servers on different subnets cannot see all other computers in dom

Discussion in 'Windows Networking' started by snurge, May 10, 2006.

  1. snurge

    snurge Guest

    We have 6 different sites that all operate on their own different subnets.
    these sites are connected together via a fixed lines and can fully
    communicate with each other subnet but when you open the network on each
    local site, it will only show the computers located within its own subnet.
    Each site has its own dhcp server.
    we have dns/wins servers located at one site only and every machine points
    to these.
    there is no name resolution problems.
    we are on AD with 2003 on each server.

    I would like to be able to see all computers in the domain within network
    neighbourhood but cannot find a way to correct this.

    Any guidance would be greatly appreciated.
     
    snurge, May 10, 2006
    #1
    1. Advertisements

  2. First of all, in order for this to happen, you have to have at least
    1 domain in place. This will not work with remote workgroups
    because there is no DMB or domain master browser in place
    to merge the entire list.

    You haven't really mentioned how they were connected aside
    from saying you have fixed lines but you didn't mention your
    routers. It is common to have 1 machine act as a router with
    multihoming which would give you the same result.

    Each subnet will have 1 subnet master browser which is
    responsible for gathering the local list from all machines
    then passing that list on to the DMB as well as passing the
    merged list from the DMB back to all clients who request it.
    All SMBs must be able to setup a NetBIOS connection with
    the DMB(s). This whole process relies on NetBIOS broadcasts.
     
    Michael Giorgio - MS MVP, May 10, 2006
    #2
    1. Advertisements

  3. snurge

    Mark R. Guest

    Hey Mike,

    I have a similar issue. All my site are connected via cisco routers. They
    can ping eachother just fine by FQDM. We are in a single forest and a few
    child domains on different subnets. I can only see machines thats are in
    thier own subnet from nethood. How can I get all machine to see eachother in
    the entire forest? Do I need a WINS server in every domain?

    Thanks
     
    Mark R., May 12, 2006
    #3
  4. Hi Mark,

    Open a dos prompt and run net view against a remote
    domain e.g., net view /domain:remotedomainname ;
    what do you see?
     
    Michael Giorgio - MS MVP, May 12, 2006
    #4
  5. snurge

    Mark R. Guest

    OK

    I VNC into our Shanghai site ( I am in NY) I net view our parent doamin in NY

    net view parentdomain.com
    Share resources at parentdomain.com


    Share name Type Used as Commen
    -------------------------------------------------------------------------------------
    NETLOGON Disk Logon server share
    SYSVOL Disk Logon server share
    The command completed successfully.
     
    Mark R., May 12, 2006
    #5
  6. Hi Mark,

    The command is: net view /domain:parentdomainname

    Use the NetBIOS name not the FQDN.

    You, somehow, queried a specific computer for it's
    shared resources.
     
    Michael Giorgio - MS MVP, May 12, 2006
    #6
  7. snurge

    Mark R. Guest

    ok got it

    from the shanghai server

    net view /domain:parent.com
    system error 6118 has occured

    The list of servers for this workgroup is not currently available

    when I net view /domain:shanghai (it's own domain) I get

    net view /domain:shanghai
    Server Name Remark
     
    Mark R., May 12, 2006
    #7
  8. No. You need just one WINS that all the machines use. "Domains" are totally
    irrelevant.
     
    Phillip Windell, May 12, 2006
    #8
  9. snurge

    Mark R. Guest

    OK here is some additional info from a test I ran.

    The parent domain is in NY and we also have a child domain here is NY as
    well. We kinda did the single foraet empty root approach. These two domains
    are on the same subnet 10.100.0.0/16. Everything communicates perfect b/c
    it's the same subnet no router/VLANs separate the two.

    I put a laptop from the child domain on it's own subnet 10.200.0.0/24. I
    have a router to separate the two subnets. I setup WINS on the child domain
    and pointed the laptop to it, rebooted and all the domains show up in
    nethood. I can ofcourse connect to the child domain the laptop belongs and
    the partent but cannot connect to the other child domain. I get not
    accessible error.

    So should I setup a WINS server in each domain based on this? Or should I
    point everything to the WINS server in the parent domain and try to figure
    out the issue?
     
    Mark R., May 12, 2006
    #9
  10. Michael Giorgio - MS MVP, May 12, 2006
    #10
  11. snurge

    Mark R. Guest

    Thanks for the reply Philip. Looks like my reply slipped in right before
    yours did. But here are some things that I have found.

    OK here is some additional info from a test I ran.

    The parent domain is in NY and we also have a child domain here is NY as
    well. We kinda did the single foraet empty root approach. These two domains
    are on the same subnet 10.100.0.0/16. Everything communicates perfect b/c
    it's the same subnet no router/VLANs separate the two.

    I put a laptop from the child domain on it's own subnet 10.200.0.0/24. I
    have a router to separate the two subnets. I setup WINS on the child domain
    and pointed the laptop to it, rebooted and all the domains show up in
    nethood. I can ofcourse connect to the child domain the laptop belongs and
    the partent but cannot connect to the other child domain. I get not
    accessible error.

    So should I setup a WINS server in each domain based on this? Or should I
    point everything to the WINS server in the parent domain and try to figure
    out the issue?
     
    Mark R., May 12, 2006
    #11
  12. No, see my other post. Something is blocking NetBIOS, most likely
    a router or firewall in each subnet. This prevents the SMBs from
    creating a NetBIOS session with the remote SMBs in order to propagate
    the browse list.
     
    Michael Giorgio - MS MVP, May 12, 2006
    #12
  13. snurge

    Mark R. Guest

    Thanks Mike,

    I'll look into that right now.

    Just when I thought I was on the right track with separate WINS servers in
    each domain.
     
    Mark R., May 12, 2006
    #13
  14. snurge

    Mark R. Guest

    OK I checked the link about firewalls. The connection between NY and Shanghai
    does not have any firewalls between them. From the NY network I can see and
    access all of Shanghai's machine. I cannot do the same from Shanghai to NY.

    Also on the test laptop when I point to the WINS server in the parent doamin
    I get nothing showing up in nethood. When I point to the WINS server I setup
    in the child domain that it belongs to I can see all the domains and access
    the parent the child it belongs to but cannot access the shanghai child or
    our london child. Weird!
     
    Mark R., May 12, 2006
    #14
  15. snurge

    Mark R. Guest

    OK I checked the link about firewalls. The connection between NY and Shanghai
    does not have any firewalls between them. From the NY network I can see and
    access all of Shanghai's machine. I cannot do the same from Shanghai to NY.

    Also on the test laptop when I point to the WINS server in the parent doamin
    I get nothing showing up in nethood. When I point to the WINS server I setup
    in the child domain that it belongs to I can see all the domains and access
    the parent the child it belongs to but cannot access the shanghai child or
    our london child. Weird!
     
    Mark R., May 12, 2006
    #15
  16. Then you may have to ask about that in a AD group. This is an authentication
    issue, not a networking issue. Their maybe something wrong in the trusts,
    although I have no idea what that could be.
     
    Phillip Windell, May 12, 2006
    #16
  17. Separate WINS Server are usually not the solution, they are the beginnning
    of the problems. WINS Servers need to be "common" for the whole LAN (that
    means *one*). Everybody the entire network wide must all use the same WINS
    Server. If there is more than one WINS then they need to be setup as
    replication partners so that the WINS Database match on all of them.
     
    Phillip Windell, May 12, 2006
    #17
  18. That is exactly what multiple WINS Servers are good for, when not deployed
    correctly. See my previous post.

    --
    Phillip Windell [MCP, MVP, CCNA]
    www.wandtv.com
    -----------------------------------------------------
    Understanding the ISA 2004 Access Rule Processing
    http://www.isaserver.org/articles/ISA2004_AccessRules.html

    Troubleshooting Client Authentication on Access Rules in ISA Server 2004
    http://download.microsoft.com/download/9/1/8/918ed2d3-71d0-40ed-8e6d-fd6eeb6cfa07/ts_rules.doc

    Microsoft Internet Security & Acceleration Server: Guidance
    http://www.microsoft.com/isaserver/techinfo/Guidance/2004.asp
    http://www.microsoft.com/isaserver/techinfo/Guidance/2000.asp

    Microsoft Internet Security & Acceleration Server: Partners
    http://www.microsoft.com/isaserver/partners/default.asp

    Deployment Guidelines for ISA Server 2004 Enterprise Edition
    http://www.microsoft.com/technet/prodtechnol/isa/2004/deploy/dgisaserver.mspx
    -----------------------------------------------------
     
    Phillip Windell, May 12, 2006
    #18
  19. snurge

    Mark R. Guest

    I agree with you their Philip. We had originally gotten rid of WINS when we
    just had two offices using AD. There was never really a need to have that
    extra traffic on the network. Now that we have brown and have multiple sites
    I am forced to put WINS back on. Things are only going to get worse when we
    break up our HUGE NY network have a subnet for each of our five floors.

    I will remove the WINS server from the child domain and point the laptop on
    the 10.200.0.0/25 subnet to the WINS server in the parent domain and wait.
    something just doesn't seem right b/c when I point it to the parent WINS
    server I can't see anything but when it's pointed to the child WINS server
    all is fine for the most part.
     
    Mark R., May 12, 2006
    #19
  20. No, as you can see by the output of your nbtstat -c, name resolution
    is correct. You only need 1 WINS server.
     
    Michael Giorgio - MS MVP, May 12, 2006
    #20
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.