was able to get things working by doing a Registry Hive rec…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

729 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question