Logo
programming4us
programming4us
programming4us
programming4us
Home
programming4us
XP
programming4us
Windows Vista
programming4us
Windows 7
programming4us
Windows Azure
programming4us
Windows Server
programming4us
Windows Phone
 
Windows Server

Understanding Name Resolution in Windows Server 2003

- Free product key for windows 10
- Free Product Key for Microsoft office 365
- Malwarebytes Premium 3.7.1 Serial Keys (LifeTime) 2019
3/5/2011 3:51:04 PM

Comparing DNS and NetBIOS

DNS is the preferred naming system in the Windows Server 2003 family and, compared to NetBIOS, offers superior scalability, security, and compatibility with the Internet. Although DNS requires configuration before it can function, it is still an essential element in Active Directory domains and is therefore used in most Windows Server 2003 networks. However, NetBIOS is still often used as a backup name resolution method, particularly because it can provide, without configuration, name resolution for computers located on the same network segment. In addition, NetBIOS is used for compatibility with older Windows features, such as browsing the Microsoft Windows Network through My Network Places or connecting to shares through Universal Naming Convention (UNC) addresses such as \\computer1\share1.

Note

NetBIOS is not actually a naming system but an application programming interface (API), used in older Microsoft networks, that allows computers to connect and communicate. Naming and name resolution are two of the many services NetBIOS offers.


In Windows Server 2003 networks, DNS name resolution takes priority over NetBIOS name resolution. This prioritization is handled by the DNS Client service, which is responsible for directing name resolution. The DNS Client service first attempts name resolution through DNS; if this fails, the DNS Client service then submits the name to NetBIOS.

Note

The DNS Client service is also known as the resolver.


Comparing Computer Names

When you install Windows Server 2003 on a computer, you must assign the computer a name. This name, which you can modify in the System Properties dialog box, forms the basis both for its DNS host name and its NetBIOS name. Specifically, an individual label such as “server1” assigned to a computer is known as a host name in DNS. Provided that it does not exceed 15 characters, the same name is then also used as the NetBIOS name.

Despite this similarity, DNS is distinct from NetBIOS in that the DNS namespace is hierarchical. Each DNS host name is merely a part of a full name, known as a fully qualified domain name (FQDN), that specifies both the host name and its domain. An example of an FQDN is www.lucernepublishing.com. NetBIOS includes no such hierarchy; as a result, every NetBIOS name must be unique on the network.

Table 1 summarizes the various name types and name components used in Windows Server 2003 networks.

Table 1. Computer Names and Name Suffixes
Name TypeDescription
NetBIOS nameA NetBIOS name is used to uniquely identify a NetBIOS service listening on the first IP address that is bound to an adapter. This unique NetBIOS name is resolved to the IP address of the server through broadcast, the Windows Internet Name Service (WINS), or the Lmhosts file. NetBIOS computer names are 15 characters, whereas NetBIOS service names are 16 characters. By default, the first 15 characters of the NetBIOS service name are the same as the host name, padded with zeros. The sixteenth character is used to identify the specific NetBIOS service.
Host nameThe term host name typically refers to the first label of an FQDN. For example, the first label of the FQDN client1.lucernepublishing.com is client1. A host name is also often referred to as computer name.
Primary DNS suffixEvery computer in a Windows Server 2003 network can be assigned a primary DNS suffix to be used in name resolution and name registration. The primary DNS suffix is specified on the Computer Name tab of the properties dialog box in My Computer. The primary DNS suffix is also known as the primary domain name and the domain name. For example, the FQDN c1.lucernepublishing.com has the primary DNS suffix lucernepublishing.com.
Connection-specific DNS suffixThe connection-specific DNS suffix is a DNS suffix that is assigned to an adapter.The connection-specific DNS suffix is also known as an adapter DNS suffix. For example, a connection-specific DNS suffix might be subnet2.lucernepublishing.com.
FQDNThe FQDN is a DNS name that uniquely identifies the computer on the network. Typically, it is a concatenation of the host name, the primary DNS suffix, and a period. For example, an FQDN might be client1.lucernepublishing.com.
Full computer nameThe full computer name is a type of FQDN. The same computer can be identified by more than one FQDN, but only the FQDN that concatenates the host name and the primary DNS suffix represents the full computer name.

Table 2 compares the general features of NetBIOS computer names and DNS host names.

Table 2. Comparison of NetBIOS and DNS Names
 NetBIOS Computer NameDNS Computer Name
TypeFlatHierarchical
Character restrictionsUnicode characters, numbers, white space, symbols: ! @ # $ % ^ & ’) (.-_{} ~A–Z, a–z, 0–9, and the hyphen (-); period (.) has special reserved meaning
Maximum length15 characters63 bytes per label; 255 bytes per FQDN
Name serviceWINS NetBIOS broadcast Lmhosts fileDNS Hosts file

Comparing Name Resolution Procedures

Within each of the two general categories of name resolution—DNS and NetBIOS—Windows Server 2003 networks provide a set of methods to resolve computer names.

For DNS, these name resolution methods include the following:

  • Name lookup in the local DNS client cache. Names can be cached from previous queries or loaded from the Hosts file found in the WINDOWS\System32\Drivers\Etc folder.

  • DNS server query.

For NetBIOS name resolution, these methods include the following:

  • Name lookup in the local NetBIOS name cache

  • WINS server query

  • Query of local network through NetBIOS broadcasts

  • Name lookup in the Lmhosts file, found in the WINDOWS\System32\Drivers\Etc folder

Tip

Remember the following NetBIOS-related commands for the exam:

  • Nbtstat –c (Lists the names in the local NetBIOS name cache)

  • Nbtstat –R (Purges the local NetBIOS name cache)


Determining When DNS Is Required

In general, DNS is required for networks under the circumstances described in the following sections.

Networks Using Microsoft Windows 2000 or Windows Server 2003 Domains

When computers are members of a Windows 2000 or Windows Server 2003 domain, DNS must be configured. Active Directory is tightly integrated with DNS, and DNS is used by Active Directory as its locator service. (A locator service assists clients in a Windows Server 2003 or Windows 2000 domain to find hosts and services with an unknown location within a given domain.)

DNS for Internet or Intranet Access

You must use DNS if you need to connect to computers on your network or the Internet by specifying DNS host names.

Determining When NetBIOS Is Required

Windows Server 2003 networks support NetBIOS over TCP/IP (NetBT) for backward compatibility with earlier versions of Windows and for compatibility with NetBIOS applications. Microsoft Windows NT domains—as well all workgroups using Microsoft Windows 95, Microsoft Windows 98, Microsoft Windows Millennium Edition (Me), and Windows NT—use NetBIOS names and the NetBIOS protocol.

NetBIOS name resolution is also necessary for network clients using applications or services that require NetBIOS name resolution. An example of such a service is the Computer Browser service, which enables network browsing through the Microsoft Windows Network icon in Windows Explorer.

Finally, NetBIOS name resolution is required in networks for which DNS has not yet been fully configured. An example is a computer workgroup in which no DNS server has been installed. In this case, NetBIOS broadcasts are required to resolve computer names.

Real World Browsing without NetBIOS

Although no solution besides NetBIOS can provide broadcast-based name resolution, some secure alternatives for network browsing are available. First, if you have added network shares to the Active Directory global catalog, users can locate and connect to these shares through Windows Explorer. Alternatively, you can use Distributed File System (DFS) to build an easily browsed structure for all the shared folders on your network. After users connect to the root DFS share, they can browse shared resources regardless of the server that hosts the share. Finally, don’t forget that although network browsing is not available without NetBIOS, you can still connect to network resources through My Network Places as long as you specify those resources by name.


Disabling NetBIOS

NetBIOS is enabled by default for all local area connections in Windows Server 2003. However, if you have implemented DNS on your network and do not need to provide compatibility with versions of Windows earlier than Windows 2000, you have the option of disabling NetBIOS for any or all network connections.

The main advantage of disabling NetBIOS is improved network security. NetBIOS as a service stores information about network resources that can be collected by any host through broadcast-based queries. Feasibly, this information could be exploited by a malicious intruder. Another advantage of disabling NetBIOS is that doing so can simplify administration by reducing the number of naming infrastructures that you must configure, maintain, and support.

The most obvious disadvantage of disabling NetBIOS is that it renders inoperable network browsing through the Microsoft Windows Network icon. (You access this icon in Windows Explorer by expanding My Network Places and by then double-clicking the Entire Network icon.) Network browsing is made possible by the availability of browse lists compiled by the Computer Browser service; the Computer Browser service relies on NetBIOS and the NetBT protocol. Another disadvantage of disabling NetBIOS is that it decreases fault tolerance. If DNS is improperly configured, name resolution fails. Finally, some networks use third-party applications that require NetBIOS. Before disabling NetBIOS on your network, be sure to set up a test network to see whether all needed applications function properly.

To disable WINS/NetBIOS name resolution, complete the following steps:

1.
Open the Network Connections window.

2.
Right-click Local Area Connection, and then click Properties.

The Local Area Connection Properties dialog box opens.

3.
In the list of components, click Internet Protocol (TCP/IP), and then click Properties.

The Internet Protocol (TCP/IP) Properties dialog box opens.

4.
Click Advanced.

The Advanced TCP/IP Settings dialog box opens.

5.
Click the WINS tab.

6.
Click the Disable NetBIOS Over TCP/IP option.

7.
Click OK twice, and then click Close.

Off the Record

Even for networks that don’t require it, NetBIOS can be a tough habit to break. It’s hard to beat the convenience of broadcast-based name resolution—if only as a failover from DNS—or of network browsing through the Microsoft Windows Network icon. Indeed, even though NetBIOS is often written about as a “legacy” protocol used only in old networks, most modern Microsoft networks still rely on it as a crutch if not as a necessity. Even so, you should seriously consider sacrificing the convenience of NetBIOS for improved security: the ready availability of network information that NetBIOS provides is, after all, precisely what makes this API a potential security risk.

Other -----------------
- Windows Server 2008 R2 Administration : Managing Printers with the Print Management Console
- Windows Server 2008 R2 Administration : Managing Users with Local Security and Group Policies (part 3) - Troubleshooting Group Policy Applications
- Windows Server 2008 R2 Administration : Managing Users with Local Security and Group Policies (part 2) - Configuring and Optimizing Group Policy
- Windows Server 2008 R2 Administration : Managing Users with Local Security and Group Policies (part 1) - Viewing Policies with the Group Policy Management Console & Creating New Group Policies
- Windows Server 2008 R2 Administration : Creating Groups
- Examining Windows Server 2008 R2 Active Directory Groups
- Windows Server 2008 R2 Administration : Configuring Sites (part 2) - Establishing Site Links & Delegating Control at the Site Level
- Windows Server 2008 R2 Administration : Configuring Sites (part 1) - Creating a Site
- Windows Server 2008 R2 Administration : Examining Active Directory Site Administration
- Windows Server 2008 R2 Administration : Defining the Administrative Model
 
 
Top 10
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 2) - Wireframes,Legends
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 1) - Swimlanes
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Formatting and sizing lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Adding shapes to lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Sizing containers
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 3) - The Other Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 2) - The Data Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 1) - The Format Properties of a Control
- Microsoft Access 2010 : Form Properties and Why Should You Use Them - Working with the Properties Window
- Microsoft Visio 2013 : Using the Organization Chart Wizard with new data
 
programming4us
Windows Vista
programming4us
Windows 7
programming4us
Windows Azure
programming4us
Windows Server