General discussion

Locked

Workgroup vs. Domain Member

By badfish ·
I have 12 NT 4 workstations connected to one Cisco 2924 switch, which is only connected to another 2924. That switch is connected to that is a Win2K server. The server is also connected to my Domain (different subnet) on another NIC. I don't haverouting setup (IP Forwarding?). All 12Stations and server are using only TCP/IP and all on same subnet. Workstations are completely Isolated, they cannot see a gateway/router or the WINS srv, wrkstation are all member of a workgroup. Server was made member of the Domain. It is using WINS on Domain NIC. In this setup Network browsing to Server is extremely slow at best.Mapping a drive to server share sometimes times out, other times works but never fast enough. Once workstation boots and makes connection to server it is considerably better, however first few minutes after boot the stations time-out looking for server by name or even specifying the IP address. I can ping the IP address of the server at all times perfectly. After removing the Server from the domain and adding to same workgroup everything works perfectly fine.
How can I keep the server a member of my domain without suffering the network browsing "timeouts"? I must keep the stations physically segmented from the domain however.

This conversation is currently closed to new comments.

11 total posts (Page 1 of 2)   01 | 02   Next
| Thread display: Collapse - | Expand +

All Comments

Collapse -

Workgroup vs. Domain Member

by McKayTech In reply to Workgroup vs. Domain Mem ...

In essence, you're asking your server to be a member of two domains (the "domain" and the "workgroup") and that is not a supported configuration for NT4.

With the information given, it's a little hard for me to suggest an answer because it's not clear what you're trying to accomplish. Your stations are NOT currently "physically segmented" because they are physically connected through the switch to the server and can freely establish TCP/IP connections.

Undoubtedly, there is a solution that will meet your needs, but I think it will probably involve either VLANs or a firewall rather than just multi-homing your server across a domain and a workgroup.

paul

Collapse -

Workgroup vs. Domain Member

by badfish In reply to Workgroup vs. Domain Mem ...

I need the stations to see the Server and the other stations only, not the other domain. I want the server to be a member of the domain and keep normal connectivity with the stations. I had these two accomplished but when the server was a member of the domain the stations network performance to the server was not acceptable, timing out when initialing trying to make connections, after being up for a few minutes it was much better but still not as fast. As soon as I removed the server from thedomain and added it to the station's workgroup communication between the server and the stations was perfect, however I want the server to be a member of the domain.

Collapse -

Workgroup vs. Domain Member

by chris hirst In reply to Workgroup vs. Domain Mem ...

As with answer 1; What you are trying to achieve is impractical at best.You say you have your domain isolated via a different subnet, I assume you have 2 NIC's in the server as you say that WINS is bound to the domain NIC. This would mean that your W\S group have no means of name resolution for browsing.
You are going to have to either bind WINS to the workgroup NIC, (this could mean that workgroup members can see domain members and vice versa and you then have to limit that by other means)or use the HOSTS/LMHOSTS file to set up IP address to NETBIOS name resolution, Missing out some form of name resolution leads to the problems you describe (Browse failures, Timeouts etc).

Collapse -

Workgroup vs. Domain Member

by badfish In reply to Workgroup vs. Domain Mem ...

Well at first, I would agree, but I did try LMHOSTS files on the workstations and it did not help.
As soon as I removed the server from the domain and added to the workgroup all was fine and that is the ONLY change I made. The workstation still have no means of name resolution. They don't have WINS, LMHOSTS, they don't even have a gateway specified. But with the server being in the same workgroup they work fine

Collapse -

Workgroup vs. Domain Member

by malik_ajay In reply to Workgroup vs. Domain Mem ...

It looks that you have server and workstations on two different subnets. so, you must have two NICs on the server with the second NIC having the ip of other subnet or give a secondary ip of the other subnet on the server. Also, have multihomed entries of the server in the WINS (Static Mapping), have proper entries of WINS on the workstations. It should solve your problem.

bye
Good Luck

Collapse -

Workgroup vs. Domain Member

by badfish In reply to Workgroup vs. Domain Mem ...

I have two NICs one on each subnet.I don't see why I have to have seperate entries for the server on the WINS when the WINS server cannot see the isolated subnet,isolated NIC on server. As far as the WINS is concerned the other subnet does not exist.

Collapse -

Workgroup vs. Domain Member

by chris hirst In reply to Workgroup vs. Domain Mem ...

This is really a comment,
With regards to your comment to answer 3 you answered your own problem WINS cannot see the subnet and therefore the subnet has no WINS resolution and to the comment on my answer (answer 2) when the server is in the workgroup WINS will be in the workgroup
If time permits I will try to recreate this it sounds interesting
Chris Hirst

Collapse -

Workgroup vs. Domain Member

by badfish In reply to Workgroup vs. Domain Mem ...

The question was auto-closed by TechRepublic

Collapse -

Workgroup vs. Domain Member

by NetTek In reply to Workgroup vs. Domain Mem ...

The problem may lie in that you may have a Master Browser conflict. In other words, the server you are referring to is multihomed, and it sees the Master Browser on your domain side. This is usually the PDC. However, your Workgroup also needs a Master Browser. When a Browser election occurs on the workgroup side, servers take priority in winning an election over the workstations. Thus, the multihomed server will want to be the Master Browser for your workgroup.

You can see how problems could arise: One server, two subnets, two Browser lists.

I suggest you disable Master Browser capability on the multihomed server. This will enable one of your NT Workstations to always assume browsing duties for the workgroup. To disable Master Browser capability on the server, navigate to the following registry key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Browser\Parameters\MaintainServerList
and set the value to "No".

I would then add an LMHOSTS file to all your workstations that will assist them in locating the server.

Collapse -

Workgroup vs. Domain Member

by badfish In reply to Workgroup vs. Domain Mem ...

The question was auto-closed by TechRepublic

Back to Windows Forum
11 total posts (Page 1 of 2)   01 | 02   Next

Related Discussions

Related Forums