ExamSim For MCSE 2000:Question 3 - Missing Browse List Entries

ExamSim For MCSE 2000:Question 3 - Missing Browse List Entries


November 26, 2000

Thomas Shinder

(Each week we present a question similar to those you will find in our ExamSim software. If you are interested in purchasing the ExamSim software, just click the ExamSim MCSE 2000 link)

You are the network administrator on a multisegment network. At the present time, your network is spread across four geographic regions throughout North America. The company has five offices in the United States, and ten offices throughout Canada. Each office has a least four populated segments, with the maximum number of segments at the corporate office having 20 populated segments.

The only LAN protocol in use is TCP/IP at all facilities. The network infrastructure includes Windows 2000 routers separating the internal segments, and 100 Mbps switches to manage network traffic within each segment. The network services infrastructure includes Windows 2000 DNS, Windows 2000 WINS and Windows 2000 DHCP Servers all participating in a single Windows 2000 Active Directory Domain.

The network was recently upgraded from a Windows NT 4.0 Domain and the network clients had been mixture of Windows 95, Windows 98 and Windows NT 4.0 Workstation. After the network upgrade was complete, all servers were running Windows 2000 Advanced Server and all workstations were running Windows 2000 Professional.

About a week after the completion of the upgrade, you receive a call from several of the sites complaining that one of the servers on segment 192.168.44.0 does not show up in the browse list. Since this is one of the main SMB file servers for the region, you call up the other offices and they report that the same server does not show up their Browse Lists. You check the network that is local to the server, and again, it does not show up on the browse list of any of the network segment.

You ping the server by NetBIOS name, DNS host name and by IP address and the ping is successful on all counts. You attempt to connect to a well-known share on the server via its UNC path and you again are successful. You confirm that all Domain Controllers on the network are functioning correctly, and you run the Browmon and Browstat programs from the Windows 2000 Resource kit to confirm that the Browser Service is functioning correctly on the network.

Why is the server not appearing on the Browse List?

  1. A firewall or packet filtering router has blocked outgoing broadcast messages on UDP Port 138 between the segment Master Browser and the WINS Server.
  2. NetBIOS over TCP/IP has been disabled on the missing Server
  3. The WINS Server has a static mapping for the missing Server which points to an incorrect IP address
  4. The DHCP Servers have been incorrectly configured and have made all network clients NetBIOS m-node clients
  5. The missing Server has been configured with configured with an incorrect address for its WINS Server.

For the answer, please go to the next page.

Thomas Shinder

The correct answer is B.

This question is typical of the type of questions that you'll see on your Microsoft exams. It tests your understanding of multiple concepts, and you ability to integrate your understanding of these concepts to come up with the correct answer.

The Browser service is a distributed database that contains a list of all the servers on a Microsoft network. In the context of the Browser service, a "server" is a machine that is running the server service. It is not a Windows NT or Windows 2000 Server computer. This means that any Windows based computer can be a server - all it needs to be a server that will show up on the Browse List is to be running the server service.

On a TCP/IP based network, each network segment will have a single Master Browser, which is selected via a process known as a Browser Election. In general, the machine with the newest and most powerful Windows based operating system will take the role of the Master Browser for its segment. There are ways of insuring that a particular server is the Master Browser by editing the registry and adding the IsMasterBrowser entry into the registry.

When network clients running the server service start up on an IP segment, they issue a server announcement, which is via a UDP broadcast packet. Since routers typically are not configured to pass these broadcast packets, these connectionless UDP broadcasts are limited to the segment on which they are issued. The Master Browser on the segment listens for these server announcements, and places the names of the computers that issue these broadcasts onto the Browse List. The Master Browser collects this information over time and is able to collect a complete list of servers on its segment.

In order to get a complete list of servers on all IP network segments, there must be a mechanism in place that will allow all the Master Browsers from all the segments to share what they know about their own segments with the other Master Browsers. In order to accomplish this, you need a Domain Master Browser. Each segment's Master Browser reports to the Domain Master Browser and sends to it the list of servers from its own segment. The Domain Master Browser is able to collect the information about the servers located on each IP segment on the network, and then returns this information to each of the segment Master Browsers located on the network.

On a Windows NT network, the Domain Master Browser is the Primary Domain Controller. On a Windows 2000 network, the Domain Master Browser will be the PDC Emulator.

There must also be a method in place that allows the segment Master Browsers to find the Domain Master Browser in order for them to report to it. The most common and efficient mechanism is to use a WINS Server. When the Domain Master Browser registers its NetBIOS Names with its WINS Server, one of the names it registers is its domain name with the [1Bh] service identifier. When segment Master Browsers are configured to query a WINS Server for NetBIOS names, it will query the WINS Server for the [1Bh] record for its domain and then contact that IP address. This is how the segment master browser is able to find and communicate with the Domain Master Browser.

The Browser Service is a NetBIOS dependent service, and is an unfortunate legacy left over from the history of Microsoft networking. All network operating systems that Microsoft has put out, prior to Windows 2000, were dependent on NetBIOS, and the NetBIOS interface on TCP/IP based networks. However, Windows 2000 is not NetBIOS dependent, and because network resources can be published in the Active Directory, there is no longer any compelling reason to have the broadcast based Browser Service enabled on your network.

For an explanation of each of the answers, check out the next page.

Thomas Shinder

Answer A is incorrect because a firewall or packet filtering router that blocks outgoing broadcast packets on UDP Port 138 will have no effect on the Browser service. Master Browsers configured as WINS clients contact the Domain Master Browser via a directed datagram. Therefore, the blocking of broadcast messages by an intervening router or firewall will not prevent the segment Master Browser from communicating with the Domain Master Browser. Another important consideration is that no other client on the missing Server's segment is having problems showing up on the Browse List. If there were communication problems between the segment Master Browser and the Domain Master Browser, the problem would affect all computers on the segment.

Answer B is correct because when you disable NetBIOS over TCP/IP on a Windows 2000 computer, you also disable the network clients ability to send server announcements, which are dependent on the NetBIOS interface. A network client that has the NetBIOS interface disabled is still able to access network shares on a Windows 2000 network by using the Direct Access method. In this instance, the server has had its NetBIOS interface disabled, and therefore will not show up in the browse list. This is the preferred mode in Windows 2000 networks that do not have NetBIOS dependent applications. This file server is still able to provide shared network resources, but rather than having users navigate a long browse list, you can publish the shared network resources on this server to the Active Directory. Users can then more efficiently search the Active Directory for the resources they require.

Answer C is incorrect because an erroneous record on the WINS Server will not prevent this file Server from showing up on the Browse List. Remember, a computer name shows up on the Browse List via server broadcast announcements on the local subnet. These announcements are in no way dependent on NetBIOS name resolution or WINS. They are broadcast messages to the local segment, and only the computer name is included on the browse list; the IP address of the server making an announcement is not included. Therefore, as long as the segment Master Browser is able to communicate with the Domain Master Browser, the computer's name will show up on the Browse List. However, if this computer does have a static mapping on the WINS Server, and the IP address is incorrect, then when a user tries to connect to the machine who's name is on the browse list, it will not be able to do so, because NetBIOS name resolution will fail.

Answer D is incorrect because the NetBIOS node type will not have any effect on the browser service. The m-node client will preferentially use NetBIOS broadcasts for name resolution before using a WINS Server. However, this will not have any effect on its ability to issue server announcements on the local segment.

Answer E is incorrect because its does not matter if the missing Server is configured to use a WINS Server, or is even if it is configured with an incorrect IP address for a WINS Server. The only machines that might require the use of a WINS Server are the segment Master Browsers (and an LMHOSTS file could be used instead if you wished). This is a very common misunderstanding that administrators have about the Browser service. Remember, servers do NOT need to be configured to use a WINS Server in order for the name to show up on the Browse List. However, a WINS Server may be an issue when it comes time to resolve the name on the list.