Windows Server 2003 for Dummies
|
In a Microsoft Windows network, TCP/IP hosts can be called by NetBIOS names instead of IP addresses or domain names. Because NetBIOS names are more or less unique to Microsoft Networks, there's no current standard for associating NetBIOS names with IP addresses. On a Microsoft Network that uses TCP/IP as its only networking protocol, it's essential to be able to resolve NetBIOS names to IP addresses. This is where Windows Internet Name Service (WINS) comes in.
A glimpse at WINS
Because resolving NetBIOS names to IP addresses is the key to providing access to many of Windows 2003's built-in services and facilities, Microsoft provides two methods to handle this process:
-
LMHOSTS: You can use a file named LMHOSTS to create a static table that associates specific NetBIOS names with specific IP addresses. (LM stands for LAN Manager and points to the network operating system that preceded Windows NT in the Microsoft product world.) Such a file must be present on every machine to provide the necessary name-to-address resolution capabilities.
For small, simple networks, using LMHOSTS files is an acceptable method. On large, complex networks, the busy work involved in maintaining a large number of such files can quickly get out of hand.
-
WINS: Larger, more complex networks are where WINS comes into play. WINS runs on Windows Server 2003 machines as a service that automatically discovers NetBIOS names and manages a dynamic database that associates NetBIOS names with TCP/IP addresses. As networks grow, multiple WINS servers sometimes become necessary to help speed up the time it takes to handle name resolution requests .
A single WINS server can handle an entire network. On networks that include multiple sites or thousands of users, however, multiple WINS servers can distribute the load involved in providing name resolution, and speed users' access to NetBIOS-based resources.
WINS has several advantages over LMHOSTS files. For one thing, it's built on a dynamic database, which means that as networks change and names and addresses come and go, the database changes as the WINS server detects new name and address relationships or finds old names with new addresses. WINS can be especially important on networks where DHCP is used, if clients also share files or printers on their machines. Also, WINS is sometimes like a Spanish-English dictionary that's constantly updated as new words - or in this case, names - are added.
WINS servers
A WINS server maintains a database that maps computer names to their respective IP addresses and vice versa. Rather than sending broadcasts for address information, which eats excess network bandwidth, a workstation that needs a NetBIOS name resolved makes a request directly to a designated WINS server (that's the real purpose of the WINS tab in the Advanced TCP/IP Settings dialog box).
This approach lets workstations take advantage of a well-defined service and obtain address information quickly and efficiently . Also, when workstations with NetBIOS names log on to the network, they provide information about themselves and their resources to the WINS server. Then, any changes automatically appear in the WINS server's database.
Although WINS is much simpler than DNS, it's still not an easy process. You need to install WINS as a network service component through the Network and Dial-up Connections interfaces. We recommend seeking guidance from the Windows 2003 Resource Kit before starting on that journey.
WINS clients
When configuring workstations or servers (at least, those servers that don't play host to the WINS server software) on your network, you'll provide an IP address for one or more WINS servers on your network. When those machines boot, they provide the WINS server with their computer names, share names, and IP addresses. The WINS server handles everything else. If a workstation needs an IP address that corresponds to a NetBIOS name, it asks the WINS server to supply that information.
NetBIOS over TCP/IP
The bane of many security consultants , NetBIOS over TCP/IP is a piggyback application programming interface (API) employed by Windows 2003 for all of its internal and server-to-server communications. Within a secured environment, such as behind firewalls and proxies, NetBIOS over TCP/IP is beneficial because it supports many of the user -friendly features of Windows 2003 networking. But without adequate security, it's a gaping hole that devious individuals can exploit to overtake your network or stand-alone system. The WINS tab offers you the ability to disable NetBIOS over TCP/IP on the current system (meaning NetBIOS will not be transmitted over network links from this computer) or to allow it to mimic its DHCP server (if the DHCP server disabled NetBIOS, this system will as well). You should consider disabling NetBIOS over TCP/IP only if all systems on the network are Windows 2000, Windows XP, or Windows 2003 and no application or service on the network requires NetBIOS to function. In other words, you'll need to live with NetBIOS for a bit longer.
|