Too many domains when browsing!!

  • Thread starter Thread starter Charles McMillan
  • Start date Start date
C

Charles McMillan

I am confused:

Are the icons Domain icons or computer/server objects?
The remote workstations/domains cannot be on the same
switched network, unless you have them directly
connected. What do you mean by remote, in another room or
another town? If they are not close enough to run lines to
then I suspect that you have a routed network and
different subnets.

If the remote workstations are accessing shares on the DCs
then that would explain the port 445 traffic. Also I
suspect one of the DCs is the master browser which also
causes 445 traffic.

You can use the net config or edit the registry to make
2000 based computers hide from the browse list but that
doesn't seem to be what you want to do.
 
Port 445 is used for hosting SMB over TCP/IP and not trough BetBios over
TCP/IP. This happens when you uncheck NetBios over TCP/IP in TCP/IP
properties of a network adapter. See http://ntsecurity.nu/papers/port445/
for quite interesting explanation.

--
Regards

Matjaz Ladava, MCSE (NT4 & 2000), MVP
(e-mail address removed)
http://ladava.com
 
Forgive me! I seem to have confused everybody, so I obviously did not state
the issue in a way that could be understood!
I was notified about this issue by our customer and I'm not sure that I
would have noticed it on my own. They were checking out the traffic on the
network because there seemed to be too much of it.

I'll start by trying to answer your questions Charles. The icons are indeed
Domain icons. They are real, existing domain (or workgroup?) icons, not
orphaned objects.

We have our domain controllers at location A. All of our win 2k
workstations in the domain live at satelite offices in other cities
throughout the state (remote locations). We do have a routed network and
many different subnets that allow connectivity between the workstations and
the domain controllers.

That's the basic setup of what we think of as "our" domain. What is coming
into play is that at each of these satelite offices there are other
computers (belonging to a different department) that are running either
win2k or win nt and setup in a domain or workgroup. And these other
computers are physically plugged into the same switches on our routed
network that our computers on our domain are plugged into.

I guess there are two parts to this question. Is there any way to prevent
these other domains from appearing in the browse lists on computers in my
domain? And is there anything I can do to prevent the excess traffic that
is being generated by these "other" computers?

I hope this helps clarify! Thanks again for your help! /Joel
 
Dear Joel,

Thank you for your reply.

NetBIOS over TCP traditionally uses the 137/UDP, 138/UDP, 137/TCP and
139/TCP ports. Direct hosted "NetBIOS-less" SMB traffic uses port 445 (TCP
and UDP). When Windows 2000 Server receives multiple connection requests on
port 445, it allocates memory and an increased CPU usage will occur. Based
on the symptom in your domain and 445 traffic problem, this behavior can
occur due to this known issue.

The hotfix has been included in Windows 2000 SP4, therefore to resolve the
445 traffic issue, I suggest you apply it on the W2K Server.

After that, we may then check the status of both port 445 traffic, and then
those displayed domain icons.

If you have any further problems or concerns during the process, please do
not hesitate to let me know. It's my pleasure to be of assistance.

Sincerely,

Seaver
 
Hi Seaver,

Last night I applied service pack 4 to both of the domain controllers. I
still see all the extra domains when I browse the entire network though I
don't know yet about the port 445 traffic. Is there any thing else I ought
to do so that computers in my domain do not see all the other domains?
/Joel
 
Dear Joel,

Thank you for your feedback.

1. To install W2K SP4 can help us resolve the Port 445 problem described in
the following article:

320751 High CPU Usage Occurs When There Are a Very Large Number of
Connections
http://support.microsoft.com/?id=320751

could you please confirm with local IT engineer whether the original port
445 traffic problem has been resolved?

2. As for the domain icon issue, domain client can do nothing since the
browsed contents are managed by Domain Master Browser instead. Please rest
assured that the listed icons won't cause bandwidth cost problem if domain
clients rarely access those remote domains.

188001 Description of the Microsoft Computer Browser Service
http://support.microsoft.com/?id=188001

If you want to switch the server's role from PDC Emulator which equals with
Domain Master Brower, please refer to the following article:

255690 HOW TO: View and Transfer FSMO Roles in the Graphical User Interface
http://support.microsoft.com/?id=255690

Sincerely,

Seaver
 
Back
Top