Configuring NetBIOS over Tcpip Problem

You want to configure the NetBIOS over TCP/IP settings for a Windows Server 2003 computer.

Solution

Using a Graphical User Interface

1. Open the Network Connections applet.

2. Double-click on the Local Area Connection icon.

3. Click on Internet Protocol (TCP/IP), and select Properties.

4. Click on Advanced. From the WINS tab, select the radio button next to one of the following settings for NetBIOS over TCP/IP:

• Use NetBIOS settings from the DHCP server. (This is the default. If a static IP address is used or the DHCP server does not provide NetBIOS settings, enable NetBIOS over TCP/IP.)

• Enable NetBIOS over TCP/IP.

• Disable NetBIOS over TCP/IP.

5. Click OK when you're finished.

Using a Command-Line Interface

To configure this setting via the command line, you first need to create a .reg file containing the Registry key described in the "Using the Registry" section, and then use Regedit to import the file into your local Registry.

The following shell script will automate the process of importing the .reg file; it takes the IP address of the interface you are trying to change as a command-line argument, and it disables TCP/IP over NetBIOS for that interface.

set IPADDRESS=%1

set TFILE=%TEMP%\HWIDfile.tmp set DEFAULT=00000000

set ON=00000001

set OFF=00000002

wmic nicconfig get ipaddress,settingid >%TFILE%

for /f "tokens=2" %%h in ('type %TFILE% A| findstr "%IPADDRESS%"') do set HWID=%%h echo Windows Registry Editor Version 5.00 >%TFILE% echo >> %TFILE%

echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\

NetBT\Parameters\Interfaces\Tcpip_%HWID%] >>%TFILE% echo "RegistrationEnabled"=dword:%OFF% >>%TFILE%

del %TFILE% >null

Using the Registry

To configure the NetBIOS over TCP/IP settings for a Windows Server 2003 computer, set the following Registry value:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ NetBT\Parameters\Interfaces\Tcp_{<Interface GUID>}\] "NetbiosOptions"=dword:0 (to use DHCP settings) "NetbiosOptions"=dword:1 (to enable NetBIOS over TCP/IP) "NetbiosOptions"=dword:2 (to disable NetBIOS over TCP/IP)

Using VBScript

This code enables NetBIOS over TCP/IP.

strComputer = "."

Const DEFAULT = 0

Const ENABLED = 1

Const DISABLED = 2

Set objWMIService = GetObject("winmgmts:" _

& "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")

Set nics = objWMIService.ExecQuery _ ("SELECT * FROM Win32_NetworkAdapterConfiguration WHERE IPEnabled = True")

For Each nic in nics intNetBT = nic.SetTCPIPNetBIOS(ENABLED) If intNetBT = 0 Then

WScript.Echo "Success! NetBIOS over TCP/IP enabled!" ElseIf intNetBT = 1 Then

WScript.Echo "Success! NetBIOS over TCP/IP enabled, please reboot." Else

WScript.Echo "Error! Unable to enable NetBIOS over TCP/IP." End If Next

How It Works

While Microsoft has gone to great lengths to increase the security of Windows Server 2003 compared to previous versions of the operating system, the NetBIOS ports (TCP 135, 137, and 139) remain well-known attack vectors that are often used by malicious users to exploit Windows systems. Because of this, disabling NetBIOS traffic wherever possible will increase the overall security of your Windows Server 2003 network.

Windows Server 2003 has largely rendered NetBIOS obsolete by replacing it with direct hosting, which operates on TCP port 445 and uses DNS for name resolution instead of relying on WINS or NetBIOS broadcasts. If you are not supporting any clients or applications that require NetBIOS name resolution, you can increase the security of your Windows Server 2003 computers by disabling NetBIOS over TCP/IP and forcing your client and server computers to utilize direct hosting.

■Caution Be sure to test all of your mission-critical applications and production Windows services before disabling NetBIOS over TCP/IP on a Windows Server 2003 computer. Even modern applications like Microsoft Exchange Server (up to Exchange 2003) can still require NetBIOS name resolution in certain situations.

Using the Registry

Like some of the DNS recipes we've seen in this chapter, configuring interface-specific NetBIOS settings requires you to find the GUID of the NIC that you want to configure. In this case, the path has Tcpip_ prepended to the GUID, so a sample Registry path might look like this:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\ Parameters\Interfaces\Tcpip_{91271921-ECEA-4l85-A19C-A6343E941BDA}\]

Using VBScript

The SetTCPIPNetBIOS() method in the Win32_NetworkAdapterConfiguration WMI class is new to the Windows Server 2003 and Windows XP operating systems. The three numeric values that you can input into this method correspond to the three radio buttons in the GUI:

• 0: Use the DHCP value or the default settings

• 2: Disable NetBIOS over TCP/IP

See Also

• Microsoft TechNet: "Microsoft Windows Server 2003 TCP/IP Implementation Details" (http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/ networking/tcpip03.mspx)

• Chapter 2 for more on Windows Internet Name Service (WINS)

• Recipe 1-13 for configuring WINS for DNS name resolution

• Recipe 1-15 for configuring a NetBIOS scope ID and enabling Lmhosts lookups

• Microsoft KB 323357: "How To Configure TCP/IP Networking While NetBIOS Is Turned Off on a Server Running Windows Server 2003"

Was this article helpful?

0 0

Responses

  • NAOMI
    Can you disable netbios over tcp/ip with win 2003 server active?
    1 year ago
  • sophia
    How to enable net bios over tcpip on windows server 2003?
    1 month ago

Post a comment