SAN MATEO (06/12/2000) - Boy, do I have problems. It seems like every time I get [a problem] fixed, two more come along. Most of them seem to relate to Microsoft Corp.'s Windows NT, its file shares, and logging on to the domain. I have four locations, each connected to the Internet with varying speed connections and VPN connections between the locations. Things seem to work for Ping and FTP, but NT-based stuff is very hit-and-miss. Sometimes users will work fine for weeks and then all of a sudden not be able to log in or not be able to browse a share.
Our PDC [primary domain controller] is at our headquarters, which is connected by a T1. Sometimes rebooting the workstation fixes it, and sometimes if I reboot the PDC that will fix it. Is there any cure-all for this kind of problem, or do I have lots of different problems that look the same?
Brooks: Well, I can't tell you if you have lots of problems from this description, but I hope I can give you some tips on getting things to behave more sanely on your network.
The first thing to do is take a deep breath and look at what's working and what isn't. Are there any stations that never have problems? Or are there intermittent problems across the board and they just move around?
I definitely would look at that PDC and see if it's overworked, either in CPU or memory utilization; that can often manifest itself in strange network and domain problems. You also did not mention if you have BDCs (backup domain controllers) at the remote offices. Typically that's what you'll want, especially if some of those connections are really slow. That way your remote users won't be competing with off-site traffic for basic network log-ins and such. It also will reduce latency and make the network feel faster to users, which is always a good thing.
Next, I'd take a look at Windows Internet Naming Service (WINS). Sometimes WINS servers get confused and have old or erroneous information in them. Clearing the WINS database is a good way to start. It'll create a few hiccups while it gets rebuilt, but nothing catastrophic. If you're a curious type, you might want to browse the database first and try to identify entries that are causing problems.
Having incorrect entries for either workstations or servers will cause problems, and having different NetBIOS-to-IP mappings for different services will cause freaky behavior: A single server will show up with different IP addresses for its different NetBIOS types.
Finally, you might want to take a look at any packet-filtering rules you have.
Most places allow all NetBIOS traffic from secure locations (that's how your VPN-connected remote offices should be set up.) Perhaps you're missing one or more NetBIOS ports, and things are "kind of" working because of it.
In theory these problems will be a distant memory with Windows 2000 and its capability of using native TCP/IP and DNS rather than the funky TCP/IP + NetBIOS + WINS hack that Windows NT 4 uses. Of course, you may have a whole boatload of new problems, but at least they should be different and easier to troubleshoot, because the protocols make more sense.
Lori: It's clear you've seen the negatives of your problems. You are now suffering from client downtime and lost productivity, and you are spending more time than you'd like in network maintenance. All of these difficulties drive up your administration costs and tend to make you unpopular.
Your bundle of problems makes it hard to determine exactly what the core trouble is with your network. Without knowing additional information, such as what your clients are running (Windows 95, 98, etc.) or what some of the specific errors are that you as an administrator or your users are receiving, these problems are hard to pinpoint. They could be caused by several issues, as Brooks has pointed out.
Your PDC acts as a domain master browser (a list of network resources), and it is possible that your clients are having trouble communicating with the master browser. If there is trouble with the domain master browser, then the network will try to detect a backup master browser.
Additionally, there have been some problems with multihomed servers (servers with multiple network cards), as one card does not always send the client information needed to the other card, and thus a problem arises with the client's network connection.
One possible suggestion is that you add a BDC, or you also could add LMHosts files to your client machines so that each client can properly access your PDC.
Other than those ideas, I suggest rummaging through the Microsoft knowledge base or try their newly added diagnostic solution guide found in their troubleshooting wizards link at dsg.rte.microsoft.com.
Brooks Talley is senior business and technology architect for InfoWorld.com.
Lori Mitchell is a senior analyst in the Test Center. Send your questions for them to firstname.lastname@example.org.