W
Will
On Windows 2000 machines on our network, if you look up the Active Directory
name with:
nslookup corp.mydomain.com
this resolves to the IP address of the Active Directory server. If
however you simply try to access it directly with:
dir \\corp.mydomain.com\sysvol
this fails with a message that the location cannot be resolved.
As soon as you turn on the TCP/IP NetBIOS Helper service, now you are able
to access the AD server using its fully-qualified DNS name. Why in the
world would you need a NetBIOS Helper service to locate an AD server using
its direct DNS name? At very least that creates a security problem
doesn't it? Even with NTLM disabled, does the file service still use some
form of NETBEUI protocol? What specific components within TCP/IP NetBIOS
Helper service do we need here?
name with:
nslookup corp.mydomain.com
this resolves to the IP address of the Active Directory server. If
however you simply try to access it directly with:
dir \\corp.mydomain.com\sysvol
this fails with a message that the location cannot be resolved.
As soon as you turn on the TCP/IP NetBIOS Helper service, now you are able
to access the AD server using its fully-qualified DNS name. Why in the
world would you need a NetBIOS Helper service to locate an AD server using
its direct DNS name? At very least that creates a security problem
doesn't it? Even with NTLM disabled, does the file service still use some
form of NETBEUI protocol? What specific components within TCP/IP NetBIOS
Helper service do we need here?