Monday, February 1, 2010

Modify Master Browser Election by GPO

If you are getting the following in the Event Log on Your Domain controller

"The master browser has received a server announcement from the computer that believes that it is the master browser for the domain on transport NetBT_Tcpip_{1A4EAF02-78F1
-47. The master browser is stopping or an election is being forced."

- Join the club I had this problem 13/09/04 here’s how to fix it

Essentially you can stop this in two ways - Stop all the routers on your network forwarding UDP traffic (to much work for me) or change the registry key below on all your clients

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Browser\Parameters\MaintainServerList from Auto to FALSE
You can do this from login script (bear in mind all users don’t have rights to change this key - if your network is setup securely.)

As Im a lazy sod! I decided to farm this change out via Group policy.

Go to a client PC that has the domain admin tools installed (adminpak.msi is on the 2K/2K3 CD or you can download it from my website http://www.petenetlive.com/Downloads/download.htm)

Log on with administrative access.

Start > Run > Regedit {enter}

Navigate to
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Browser\Parameters

In the right hand window double click MaintainServerList and change its setting to FALSE (note upper case)

Exit the registry Editor

Click Start >administrative Tools > Active directory users and computers.

NOTE: At this point you can edit an existing policy if you wish but I prefer to keep a policy just for Registry changes,

Right click the domain name >Properties > Group policy > New

Call the new policy Reg_Changes, select the new policy and click Edit.

Computer Configuration > Windows Settings, In the right hand window open security settings.

Right Click Registry and select "Add Key"

Navigate to Machine > System > CurrentControlSet > Services > Browser > Parameters

Click OK, You will be prompted for security settings highlight USERS and select Full control, then Add Domain Users and give them Full Control. Click Apply then OK.

If you are prompted again for permissions select, "Propagate inheritable Permission to all sub keys" Click OK.

Exit Group policy Editor and Reboot.