NetBIOS name resoultion problem

Archived from groups: microsoft.public.win2000.dns (More info?)

After disabling NetBIOS over TCPIP in Windows 2000 server,
we are having problems with NetBIOS name resolution
problems and no local DNS server. We are running a DNS
for our department and all host requests are forwarding to
the main Unix DNS server in our company. Neither DHCP nor
Win server is running on our department network. Please
advise.
7 answers Last reply
More about netbios resoultion problem
  1. Archived from groups: microsoft.public.win2000.dns (More info?)

    In news:24ce201c45faa$c62db5e0$a401280a@phx.gbl,
    Rusty <anonymous@discussions.microsoft.com> posted a question
    Then Kevin replied below:
    > After disabling NetBIOS over TCPIP in Windows 2000 server,
    > we are having problems with NetBIOS name resolution
    > problems and no local DNS server. We are running a DNS
    > for our department and all host requests are forwarding to
    > the main Unix DNS server in our company. Neither DHCP nor
    > Win server is running on our department network. Please
    > advise.

    Why would it surprise you that disabling NetBIOS would cause problems with
    NetBIOS resolution?

    If you want DNS to resolve these names all your machines will need to be
    registered in DNS in a zone that is in your DNS suffix search list.
    Please clarify what you wish to accomplish and post an ipconfig /all so I
    can see if the config you have will allow you to resolve host names in DNS.


    --
    Best regards,
    Kevin D4 Dad Goodknecht Sr. [MVP]
    Hope This Helps
    ============================
    --
    When responding to posts, please "Reply to Group" via your
    newsreader so that others may learn and benefit from your issue.
    To respond directly to me remove the nospam. from my email.
    ==========================================
    http://www.lonestaramerica.com/
    ==========================================
    Use Outlook Express?... Get OE_Quotefix:
    It will strip signature out and more
    http://home.in.tum.de/~jain/software/oe-quotefix/
    ==========================================
    Keep a back up of your OE settings and folders with
    OEBackup:
    http://www.oehelp.com/OEBackup/Default.aspx
    ==========================================
  2. Archived from groups: microsoft.public.win2000.dns (More info?)

    According to our company security team, SMB Ports and
    Netbios ports needs to be blocked as most of hacker
    attached are performed as open ports such as these.

    Even after disabling Netbios port, all workstation are
    able to connect to this server, which is Active directory,
    domain controller, but another server on our network lost
    connection to this server.

    Thanks for your help.

    >-----Original Message-----
    >In news:24ce201c45faa$c62db5e0$a401280a@phx.gbl,
    >Rusty <anonymous@discussions.microsoft.com> posted a
    question
    >Then Kevin replied below:
    >> After disabling NetBIOS over TCPIP in Windows 2000
    server,
    >> we are having problems with NetBIOS name resolution
    >> problems and no local DNS server. We are running a DNS
    >> for our department and all host requests are forwarding
    to
    >> the main Unix DNS server in our company. Neither DHCP
    nor
    >> Win server is running on our department network. Please
    >> advise.
    >
    >Why would it surprise you that disabling NetBIOS would
    cause problems with
    >NetBIOS resolution?
    >
    >If you want DNS to resolve these names all your machines
    will need to be
    >registered in DNS in a zone that is in your DNS suffix
    search list.
    >Please clarify what you wish to accomplish and post an
    ipconfig /all so I
    >can see if the config you have will allow you to resolve
    host names in DNS.
    >
    >
    >--
    >Best regards,
    >Kevin D4 Dad Goodknecht Sr. [MVP]
    >Hope This Helps
    >============================
    >--
    >When responding to posts, please "Reply to Group" via
    your
    >newsreader so that others may learn and benefit from your
    issue.
    >To respond directly to me remove the nospam. from my
    email.
    >==========================================
    > http://www.lonestaramerica.com/
    >==========================================
    >Use Outlook Express?... Get OE_Quotefix:
    >It will strip signature out and more
    > http://home.in.tum.de/~jain/software/oe-quotefix/
    >==========================================
    >Keep a back up of your OE settings and folders with
    >OEBackup:
    > http://www.oehelp.com/OEBackup/Default.aspx
    >==========================================
    >
    >
    >.
    >
  3. Archived from groups: microsoft.public.win2000.dns (More info?)

    In news:2499201c45fba$f3e3e0d0$a301280a@phx.gbl,
    anonymous@discussions.microsoft.com <anonymous@discussions.microsoft.com>
    posted a question
    Then Kevin replied below:
    > According to our company security team, SMB Ports and
    > Netbios ports needs to be blocked as most of hacker
    > attached are performed as open ports such as these.
    >
    > Even after disabling Netbios port, all workstation are
    > able to connect to this server, which is Active directory,
    > domain controller, but another server on our network lost
    > connection to this server.

    Check the server that lost connection for the proper DNS Suffix search list
    and DNS server.
    I'm proponent of disabling NetBIOS as well, as much for internal security as
    external security. IMO, Network browsers are as much a security risk as any.
    It still won't stop a determined user but if they can't browse Network
    Places it sure slows the ocaisional "I wonder what's in here" browser.

    You might even find the problem with the server by running netdiag on it to
    see what is comes up with.
    If youwant me to take a closer look at that particular server piost an
    ipconfig /all from it and the DC.

    --
    Best regards,
    Kevin D4 Dad Goodknecht Sr. [MVP]
    Hope This Helps
    ============================
    --
    When responding to posts, please "Reply to Group" via your
    newsreader so that others may learn and benefit from your issue.
    To respond directly to me remove the nospam. from my email.
    ==========================================
    http://www.lonestaramerica.com/
    ==========================================
    Use Outlook Express?... Get OE_Quotefix:
    It will strip signature out and more
    http://home.in.tum.de/~jain/software/oe-quotefix/
    ==========================================
    Keep a back up of your OE settings and folders with
    OEBackup:
    http://www.oehelp.com/OEBackup/Default.aspx
    ==========================================
  4. Archived from groups: microsoft.public.win2000.dns (More info?)

    In news:24ce201c45faa$c62db5e0$a401280a@phx.gbl,
    Rusty in <anonymous@discussions.microsoft.com> posted their thoughts, then I
    offered mine
    > After disabling NetBIOS over TCPIP in Windows 2000 server,
    > we are having problems with NetBIOS name resolution
    > problems and no local DNS server. We are running a DNS
    > for our department and all host requests are forwarding to
    > the main Unix DNS server in our company. Neither DHCP nor
    > Win server is running on our department network. Please
    > advise.


    Just want to reiterate what Kevin said. NetBIOS name resolution requires
    NetBIOS to be enabled. Not too much you can do about that.

    Keep in mind, if you are using Exchange server (no matter what version), it
    still requires NetBIOS for Outlook functionality.

    --
    Regards,
    Ace

    Please direct all replies ONLY to the Microsoft public newsgroup so all
    can benefit. This posting is provided "AS-IS" with no warranties and
    confers no rights.

    Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
    Microsoft Windows MVP - Active Directory

    HAM AND EGGS: A day's work for a chicken; A lifetime commitment for a
    pig. --
    =================================
  5. Archived from groups: microsoft.public.win2000.dns (More info?)

    In news:2499201c45fba$f3e3e0d0$a301280a@phx.gbl,
    anonymous@discussions.microsoft.com in <anonymous@discussions.microsoft.com>
    posted their thoughts, then I offered mine
    > According to our company security team, SMB Ports and
    > Netbios ports needs to be blocked as most of hacker
    > attached are performed as open ports such as these.
    >
    > Even after disabling Netbios port, all workstation are
    > able to connect to this server, which is Active directory,
    > domain controller, but another server on our network lost
    > connection to this server.
    >
    > Thanks for your help.

    I can understand blocking NetBIOS from the Internet, which I do myself as
    well, as do many others. AD doesn't use NetBIOS for domain communication
    functionality, but other apps do. Assuming your security team has an awesome
    firewall and/or ISA or Proxy server in place blocking everything from the
    outside world, turning off NetBIOS and SMB internally will harm
    productivity, since I bet many folks probably rely on Network Neighborhood,
    which will not function, and UNC shares using NetBIOS will also not
    function. Weighing the security advantages compared to functionality and
    productivity, I would keep NetBIOS and SMB enabled and let the firewall
    protect the network. An inside intruder will, as Kevin said, if determined,
    doesn';t matter what you turn off, can still phish for stuff. I do it all
    the time to test things ...

    --
    Regards,
    Ace

    Please direct all replies ONLY to the Microsoft public newsgroup so all
    can benefit. This posting is provided "AS-IS" with no warranties and
    confers no rights.

    Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
    Microsoft Windows MVP - Active Directory

    HAM AND EGGS: A day's work for a chicken; A lifetime commitment for a
    pig. --
    =================================
  6. Archived from groups: microsoft.public.win2000.dns (More info?)

    When I disable NetBios over Tcpip in the WINS tab of the
    Advanced TCP/IP Settings, Primary Wins server and
    Secondary Wins server are listed in Ipconfig /all output,
    but when I disable NetBios over Tcpip in the Device
    Manager, Wins servers are not listed in Ipconfig /all
    output and no local DNS server. See below link:

    http://www.microsoft.com/technet/Security/prodtech/win2000/
    secwin2k/a0604.mspx

    DC Ipconfig output:

    Ethernet adapter Local Area Connection:
    Connection-specific DNS Suffix ...sell.com
    Description . . . . . . . . : 3Com 3C90x Ethernet
    Adapter
    Physical Address. . . . . . : 00-60-08-3E-46-07
    DHCP Enabled. . . . . . . . : No
    IP Address. . . . . . . . . : 10.15.20.24
    Subnet Mask . . . . . . . . : 255.255.254.0
    Default Gateway . . . . . . : 10.15.20.1
    Default Gateway . . . . . . : 10.1.2.15
    NetBIOS over Tcpip . . . . : Disabled

    Thanks.

    >-----Original Message-----
    >In news:2499201c45fba$f3e3e0d0$a301280a@phx.gbl,
    >anonymous@discussions.microsoft.com
    <anonymous@discussions.microsoft.com>
    >posted a question
    >Then Kevin replied below:
    >> According to our company security team, SMB Ports and
    >> Netbios ports needs to be blocked as most of hacker
    >> attached are performed as open ports such as these.
    >>
    >> Even after disabling Netbios port, all workstation are
    >> able to connect to this server, which is Active
    directory,
    >> domain controller, but another server on our network
    lost
    >> connection to this server.
    >
    >Check the server that lost connection for the proper DNS
    Suffix search list
    >and DNS server.
    >I'm proponent of disabling NetBIOS as well, as much for
    internal security as
    >external security. IMO, Network browsers are as much a
    security risk as any.
    >It still won't stop a determined user but if they can't
    browse Network
    >Places it sure slows the ocaisional "I wonder what's in
    here" browser.
    >
    >You might even find the problem with the server by
    running netdiag on it to
    >see what is comes up with.
    >If youwant me to take a closer look at that particular
    server piost an
    >ipconfig /all from it and the DC.
    >
    >--
    >Best regards,
    >Kevin D4 Dad Goodknecht Sr. [MVP]
    >Hope This Helps
    >============================
    >--
    >When responding to posts, please "Reply to Group" via
    your
    >newsreader so that others may learn and benefit from your
    issue.
    >To respond directly to me remove the nospam. from my
    email.
    >==========================================
    > http://www.lonestaramerica.com/
    >==========================================
    >Use Outlook Express?... Get OE_Quotefix:
    >It will strip signature out and more
    > http://home.in.tum.de/~jain/software/oe-quotefix/
    >==========================================
    >Keep a back up of your OE settings and folders with
    >OEBackup:
    > http://www.oehelp.com/OEBackup/Default.aspx
    >==========================================
    >
    >
    >.
    >
  7. Archived from groups: microsoft.public.win2000.dns (More info?)

    In news:2536901c4603e$ac11c0e0$a401280a@phx.gbl,
    anonymous@discussions.microsoft.com <anonymous@discussions.microsoft.com>
    posted a question
    Then Kevin replied below:
    > When I disable NetBios over Tcpip in the WINS tab of the
    > Advanced TCP/IP Settings, Primary Wins server and
    > Secondary Wins server are listed in Ipconfig /all output,
    > but when I disable NetBios over Tcpip in the Device
    > Manager, Wins servers are not listed in Ipconfig /all
    > output and no local DNS server. See below link:
    >
    >
    http://www.microsoft.com/technet/Security/prodtech/win2000/secwin2k/a0604.mspx

    If you read that entire article it tells you that disabling NetBIOS in
    hidden devices also disables SMB which basically disables File Sharing, this
    shoudl only be done on pure Web servers and pure DNS servers (e.g. public
    Web and DNS servers that provide no other service).
    You do _not_ want to do this on Domain controllers and File servers or
    machines that Authenticate to a domain.
    IF you read the statement at the bottom of the page it prettty much explains
    it.

    "Potential Impact
    No systems will be able to connect to the server via SMB. The servers will
    be unable to access folders shared on the network. Many management tools
    will be unable to connect to the servers"


    You should follow disable Client for MS networks, File sharing and NetBIOS
    over TCP/IP (on the WINS tab) on any internet facing interfaces.

    If you are using a Win2k machine as a Firewall use the option in the device
    manager to disable NetBIOS over TCP/IP, you would not want to do this on a
    client or member of a network behind the firewall.

    --
    Best regards,
    Kevin D4 Dad Goodknecht Sr. [MVP]
    Hope This Helps
    ============================
    --
    When responding to posts, please "Reply to Group" via your
    newsreader so that others may learn and benefit from your issue.
    To respond directly to me remove the nospam. from my email.
    ==========================================
    http://www.lonestaramerica.com/
    ==========================================
    Use Outlook Express?... Get OE_Quotefix:
    It will strip signature out and more
    http://home.in.tum.de/~jain/software/oe-quotefix/
    ==========================================
    Keep a back up of your OE settings and folders with
    OEBackup:
    http://www.oehelp.com/OEBackup/Default.aspx
    ==========================================
Ask a new question

Read More

DNS Server DNS Netbios Windows