RE: NetBIOS Question...

From: magician (magician_at_discussions.microsoft.com)
Date: 02/10/05 

Date: Thu, 10 Feb 2005 06:55:03 -0800

This is an interesting question. We upgraded to W2K3 from NT4 domains last
summer and it is our intention to completely remove netbios from our
networks. Since migrating we have a couple of PC's and servers that appear to
running fine without netbios (one of the test machines is a DC). However I
discovered the other day that Exchange 2003 will not function correctly
without netbios!!! (If you have more than 1 Exchange server).

So I wonder if we are safe to turn off netbios on everything except the
Exchange servers?

"Will Gillen" wrote:

> Our organization is planning our first Active Directory upgrade from NT4.0
> Domain to Win2003 Active Directory.
> In our test environment we have done the following:
>
> 1. Removed a BDC from the live domain.
> 2. Isolated the NT4.0 BDC on an isolated test network.
> 3. Promoted the BDC to PDC.
> 4. Upgraded PDC to Windows 2003.
> 5. Upgraded the Functionality to Full Windows 2003.
> 6. The "old" NT4.0 NetBIOS domain name is still active on the Domain (so
> that all the computer objects can authenticate against the "new" AD Domain).
>
> In our tests, all permissions, computers, and user objects appear to be
> intact, and we are quite satisfied with the test. Except for one thing:
>
> We have disabled NetBIOS over TCP/IP on all test DCs, Fileserver, PCs.
> Users are still able to login to the "old" NetBIOS domain name alias.
> However, our isolated test network is one LAN with no routers or complex
> switching. I'm worried that the only reason users are able to still login
> to the "old" domain alias is that a NetBIOS broadcast is locating the DC for
> authentication. I feel that in a more complex network environment with
> routers and switches (that do not forward NetBIOS broadcast traffic), the
> PCs will not be able to locate the DC. We are planning a test with a router
> in between the PCs and the DC and DNS server to see if PCs are still able to
> locate the DC. I just wanted to see if anyone knows of some real good
> in-depth documentation on the NetBIOS vs. DNS DC locator, specifically in a
> situation where we are upgrading a NT4.0 PDC to Active Directory on Windows
> 2003.
>
>
>

Relevant Pages

  • Re: Computer \computername cannot be managed because it is not running Windows NT
    ... the other computer/client which 'wants' to manage it via Server ... 'NetBIOS over TCP/IP' is disabled. ... little to nothing to improve network security. ... disabling 'NetBIOS over TCP/IP' and therefore loosing 'My Network ...
    (microsoft.public.windowsxp.security_admin)
  • Re: The specified network name is nolonger available
    ... the "The specified network name is nolonger ... > works, NetBIOS is working. ... > you can substitute server with computer if that helps your understanding. ... Edit your LMHOSTS file. ...
    (microsoft.public.win2000.networking)
  • Re: Unable to see all PCs in My Network Places
    ... >> Recently I found out that I am unable to browse all PCs ... >> my network places. ... I have tried to restart my DNS and my ... is a NetBIOS ...
    (microsoft.public.win2000.dns)
  • Re: howto network printers without NetBIOS
    ... > What makes you think you cannot use File and Printer sharing? ... > if NetBIOS is allowed on the network. ... > NetBIOS over TCP/IP. ...
    (microsoft.public.windowsxp.general)
  • Re: netBIOS Alert
    ... My Network Places has disappeared from the desk top, ... Lastly, I like Zonealarm. ... That'll fix your NetBIOS ... the probe could be a port scan. ...
    (comp.security.firewalls)