Sign in with
Sign up | Sign in
Your question

NetBIOS name resoultion problem

Last response: in Windows 2000/NT
Share
July 1, 2004 5:34:14 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

After disabling NetBIOS over TCPIP in Windows 2000 server,
we are having problems with NetBIOS name resolution
problems and no local DNS server. We are running a DNS
for our department and all host requests are forwarding to
the main Unix DNS server in our company. Neither DHCP nor
Win server is running on our department network. Please
advise.
Anonymous
July 1, 2004 8:16:18 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

In news:24ce201c45faa$c62db5e0$a401280a@phx.gbl,
Rusty <anonymous@discussions.microsoft.com> posted a question
Then Kevin replied below:
> After disabling NetBIOS over TCPIP in Windows 2000 server,
> we are having problems with NetBIOS name resolution
> problems and no local DNS server. We are running a DNS
> for our department and all host requests are forwarding to
> the main Unix DNS server in our company. Neither DHCP nor
> Win server is running on our department network. Please
> advise.

Why would it surprise you that disabling NetBIOS would cause problems with
NetBIOS resolution?

If you want DNS to resolve these names all your machines will need to be
registered in DNS in a zone that is in your DNS suffix search list.
Please clarify what you wish to accomplish and post an ipconfig /all so I
can see if the config you have will allow you to resolve host names in DNS.


--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
============================
--
When responding to posts, please "Reply to Group" via your
newsreader so that others may learn and benefit from your issue.
To respond directly to me remove the nospam. from my email.
==========================================
http://www.lonestaramerica.com/
==========================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
==========================================
Keep a back up of your OE settings and folders with
OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
==========================================
Anonymous
July 1, 2004 8:16:19 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

According to our company security team, SMB Ports and
Netbios ports needs to be blocked as most of hacker
attached are performed as open ports such as these.

Even after disabling Netbios port, all workstation are
able to connect to this server, which is Active directory,
domain controller, but another server on our network lost
connection to this server.

Thanks for your help.

>-----Original Message-----
>In news:24ce201c45faa$c62db5e0$a401280a@phx.gbl,
>Rusty <anonymous@discussions.microsoft.com> posted a
question
>Then Kevin replied below:
>> After disabling NetBIOS over TCPIP in Windows 2000
server,
>> we are having problems with NetBIOS name resolution
>> problems and no local DNS server. We are running a DNS
>> for our department and all host requests are forwarding
to
>> the main Unix DNS server in our company. Neither DHCP
nor
>> Win server is running on our department network. Please
>> advise.
>
>Why would it surprise you that disabling NetBIOS would
cause problems with
>NetBIOS resolution?
>
>If you want DNS to resolve these names all your machines
will need to be
>registered in DNS in a zone that is in your DNS suffix
search list.
>Please clarify what you wish to accomplish and post an
ipconfig /all so I
>can see if the config you have will allow you to resolve
host names in DNS.
>
>
>--
>Best regards,
>Kevin D4 Dad Goodknecht Sr. [MVP]
>Hope This Helps
>============================
>--
>When responding to posts, please "Reply to Group" via
your
>newsreader so that others may learn and benefit from your
issue.
>To respond directly to me remove the nospam. from my
email.
>==========================================
> http://www.lonestaramerica.com/
>==========================================
>Use Outlook Express?... Get OE_Quotefix:
>It will strip signature out and more
> http://home.in.tum.de/~jain/software/oe-quotefix/
>==========================================
>Keep a back up of your OE settings and folders with
>OEBackup:
> http://www.oehelp.com/OEBackup/Default.aspx
>==========================================
>
>
>.
>
Related resources
Anonymous
July 1, 2004 10:05:02 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

In news:2499201c45fba$f3e3e0d0$a301280a@phx.gbl,
anonymous@discussions.microsoft.com <anonymous@discussions.microsoft.com>
posted a question
Then Kevin replied below:
> According to our company security team, SMB Ports and
> Netbios ports needs to be blocked as most of hacker
> attached are performed as open ports such as these.
>
> Even after disabling Netbios port, all workstation are
> able to connect to this server, which is Active directory,
> domain controller, but another server on our network lost
> connection to this server.

Check the server that lost connection for the proper DNS Suffix search list
and DNS server.
I'm proponent of disabling NetBIOS as well, as much for internal security as
external security. IMO, Network browsers are as much a security risk as any.
It still won't stop a determined user but if they can't browse Network
Places it sure slows the ocaisional "I wonder what's in here" browser.

You might even find the problem with the server by running netdiag on it to
see what is comes up with.
If youwant me to take a closer look at that particular server piost an
ipconfig /all from it and the DC.

--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
============================
--
When responding to posts, please "Reply to Group" via your
newsreader so that others may learn and benefit from your issue.
To respond directly to me remove the nospam. from my email.
==========================================
http://www.lonestaramerica.com/
==========================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
==========================================
Keep a back up of your OE settings and folders with
OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
==========================================
Anonymous
July 2, 2004 1:52:57 AM

Archived from groups: microsoft.public.win2000.dns (More info?)

In news:24ce201c45faa$c62db5e0$a401280a@phx.gbl,
Rusty in <anonymous@discussions.microsoft.com> posted their thoughts, then I
offered mine
> After disabling NetBIOS over TCPIP in Windows 2000 server,
> we are having problems with NetBIOS name resolution
> problems and no local DNS server. We are running a DNS
> for our department and all host requests are forwarding to
> the main Unix DNS server in our company. Neither DHCP nor
> Win server is running on our department network. Please
> advise.


Just want to reiterate what Kevin said. NetBIOS name resolution requires
NetBIOS to be enabled. Not too much you can do about that.

Keep in mind, if you are using Exchange server (no matter what version), it
still requires NetBIOS for Outlook functionality.

--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroup so all
can benefit. This posting is provided "AS-IS" with no warranties and
confers no rights.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory

HAM AND EGGS: A day's work for a chicken; A lifetime commitment for a
pig. --
=================================
Anonymous
July 2, 2004 1:58:50 AM

Archived from groups: microsoft.public.win2000.dns (More info?)

In news:2499201c45fba$f3e3e0d0$a301280a@phx.gbl,
anonymous@discussions.microsoft.com in <anonymous@discussions.microsoft.com>
posted their thoughts, then I offered mine
> According to our company security team, SMB Ports and
> Netbios ports needs to be blocked as most of hacker
> attached are performed as open ports such as these.
>
> Even after disabling Netbios port, all workstation are
> able to connect to this server, which is Active directory,
> domain controller, but another server on our network lost
> connection to this server.
>
> Thanks for your help.

I can understand blocking NetBIOS from the Internet, which I do myself as
well, as do many others. AD doesn't use NetBIOS for domain communication
functionality, but other apps do. Assuming your security team has an awesome
firewall and/or ISA or Proxy server in place blocking everything from the
outside world, turning off NetBIOS and SMB internally will harm
productivity, since I bet many folks probably rely on Network Neighborhood,
which will not function, and UNC shares using NetBIOS will also not
function. Weighing the security advantages compared to functionality and
productivity, I would keep NetBIOS and SMB enabled and let the firewall
protect the network. An inside intruder will, as Kevin said, if determined,
doesn';t matter what you turn off, can still phish for stuff. I do it all
the time to test things ...

--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroup so all
can benefit. This posting is provided "AS-IS" with no warranties and
confers no rights.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory

HAM AND EGGS: A day's work for a chicken; A lifetime commitment for a
pig. --
=================================
Anonymous
July 2, 2004 11:12:56 AM

Archived from groups: microsoft.public.win2000.dns (More info?)

When I disable NetBios over Tcpip in the WINS tab of the
Advanced TCP/IP Settings, Primary Wins server and
Secondary Wins server are listed in Ipconfig /all output,
but when I disable NetBios over Tcpip in the Device
Manager, Wins servers are not listed in Ipconfig /all
output and no local DNS server. See below link:

http://www.microsoft.com/technet/Security/prodtech/win2...
secwin2k/a0604.mspx

DC Ipconfig output:

Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix ...sell.com
Description . . . . . . . . : 3Com 3C90x Ethernet
Adapter
Physical Address. . . . . . : 00-60-08-3E-46-07
DHCP Enabled. . . . . . . . : No
IP Address. . . . . . . . . : 10.15.20.24
Subnet Mask . . . . . . . . : 255.255.254.0
Default Gateway . . . . . . : 10.15.20.1
Default Gateway . . . . . . : 10.1.2.15
NetBIOS over Tcpip . . . . : Disabled

Thanks.

>-----Original Message-----
>In news:2499201c45fba$f3e3e0d0$a301280a@phx.gbl,
>anonymous@discussions.microsoft.com
<anonymous@discussions.microsoft.com>
>posted a question
>Then Kevin replied below:
>> According to our company security team, SMB Ports and
>> Netbios ports needs to be blocked as most of hacker
>> attached are performed as open ports such as these.
>>
>> Even after disabling Netbios port, all workstation are
>> able to connect to this server, which is Active
directory,
>> domain controller, but another server on our network
lost
>> connection to this server.
>
>Check the server that lost connection for the proper DNS
Suffix search list
>and DNS server.
>I'm proponent of disabling NetBIOS as well, as much for
internal security as
>external security. IMO, Network browsers are as much a
security risk as any.
>It still won't stop a determined user but if they can't
browse Network
>Places it sure slows the ocaisional "I wonder what's in
here" browser.
>
>You might even find the problem with the server by
running netdiag on it to
>see what is comes up with.
>If youwant me to take a closer look at that particular
server piost an
>ipconfig /all from it and the DC.
>
>--
>Best regards,
>Kevin D4 Dad Goodknecht Sr. [MVP]
>Hope This Helps
>============================
>--
>When responding to posts, please "Reply to Group" via
your
>newsreader so that others may learn and benefit from your
issue.
>To respond directly to me remove the nospam. from my
email.
>==========================================
> http://www.lonestaramerica.com/
>==========================================
>Use Outlook Express?... Get OE_Quotefix:
>It will strip signature out and more
> http://home.in.tum.de/~jain/software/oe-quotefix/
>==========================================
>Keep a back up of your OE settings and folders with
>OEBackup:
> http://www.oehelp.com/OEBackup/Default.aspx
>==========================================
>
>
>.
>
Anonymous
July 2, 2004 2:19:38 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

In news:2536901c4603e$ac11c0e0$a401280a@phx.gbl,
anonymous@discussions.microsoft.com <anonymous@discussions.microsoft.com>
posted a question
Then Kevin replied below:
> When I disable NetBios over Tcpip in the WINS tab of the
> Advanced TCP/IP Settings, Primary Wins server and
> Secondary Wins server are listed in Ipconfig /all output,
> but when I disable NetBios over Tcpip in the Device
> Manager, Wins servers are not listed in Ipconfig /all
> output and no local DNS server. See below link:
>
>
http://www.microsoft.com/technet/Security/prodtech/win2...

If you read that entire article it tells you that disabling NetBIOS in
hidden devices also disables SMB which basically disables File Sharing, this
shoudl only be done on pure Web servers and pure DNS servers (e.g. public
Web and DNS servers that provide no other service).
You do _not_ want to do this on Domain controllers and File servers or
machines that Authenticate to a domain.
IF you read the statement at the bottom of the page it prettty much explains
it.

"Potential Impact
No systems will be able to connect to the server via SMB. The servers will
be unable to access folders shared on the network. Many management tools
will be unable to connect to the servers"


You should follow disable Client for MS networks, File sharing and NetBIOS
over TCP/IP (on the WINS tab) on any internet facing interfaces.

If you are using a Win2k machine as a Firewall use the option in the device
manager to disable NetBIOS over TCP/IP, you would not want to do this on a
client or member of a network behind the firewall.

--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
============================
--
When responding to posts, please "Reply to Group" via your
newsreader so that others may learn and benefit from your issue.
To respond directly to me remove the nospam. from my email.
==========================================
http://www.lonestaramerica.com/
==========================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
==========================================
Keep a back up of your OE settings and folders with
OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
==========================================
!