Have an account?

  •   Personalized content
  •   Your products and support

Need an account?

Create an account

WSA Announces Itself as a Domain Master Browser - Users Cannot List Windows Shares

Available Languages

Download Options

  • PDF     (7.2 KB)
    View with Adobe Reader on a variety of devices
Updated:July 16, 2014
Document ID:117954

Contents

Problem
Solution

Problem

The Cisco Web Security appliance (WSA) announces itself as a domain master browser, there are no Windows Shares listed, and Event ID 8003 is in the AD event logs even though you installed WSA in your network.


Environment: WSA (using NTLM authentication) in a Windows network together with an AD - all versions


Symptoms: Users cannot see any Windows shares. The AD event log is full of errors (Event ID 8003).

Note: This Knowledge Base article references software which is not maintained or supported by Cisco. The information is provided as a courtesy for your convenience. For further assistance, please contact the software vendor.

Solution

This is most likely caused by the net-mask on the Cisco Web Security Appliance (WSA) not matching the one of the Active Directory server.

http://www.microsoft.com/technet/prodtechnol/windows2000serv/reskit/w2000Msgs/4409.mspx?mfr=true

-----------------------------------------------------------------------
Event Message:

The master browser has received a server announcement from the computer computer name that believes that it is the master browser for the domain on transport name. The master browser is stopping or an election is being forced.

Explanation:

The subnet mask of the Windows 2000 client computer is incorrect or is different from the primary domain controller. The client computer has attempted to promote itself to the master browser of the subnet and has failed because only one computer in a domain can be running as the master browser.

User Action:

Change the TCP/IP protocol configuration to the correct subnet mask.
-----------------------------------------------------------------------


Please verify that the netmask configured on the S-Series Appliance matches the one of the AD.

  1. On the AD you can check for the netmask in the command line of Windows with command 'ipconfig /all'.
  2. To configure the netmask on the Cisco Web Security Appliance, use CLI command 'interfaceconfig'. Remember to 'commit' your changes.

If this should not resolve the issue for you, please send in a Support Request (GUI > Support & Help > Contact Technical Support) along with the corresponding AD event logs. A Customer Support Engineer can assist you in making the necessary changes.
.

Source of Article:
http://www.microsoft.com/technet/prodtechnol/windows2000serv/reskit/w2000Msgs/4409.mspx?mfr=true

TAC Authored

Contributed by Cisco Engineers

  • Jakob Dohrmann and Siddharth Rajpathak
    Cisco TAC Engineers.

Was this Document Helpful?

FeedbackFeedback

Contact Cisco

Related Cisco Community Discussions

This Document Applies to These Products

About Us
Contact Us
Work with Us