Question : Computers not showing up in Network Places

We have a Windows server 2003 Enterprise computer that works as a Domain Controller and a Symantec Anti-virus server.

We had to re-install the Symantec application on the server, and we need to roll out the installs again to our computers. The Symantec software rolls this out by finding computers on the "Network Places" directory.

If I open Network Places and open my Domain, I see maybe....15 computers or so. (Most of which are all servers)

How I know about NetBIOS and stuff like that, but I don't have time to look through over 60 computers to see if this is enabled.

We do have VLANS setup and the network is as follows....

192.168.1.x = Servers
192.168.2.x = Clients
192.168.3.x = Printers

So perhaps the VLANS have something to do with it. (Although some servers on the same VLAN do not show up)

What is the best method to fix this without going to each computer? All workstations are Windows XP Pro.

Answer : Computers not showing up in Network Places

There are two ways to populate the Browse list:

First let's get a little background of the Domain browser service:

The domain browser service populates "My Network Places". It does this by two simultaneous ways. One I call the Old school method and the other I call the new school method:

Old School:
Old school uses netbios over TCP/IP or Netbios over DHCP. The problem with Netbios over DHCP that is the current nic configuration default is if your DHCP server is not the domain master browser, it won't work.
Netbios over TCP/IP uses these three ports:
WINS/Netbios broadcast port 137/TCP and Netbios datagram ports 138/UDP, and 139/UDP.
As you probably know, Netbios broadcasts are not routable. This means it will not propogate over a VPN tunnel through NAT, to VLANs, through firewalls unless you have a very specific configuration:
~~For NAT translation, a WINS connection between the two site Domain master browsers needs to be created.
~~For VPN tunnels, a WINS connection needs to be created.
~~For a VLAN, you may need to open up these three ports for netbios broadcasts and that only applies if these VLANS are on the same subnet.
~~~~If not on the same subnet, the VLANS will need s WINS connection between the VLAN master browsers.

The New school method is Netbios over SMB:
SMB uses these two ports:
SMB port 445/TCP
Netbios datagram port 139/UDP
For SMB to work, a porthole needs to be open between the two sites or VPNs.

IT security:
Unfortunately both methods are HIGHLY targeted by hackers. Open ports to network shares is a gold mine for hackers to play with. These are probably the highest targeted ports on the LAN. So, they are often blocked by ISPs and enterprise firewalls. For SMB sharing, you can redirect the path to an HTTPS port. I am still studying up on this.

To resolve your situation with the VLANS, try opening up ports 445 and 139 between the VLANS. Then go to this site to check your enterprise firewall for blockages. It is called Shields UP. This site is a port scanner like what hackers use. But, this port scanner is legit because it's sole purpose is to show you about your IT security.
https://www.grc.com/x/ne.dll?bh0bkyd2


Random Solutions  
 
programming4us programming4us