[pptp-server] Windows 2000 browse and PPTP

Cowles, Steve Steve at SteveCowles.com
Sat Jun 9 16:25:19 CDT 2001 

> -----Original Message-----
> From: Patrick Keys [mailto:patrick.keys at forest.tele2.co.uk]
> Sent: Saturday, June 09, 2001 1:05 PM
> To: pptp-server at lists.schulte.org
> Subject: [pptp-server] Windows 2000 browse and PPTP
> 
> Hello
> 
> I have been trying for ages to make a Linux pptpd server 
> running samba 2.2.0 supply a browse list for the computers
> on my office network when accessing from home. Samba is
> configured as a WINS server and the remote clients are
> configured to use it. Most of the office computers use it
> as well - unfortunately it takes longer than you might
> imagine to make such network changes!
> 
> Anyway, I have been able to access office computers from home using
> \\computer-name\share. I have now managed to obtain a list of remote
> workgroups and NT domains - our office network consists of 
> both. I managed to do this by setting the workgroup of my home
> PC to match one of the workgroups in the office, in this case, the
> workgroup that the samba server resides in.
> 
> Unfortunately, this is where the problem lies. My home 
> computer is also connected to a network and normally resides
> in a different workgroup. I don't particularly want to change
> the workgroup of my PC each time I connect to the office
> (windows insists on a reboot), so the obvious question is
> whether there is any way of changing this on a per-connection 
> basis... I have played with the logon domain option in the VPN 
> connection box, but this doesn't help (it probably shouldn't,
> anyway). Does anyone know of a way to do this? It's probably an
> annoying windows problem, but it would be very useful to sort
> this problem out once and for all.

First of all - Microsoft never intended for a "single" workstation to be a
member of multiple workgroups/domains. Thats really the function of the
Domain Controllers. i.e. Trust Relationships. Some corporations security
policies do not allow you to browse the servers in other workgroup/domains.

Anyway, In a perfect world... (according to Microsoft):

1) You should have one WINS server per LAN. 
2) Each client on the local LAN will register its workgroup/domain
registration with the local WINS server on that LAN.
3) Each WINS server is then configured to do "push/pull" replication of its
database (registrations) among the other WINS servers. Usually in a star
configuration.

Unfortunately, the above perfect world is based on using MS WINS servers.
Samba WINS has similar functionality (remote browse sync), but is unable to
replicate with MS based WINS servers. :-(

FWIW: One nice feature of implementing multiple WINS servers is it keeps the
rather "chatty" browser related traffic from spanning across WAN's that link
remote offices/buildings together. Especially offices that are linked by
VPN's. Microsoft networking can (if not properly setup) kill bandwidth
across these links. i.e. Using one WINS server for multiple LANS linked by
VPN's, Frame Relay circuits, etc... 

Another nice feature of using multiple WINS... your PPTP clients can
register with one WINS server and browse all the other workgroup/domains
that have replicated with that WINS server. Security permitting of course.

Thank goodness W2K is now using Active Directory (not WINS) that is based on
DNS. Much better implementation.

Steve Cowles

More information about the pptp-server mailing list