Tag Archives: Netbios

Solution for Windows cross-subnet browsing issue in mid-2016

Hello all-

this is a follow-up to my original post in which I discussed how to setup cross-subnet browsing so that all computers come up in “Network” or “Network Neighborhood”.

For the last few months, my “Network” browse list has disappeared and would ONLY show computers from my LAN subnet.  My remote (VPN-to-VPN) network subnet disappeared from my “Network” computer list.

After >>MUCH<< research I have found the problem and will present the solution.

The problem is due to the Microsoft Windows Update (for both desktop and server OS’s) KB3161949  (read about it here).

Part of the effect of this update was to “harden” the NETBIOS service and prevent NETBIOS data from being sent between subnets.

 

THE SOLUTION:

Two ways of handling this.

  1. You can remove this specific hotfix
  2. You can add a registry setting to override it.

(YOUR CHOICE)

To REMOVE the hotfix:

On SERVERS:  Go to Control Panel, Uninstall a program, View Installed Updates… Remove 3161949.  You’ll need to reboot.  After rebooting, go check for windows updates again (MANUALLY)  3161949 will pop up.  Right click and HIDE UPDATE.

On Desktops:  Same process as above – HOWEVER – Depending on which version of windows, which OS Rollup you are on, 3161949 might not show up.  If you cannot remove 3161949, simply add the registry key below.

–OPTIONAL METHOD–

Involves a registry key addition, then you need to reboot the machine.

SUBKEY: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters
Value Name: AllowNBToInternet
Type: Dword
Value: 1

 

** REMEMBER TO REBOOT after you do either the uninstall or registry key.

** It will take 5-60 minutes for the Network browse lists to refresh

*** MOST IMPORTANT ***

You MUST do this on your domain servers (Master Browsers) on each side of the subnet.  For example, I have for domain servers, two on each side.  I did this procedure on both, then rebooted all four domain servers.

Then I did this on my Windows 10 Pro workstation (via registry key) and rebooted.

When I checked my computer 30 minutes later, all machines were showing up in the browse list under “Network” in Windows 10.

** ADDITIONAL NOTE:  Just for the heck of it, you might as while put that registry key onto all your domain servers.  Even though I had uninstalled 3161949 from all 4 of my domain servers (and hidden that update), one of my DC’s re-applied that patch and rebooted, thereby messing up my Network list again.  So I just went and put that reg key onto all 4 DC’s just in case they get that update somehow in the future.

** NOTE: Do this at your own risk.  I’m not responsible for your network security.  You have to make the decision on what’s more important to you here.  Being able to see the entire cross-subnet network, or security.  I can’t speak as to how this increases or decreases your security risk.

Let me know if any questions…

All computers do not show up under Network Neighborhood across subnets Windows 2008 Server and Windows 2012 Server

THE ISSUE – NETWORK DOES NOT SHOW ALL COMPUTERS FROM MULTIPLE SUBNETS

 

**NOTE:  10/11/16 Please see this new blog post which addresses a new issue that has happened since June 2016.  Both of these posts will help you resolve this cross-subnet browsing issue.

I recently ran into the situation where my PDC failed and after promoting a second DC to PDC all the computers in both my branches would not show up under the Windows 7 network.

What would happen is that the computers from branch 1 would all show up under branch 1 on that network, and the computers from branch 2 would only show up on branch 2’s network.

Both networks are in the same domain and are connected via a Point to Point firewall VPN tunnel, and both offices are on different local internal IP subnets, such as:

branch 1:  192.168.55.X

branch 2: 192.168.56.X

Logins and domain replication is working fine, and even the DNS servers I have set to properly replicate the data between them, but still the “network” list only shows the local subnet not both.

THE SOLUTION

Firstly, you need to determine which machine for sure is the PDC emulator on your network.  On our network we have two Windows 2008 R2 servers.

to do this, follow this procedure:

Using the Windows interface on your windows server

1. Open Active Directory Users and Computers.

2. Right-click the domain node, and then click Operations Masters.

3. On the PDC tab, under Operations masters, view the operations masters that will serve as the PDC emulator.

 

Secondly, to complete the solution (snipped from the website linked below…)

4. You can either set the Computer Browser service to Automatic on the DC holding the PDC role, or move the PDC role to another DC that has the Computer Browser service started.  So using the info gleaned from above, log in to the PDC computer, go to SERVICES and START the computer browser service, and set it to AUTOMATIC.

You will need File and Printer sharing On in the Network and Sharing Center, otherwise the Computer Browser service will fail to start since the required ports will not be open.  In a multiple subnet environment, make sure WINS is configured properly so that you have the proper NetBIOS name resolution.  After making the corrections, the computers holding the master browser roles will begin to populate the browse list for the entire network.

NOTE:  In my situation with two subnets it was NOT necessary to run WINS to have a proper solution.

Lastly, wait anywhere from 30-60 minutes and the computers from both subnets (or more) should all now show up under “NETWORK” on your Windows network.

 

(some information courtesy of this blog)