70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 6: Planning, Configuring, And Troubleshooting WINS

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network2 Objectives Describe the NetBIOS name resolution process Choose a NetBIOS name resolution method Describe the tasks performed by WINS Install WINS Choose WINS fault-tolerance options Configure WINS replication Manage WINS Describe NetBIOS security issues

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network3 NetBIOS Name Resolution WINS (Windows Internet Naming Service) is required to support NetBIOS name resolution for pre-Windows 2000 clients Windows-based applications use WinSock and NetBIOS to access network resources With NetBIOS, the name of the remote resource is resolved to an IP address

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network4 NetBIOS Name Resolution (continued) Microsoft clients use the following four methods to resolve NetBIOS names NetBIOS name cache Windows Internet Naming Service (WINS) Broadcast LMHOSTS

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network5 NetBIOS Name Resolution (continued)

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network6 NetBIOS Name Cache Client computers use the NetBIOS name cache to speed up the name resolution process A reduction in network traffic occurs because if the current NetBIOS name being resolved has a record in the cache, its IP address in the cache is used and no further resolution is performed

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network7 WINS A WINS server is used to resolve NetBIOS names A WINS server is a central repository of NetBIOS name information on the network The advantages of WINS over other NetBIOS name resolution methods are: It functions across routers It can be dynamically updated It can be automated It offers client configuration through DHCP It offers integration with DNS

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network8 Broadcast If WINS has not been installed on the network or the client has been incorrectly configured, WINS cannot resolve the NetBIOS name  In such a case, a broadcast is sent on the network The computer using the NetBIOS name being resolved receives the request and then responds with its IP address

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network9 LMHOSTS The LMHOSTS file is a static text file located on the workstation The file contains a list of NetBIOS names and their associated IP addresses If no other method is successful, Windows clients parse an LMHOSTS file to find the NetBIOS name The most common use of LMHOSTS files is to test NetBIOS name resolution

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network10 Activity 6-1: Creating an LMHOSTS File The purpose of this activity is to create an LMHOSTS file for NetBIOS name resolution

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network11 Choosing NetBIOS Name Resolution Methods Methods to implement NetBIOS name resolution can vary depending on the size and capacity of the network Certain resolution methods are better suited to small networks, whereas others are suited to large networks Some non-Windows clients are not capable of using WINS

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network12 Single Subnet Networks A network with only a single subnet can use broadcast name resolution The potential drawback to broadcast name resolution on a single subnet is the number of broadcast packets that will be sent on the network On a network with many computers or limited bandwidth, this can affect network performance If a reduction in broadcast traffic is desired, WINS should be implemented

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network13 Large Multisubnet Networks Name resolution methods for large networks with multiple subnets are: LMHOSTS WINS LMHOSTS files are not practical for large networks it is too difficult to maintain the file on each computer On large networks, WINS is used for name resolution All the clients can be configured dynamically by using DHCP, making implementation and maintenance very easy

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network14 Small Multisubnet Networks Most small networks with multiple subnets use a WINS server for NetBIOS name resolution Clients are easily be configured using DHCP It is reasonable to use an LMHOSTS file on smaller multisubnet networks because there are a limited number of client computers to configure

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network15 Non-WINS Clients You can use a WINS proxy for computers that need to participate in NetBIOS name resolution but that cannot be configured to use WINS These computers are often UNIX or Linux clients that need to access NetBIOS resources Using a WINS proxy allows these clients to resolve NetBIOS names to IP addresses using records in a WINS database

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network16 Non-WINS Clients (continued)

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network17 WINS Functions WINS can perform four common tasks: Name registration Name renewal Name release Name query

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network18 Name Registration When a WINS client boots up, it performs a name registration The name registration places NetBIOS information about the client into the WINS database This makes the information available to other clients performing name queries Name registration is a two packet process

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network19 Name Registration (continued)

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network20 Name Renewal Each NetBIOS name registration is assigned a TTL When the TTL is one-half completed, the WINS client attempts to refresh the registration The default TTL is six days Name renewal is a two-packet process

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network21 Name Renewal (continued)

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network22 Name Release When a computer is properly shut down, it contacts the WINS server and releases its Net-BIOS name The first packet is a name release request sent from the WINS client to the WINS server This request includes the NetBIOS name being released and the IP address of the WINS client The WINS server sends a name release response to the WINS client The name release response contains the NetBIOS name being released and a TTL of zero

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network23 Name Release (continued)

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network24 Name Query A name query is used to resolve a NetBIOS name to an IP address This is done by a client computer that is accessing resources on a server A WINS client queries a WINS server if the NetBIOS name being resolved has not been recently resolved and stored in the NetBIOS name cache

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network25 Name Query (continued)

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network26 Installing WINS Windows Server 2003 has the ability to act as a WINS server WINS is the Microsoft implementation of a NetBIOS name server A NetBIOS name server is responsible for accepting NetBIOS name registrations and queries

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network27 Activity 6-2: Installing WINS The purpose of this activity is to install WINS on your server

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network28 Activity 6-3: Configuring a WINS Client The purpose of this activity is to configure your server to be a WINS client

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network29 WINS Fault Tolerance Options for fault tolerance are: Clustering Clustering is the best mechanism to provide WINS fault tolerance because it provides almost instant failover Using multiple WINS servers Much easier to implement, particularly if you have already configured multiple WINS servers on your network to reduce WAN traffic

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network30 WINS Replication When more than one WINS server is implemented, you must configure the WINS servers as replication partners Replication partners synchronize information between each other Replication can be configured in three ways: Push Pull Push/Pull

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network31 WINS Replication (continued)

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network32 Activity 6-4: Configuring Replication Partners The purpose of this activity is to configure your server to replicate WINS information with a partner

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network33 Managing WINS The General tab of the WINS server Properties dialog box allows you to configure: How often statistics are updated for the server The path for backing up the WINS database Whether the WINS database should be backed up each time the server is shut down The Intervals tab allows you to configure how names are expired and deleted from the WINS database The renewal interval refers to the TTL that is given to WINS clients when a name is registered with the WINS server

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network34 Viewing Database Records To view the records that exist in the WINS database, right-click Active Registrations, and click Display Records You can search for records based on: Name IP address Owner Record type

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network35 Activity 6-5: Viewing WINS Records The purpose of this activity is to view WINS records on your server

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network36 Adding Static Records If non-Microsoft servers provide NetBIOS resources on the network, they may not be able to use a WINS server If the non-Microsoft server cannot use WINS, then WINS clients cannot resolve their NetBIOS names To eliminate this problem, you can create a static record in WINS For each static mapping, you enter the computer name, record type, and IP address

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network37 Activity 6-6: Creating a Static Mapping The purpose of this activity is to Add a static mapping to the WINS database

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network38 Backing Up and Restoring the Database You can easily fix a corrupt WINS database if you have a backup of the WINS database: Simply stop the WINS service and restore the database After the database has been restored, the WINS server receives changes that occurred since the backup from replication partners The WINS servers determine the changes to replicated partners based on the version ID of the database records

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network39 Activity 6-7: Backing Up and Restoring the WINS Database The purpose of this activity is to back up and restore the WINS database on your server

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network40 Migrating the WINS to a New Server The overall process for client configuration is as follows: Configure clients with the new WINS server as a secondary WINS server Install the new WINS server Configure clients to use the new WINS server as the primary WINS server Remove the old WINS server

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network41 Migrating the WINS to a New Server (continued) If the WINS database is very large, or migration needs to be very fast, you can copy the WINS database directly from the old server to the new server The steps are as follows: Install WINS on the new WINS server Stop the WINS service on the old and new WINS server Copy the WINS files in %SYSTEMROOT%\system32\wins from the old WINS server to the new WINS server Start the WINS service on the new WINS server

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network42 Compacting the WINS Database Windows Server 2003 performs dynamic compaction of the database during idle times Dynamic compaction occurs while the database is in use Dynamic compaction is not as good as manual compaction. Manual compaction of the WINS database is performed when the WINS service is stopped

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network43 NetBIOS Security NetBIOS over TCP/IP must be enabled for Windows Server 2003 to perform file and print sharing with pre-Windows 2000 clients It is also required by all Windows operating systems to browse Windows networks and available shares in My Network Places

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network44 NetBIOS Security (continued) A null session is an anonymous NetBIOS session in which no authentication credentials have been given to the server Many security risks are associated with using NetBIOS over TCP/IP when null sessions are allowed: Null sessions allow unauthenticated users to scan the network for available resources Null sessions allow unauthenticated users to query domain controllers for a list of users and groups, including their Security Identifiers (SIDs) and description

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network45 NetBIOS Security (continued) A user connected with a null session is also part of the Everyone group If any resources are available to the Everyone group, they are available via a null session Windows Server 2003 removes much of this risk by using the Authenticates Users group instead of the Everyone group for most tasks This restricts unauthenticated users from browsing available shares, querying lists of users and groups, and accessing resources available to the Everyone group

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network46 NetBIOS Security (continued)

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network47 Activity 6-8: Removing WINS The purpose of this activity is to remove WINS from your server

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network48 Summary WINS (Windows Internet Naming Service) is required to support NetBIOS name resolution for pre- Windows 2000 clients A NetBIOS name can be resolved using four different methods: NetBIOS name cache WINS Broadcast LMHOSTS file A WINS server is a central repository for resolving NetBIOS names and has many benefits over other NetBIOS name resolution methods

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network49 Summary (continued) A WINS server performs four common tasks: name registration name renewal name release name query To configure WINS for fault tolerance, you must use clustering or implement multiple WINS servers When two or more WINS servers exist on a network, replication must be configured between them to synchronize their contents

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network50 Summary (continued) You can configure a static mapping for resources that are unable to register themselves with WINS You can view and delete the records in a WINS database You should back up the WINS database just like any other critical resource on a network