Guest Dave Posted November 2, 2007 Posted November 2, 2007 I've seen some 'recommendations' on the internet to disable the "TCP/IP NetBIOS Helper" (LMHOSTS) service on Windows machines. Many of them specifically mention this in regard to Windows XP or Windows 2003 machines. Some are not specific to O/S at all. In the interest of supposed security, a technician on my network disabled it on some Windows 2000 domain member servers (in a Windows 2003 native mode domain). I got the call that those machines were not processing policy. After some research, I found the main symptom was the machines were unable to enumerate SYSVOL or NETLOGON on our DCs (via SMB). I found that service above disabled. Upon re-enabling (and starting), all was well again. So just out of curiosity I'm wondering if that would be the case ANYWHERE with a Windows 2000 domain member server, or if it was just something unique to ours? If it would happen anywhere, then why would people be recommending this service be disabled without also qualifying what the consequences would be in certain situations like this one? Thanks for any time/input! -- -Dave
Guest Ryan Hanisco Posted November 5, 2007 Posted November 5, 2007 RE: TCP/IP NetBIOS Helper (LMHOSTS) service on Windows 2000 Server In my experience, that would be the case. Generally disabling the service is more trouble than it is worth unless you are building a network from the ground up and testing thoroughly before rolling anything into production. -- Ryan Hanisco MCSE, MCTS: SQL 2005, Project+ http://www.techsterity.com Chicago, IL Remember: Marking helpful answers helps everyone find the info they need quickly. "Dave" wrote: > I've seen some 'recommendations' on the internet to disable the "TCP/IP > NetBIOS Helper" (LMHOSTS) service on Windows machines. Many of them > specifically mention this in regard to Windows XP or Windows 2003 machines. > Some are not specific to O/S at all. > > In the interest of supposed security, a technician on my network disabled it > on some Windows 2000 domain member servers (in a Windows 2003 native mode > domain). I got the call that those machines were not processing policy. > After some research, I found the main symptom was the machines were unable to > enumerate SYSVOL or NETLOGON on our DCs (via SMB). I found that service > above disabled. Upon re-enabling (and starting), all was well again. > > So just out of curiosity I'm wondering if that would be the case ANYWHERE > with a Windows 2000 domain member server, or if it was just something unique > to ours? If it would happen anywhere, then why would people be recommending > this service be disabled without also qualifying what the consequences would > be in certain situations like this one? > > Thanks for any time/input! > -- > -Dave
Guest Dave Posted November 5, 2007 Posted November 5, 2007 RE: TCP/IP NetBIOS Helper (LMHOSTS) service on Windows 2000 Server Thanks for the feedback Ryan...appreciate your time :-) If anyone else has any comments, I'd welcome them. Thanks, -- -Dave "Ryan Hanisco" wrote: > In my experience, that would be the case. Generally disabling the service is > more trouble than it is worth unless you are building a network from the > ground up and testing thoroughly before rolling anything into production. > -- > Ryan Hanisco > MCSE, MCTS: SQL 2005, Project+ > http://www.techsterity.com > Chicago, IL > > Remember: Marking helpful answers helps everyone find the info they need > quickly. > > > "Dave" wrote: > > > I've seen some 'recommendations' on the internet to disable the "TCP/IP > > NetBIOS Helper" (LMHOSTS) service on Windows machines. Many of them > > specifically mention this in regard to Windows XP or Windows 2003 machines. > > Some are not specific to O/S at all. > > > > In the interest of supposed security, a technician on my network disabled it > > on some Windows 2000 domain member servers (in a Windows 2003 native mode > > domain). I got the call that those machines were not processing policy. > > After some research, I found the main symptom was the machines were unable to > > enumerate SYSVOL or NETLOGON on our DCs (via SMB). I found that service > > above disabled. Upon re-enabling (and starting), all was well again. > > > > So just out of curiosity I'm wondering if that would be the case ANYWHERE > > with a Windows 2000 domain member server, or if it was just something unique > > to ours? If it would happen anywhere, then why would people be recommending > > this service be disabled without also qualifying what the consequences would > > be in certain situations like this one? > > > > Thanks for any time/input! > > -- > > -Dave
Recommended Posts