500 likes | 754 Views
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 6: Planning, Configuring, And Troubleshooting WINS. Objectives. Describe the NetBIOS name resolution process Choose a NetBIOS name resolution method Describe the tasks performed by WINS Install WINS
E N D
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, EnhancedChapter 6: Planning, Configuring, And Troubleshooting WINS
Objectives • Describe the NetBIOS name resolution process • Choose a NetBIOS name resolution method • Describe the tasks performed by WINS • Install WINS • Choose WINS fault-tolerance options • Configure WINS replication • Manage WINS • Describe NetBIOS security issues 70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network
NetBIOS Name Resolution • WINS (Windows Internet Naming Service) is required to support NetBIOS name resolution for pre-Windows 2000 clients • Windows-based applications use WinSock and NetBIOS to access network resources • With NetBIOS, the name of the remote resource is resolved to an IP address 70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network
NetBIOS Name Resolution (continued) • Microsoft clients use the following four methods to resolve NetBIOS names • NetBIOS name cache • Windows Internet Naming Service (WINS) • Broadcast • LMHOSTS 70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network
NetBIOS Name Resolution (continued) 70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network
NetBIOS Name Cache • Client computers use the NetBIOS name cache to speed up the name resolution process • A reduction in network traffic occurs because if the current NetBIOS name being resolved has a record in the cache, its IP address in the cache is used and no further resolution is performed 70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network
WINS • A WINS server is used to resolve NetBIOS names • A WINS server is a central repository of NetBIOS name information on the network • The advantages of WINS over other NetBIOS name resolution methods are: • It functions across routers • It can be dynamically updated • It can be automated • It offers client configuration through DHCP • It offers integration with DNS 70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network
Broadcast • If WINS has not been installed on the network or the client has been incorrectly configured, WINS cannot resolve the NetBIOS name In such a case, a broadcast is sent on the network • The computer using the NetBIOS name being resolved receives the request and then responds with its IP address 70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network
LMHOSTS • The LMHOSTS file is a static text file located on the workstation • The file contains a list of NetBIOS names and their associated IP addresses • If no other method is successful, Windows clients parse an LMHOSTS file to find the NetBIOS name • The most common use of LMHOSTS files is to test NetBIOS name resolution 70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network
Activity 6-1: Creating an LMHOSTS File • The purpose of this activity is to create an LMHOSTS file for NetBIOS name resolution 70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network
Choosing NetBIOS Name Resolution Methods • Methods to implement NetBIOS name resolution can vary depending on the size and capacity of the network • Certain resolution methods are better suited to small networks, whereas others are suited to large networks • Some non-Windows clients are not capable of using WINS 70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network
Single Subnet Networks • A network with only a single subnet can use broadcast name resolution • The potential drawback to broadcast name resolution on a single subnet is the number of broadcast packets that will be sent on the network • On a network with many computers or limited bandwidth, this can affect network performance • If a reduction in broadcast traffic is desired, WINS should be implemented 70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network
Large Multisubnet Networks • Name resolution methods for large networks with multiple subnets are: • LMHOSTS • WINS • LMHOSTS files are not practical for large networks • it is too difficult to maintain the file on each computer • On large networks, WINS is used for name resolution • All the clients can be configured dynamically by using DHCP, making implementation and maintenance very easy 70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network
Small Multisubnet Networks • Most small networks with multiple subnets use a WINS server for NetBIOS name resolution • Clients are easily be configured using DHCP • It is reasonable to use an LMHOSTS file on smaller multisubnet networks because there are a limited number of client computers to configure 70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network
Non-WINS Clients • You can use a WINS proxy for computers that need to participate in NetBIOS name resolution but that cannot be configured to use WINS • These computers are often UNIX or Linux clients that need to access NetBIOS resources • Using a WINS proxy allows these clients to resolve NetBIOS names to IP addresses using records in a WINS database 70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network
Non-WINS Clients (continued) 70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network
WINS Functions • WINS can perform four common tasks: • Name registration • Name renewal • Name release • Name query 70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network
Name Registration • When a WINS client boots up, it performs a name registration • The name registration places NetBIOS information about the client into the WINS database • This makes the information available to other clients performing name queries • Name registration is a two packet process 70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network
Name Registration (continued) 70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network
Name Renewal • Each NetBIOS name registration is assigned a TTL • When the TTL is one-half completed, the WINS client attempts to refresh the registration • The default TTL is six days • Name renewal is a two-packet process 70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network
Name Renewal (continued) 70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network
Name Release • When a computer is properly shut down, it contacts the WINS server and releases its Net-BIOS name • The first packet is a name release request sent from the WINS client to the WINS server • This request includes the NetBIOS name being released and the IP address of the WINS client • The WINS server sends a name release response to the WINS client • The name release response contains the NetBIOS name being released and a TTL of zero 70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network
Name Release (continued) 70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network
Name Query • A name query is used to resolve a NetBIOS name to an IP address • This is done by a client computer that is accessing resources on a server • A WINS client queries a WINS server if the NetBIOS name being resolved has not been recently resolved and stored in the NetBIOS name cache 70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network
Name Query (continued) 70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network
Installing WINS • Windows Server 2003 has the ability to act as a WINS server • WINS is the Microsoft implementation of a NetBIOS name server • A NetBIOS name server is responsible for accepting NetBIOS name registrations and queries 70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network
Activity 6-2: Installing WINS • The purpose of this activity is to install WINS on your server 70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network
Activity 6-3: Configuring a WINS Client • The purpose of this activity is to configure your server to be a WINS client 70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network
WINS Fault Tolerance • Options for fault tolerance are: • Clustering • Clustering is the best mechanism to provide WINS fault tolerance because it provides almost instant failover • Using multiple WINS servers • Much easier to implement, particularly if you have already configured multiple WINS servers on your network to reduce WAN traffic 70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network
WINS Replication • When more than one WINS server is implemented, you must configure the WINS servers as replication partners • Replication partners synchronize information between each other • Replication can be configured in three ways: • Push • Pull • Push/Pull 70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network
WINS Replication (continued) 70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network
Activity 6-4: Configuring Replication Partners • The purpose of this activity is to configure your server to replicate WINS information with a partner 70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network
Managing WINS • The General tab of the WINS server Properties dialog box allows you to configure: • How often statistics are updated for the server • The path for backing up the WINS database • Whether the WINS database should be backed up each time the server is shut down • The Intervals tab allows you to configure how names are expired and deleted from the WINS database • The renewal interval refers to the TTL that is given to WINS clients when a name is registered with the WINS server 70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network
Viewing Database Records • To view the records that exist in the WINS database, right-click Active Registrations, and click Display Records • You can search for records based on: • Name • IP address • Owner • Record type 70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network
Activity 6-5: Viewing WINS Records • The purpose of this activity is to view WINS records on your server 70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network
Adding Static Records • If non-Microsoft servers provide NetBIOS resources on the network, they may not be able to use a WINS server • If the non-Microsoft server cannot use WINS, then WINS clients cannot resolve their NetBIOS names • To eliminate this problem, you can create a static record in WINS • For each static mapping, you enter the computer name, record type, and IP address 70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network
Activity 6-6: Creating a Static Mapping • The purpose of this activity is to Add a static mapping to the WINS database 70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network
Backing Up and Restoring the Database • You can easily fix a corrupt WINS database if you have a backup of the WINS database: • Simply stop the WINS service and restore the database • After the database has been restored, the WINS server receives changes that occurred since the backup from replication partners • The WINS servers determine the changes to replicated partners based on the version ID of the database records 70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network
Activity 6-7: Backing Up and Restoring the WINS Database • The purpose of this activity is to back up and restore the WINS database on your server 70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network
Migrating the WINS to a New Server • The overall process for client configuration is as follows: • Configure clients with the new WINS server as a secondary WINS server • Install the new WINS server • Configure clients to use the new WINS server as the primary WINS server • Remove the old WINS server 70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network
Migrating the WINS to a New Server (continued) • If the WINS database is very large, or migration needs to be very fast, you can copy the WINS database directly from the old server to the new server • The steps are as follows: • Install WINS on the new WINS server • Stop the WINS service on the old and new WINS server • Copy the WINS files in %SYSTEMROOT%\system32\wins from the old WINS server to the new WINS server • Start the WINS service on the new WINS server 70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network
Compacting the WINS Database • Windows Server 2003 performs dynamic compaction of the database during idle times • Dynamic compaction occurs while the database is in use • Dynamic compaction is not as good as manual compaction. • Manual compaction of the WINS database is performed when the WINS service is stopped 70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network
NetBIOS Security • NetBIOS over TCP/IP must be enabled for Windows Server 2003 to perform file and print sharing with pre-Windows 2000 clients • It is also required by all Windows operating systems to browse Windows networks and available shares in My Network Places 70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network
NetBIOS Security (continued) • A null session is an anonymous NetBIOS session in which no authentication credentials have been given to the server • Many security risks are associated with using NetBIOS over TCP/IP when null sessions are allowed: • Null sessions allow unauthenticated users to scan the network for available resources • Null sessions allow unauthenticated users to query domain controllers for a list of users and groups, including their Security Identifiers (SIDs) and description 70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network
NetBIOS Security (continued) • A user connected with a null session is also part of the Everyone group • If any resources are available to the Everyone group, they are available via a null session • Windows Server 2003 removes much of this risk by using the Authenticates Users group instead of the Everyone group for most tasks • This restricts unauthenticated users from browsing available shares, querying lists of users and groups, and accessing resources available to the Everyone group 70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network
NetBIOS Security (continued) 70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network
Activity 6-8: Removing WINS • The purpose of this activity is to remove WINS from your server 70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network
Summary • WINS (Windows Internet Naming Service) is required to support NetBIOS name resolution for pre-Windows 2000 clients • A NetBIOS name can be resolved using four different methods: • NetBIOS name cache • WINS • Broadcast • LMHOSTS file • A WINS server is a central repository for resolving NetBIOS names and has many benefits over other NetBIOS name resolution methods 70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network
Summary (continued) • A WINS server performs four common tasks: • name registration • name renewal • name release • name query • To configure WINS for fault tolerance, you must use clustering or implement multiple WINS servers • When two or more WINS servers exist on a network, replication must be configured between them to synchronize their contents 70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network
Summary (continued) • You can configure a static mapping for resources that are unable to register themselves with WINS • You can view and delete the records in a WINS database • You should back up the WINS database just like any other critical resource on a network 70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network