Wednesday, November 9, 2011

WINS and Server 2008

Overview of the Windows Internet Name Service 

WINS is a NetBIOS Name Server (NBNS). Windows hosts support two types of names, host names and NetBIOS names. 


In a Windows OS, network services can be requested using Windows Sockets, Winsock Kernel, or NetBIOS. If Windows Sockets or Winsock Kernel is requested, the host name is used. Windows Sockets is used to access network services in many applications. The newer applications that were designed for Windows 7 and Windows Server 2008 R2 use Winsock Kernel.  If NetBIOS is used, the application uses a NetBIOS name.


Single-label names cannot be registered by the Internet registrar, InterNIC. Single-label names consists of a single word like “pcrepair”, instead of pcrepair.com. 


WINS was necessary with Windows NT4. Windows started to get away from it with Windows 2000 and Windows Server 2003. However, there are still some systems in existence using WINS.

WINS is a legacy system and is used to resolve NetBIOS names to IP addresses in a network, in order to enable effective communication between systems with applications still using single-label names and requiring support for WINS.

note: Suppose you are planning to upgrade your network to Windows Server 2008 R2 and you want to decommission the servers that hosts WINS, but, you have an application server that hosts a NetBIOS application being used by multiple client computers. The client computers are located on a different subnet than the application server. You need to enable the client computers to be able to access the NetBIOS application on the application server. What should you do? You should create an LMHOSTS file on each client computer. You can use LMHOSTS files to provide name resolution for NetBIOS applications. 


When do you need WINS?
  • Even today, there might be some servers on your network that require NetBIOS resolution. Some older Microsoft operating systems rely on WINS for name resolution.
  • Some older applications rely on NetBIOS names. A WINS server is the best way to provide NetBIOS resolution.
  • WINS helps to resolve NetBIOS names to IP addresses which helps to reduce NetBIOS broadcast traffic on Windows networks. WINS helps to resolve NetBIOS names of computers on different subnets.
  • Users that browse My Network Places or Network Neighborhood need WINS to generate the list of available resources. These lists are created by the NetBIOS browsing mechanism in Windows.
  • WINS is needed for dynamic registration of single-label names. 
  • You need WINS if you are not using Windows Server 2008 as your DNS infrastructure.

In Server 2008, WINS has been downgraded to a feature and is no longer installed as a role. Server 2008 allows a migration from WINS to a complete DNS solution, if your infrastructure supports the prerequisites. This is made possible by using the single-name label zones, i.e, the Global Names Zone.


Why you still run Windows Internet Naming Service (WINS). This article includes a section referring to the nblookup.exe utility, downloadable from Microsoft, that allows you to query WINS servers for name registration records, like nslookup.exe allows you to query DNS servers for DNS records.


What are the WINS components?


WINS Server. Hosts the WINS database and should have a static IP address. It processes the registration of WINS Clients and helps WINS Clients resolve NetBIOS names to IP addresses to avoid the need for broadcasting.

WINS Clients

WINS Proxy. A computer that is configured on a network to monitor for name query broadcasts on a subnet. The proxy will forward those queries to a WINS Server. The WINS Proxy agent allows computers that are unable to communicate with the WINS Server to resolve NetBIOS names of remote computers.

WINS Database. Stores and replicates the NetBIOS name mappings for the network.


WINS Client Registration and Release Process


WINS name registration is the process of a WINS client requesting and receiving the use of a NetBIOS name for client services made available on the network. It could be for a unique name or a shared name.

Name release is a WINS client requesting a NetBIOS name deregistration from the WINS database.

  1. WINS client sends request to register its NetBIOS name against its IP address with the WINS server.
  2. WINS server registers the information in the WINS database and returns a registration message with a TTL (Time To Live) value, indicating when the registration will expire for that WINS client.
  3. WINS client sends request to release and deregister its name.
  4. WINS server sends a positive name release response back to the WINS client. This makes registration possible for another WINS client.


Burst Handling


Burst handling allows a WINS server to handle a high number of simultaneous name registration requests.

Burst handling should be enabled on Windows Server 2008.

Each WINS client can register multiple Wins NetBIOS names on a network. If the network were shutdown, when it comes back up, you could have too many requests going against the WINS server, simultaneously.

Burst Handling allows the WINS Server to handle WINS Client registration requests if the queue exceeds the threshold set on the WINS Server. The threshold can be set to low (300 requests), medium (500 requests), or high (1000 requests). You can indicate a custom value from 50-5000.

If the threshold is exceeded when a WINS Client queue issues NetBIOS registrations simultaneously, burst handling will be triggered and WINS acknowledges the registration with a short renewal interval, without actually accepting the name registration request.

How to configure Burst Handling


  • Start | Administrative Tools | WINS
  • Right click the WINS server name and choose Properties
  • Click the Advanced tab
  • In the Enable burst handling section, select Low option
  • Click OK


WINS Server Name Resolution Process


The client must be configured with the IP address of the WINS server. This can be done by using the TCP/IP settings on the client or dynamically with DHCP.

The client can be configured to have a list of multiple WINS servers.

A NetBIOS client first connects to the first WINS Server in the TCP/IP list when trying to resolve a NetBIOS name. The NetBIOS client tries to connect three times, before attempting to connect to its secondary WINS Servers.

If the NetBIOS client is unable to connect, it might report back that the host was unreachable on the network. This process is controlled by the node type. The node type decides what method a computer will use to resolve a NetBIOS name.

Node type Description Registry value
B-node (broadcast) Broadcasts for name registration and resolution 1
P-node (peer to peer) A NetBIOS name server or WINS server used to resolve names 2
M-node (mixed) Combines B-node and P-node, but functions as a B-node by default. It broadcast first. If the broadcast is not successful, then it will connect to the NetBIOS name server. 4
H-node (Hybrid) Combines P-node and B-node, but functions as a P-node by default. The client first connects to the NetBIOS name server. If the client is unsuccessful, then it will broadcast. 8


How do you know when NETBIOS Name Resolution is in use vs. Host Name Resolution?


  • Go to the command prompt: Start | Run | cmd
  • Type: flushdns
  • Ping your domain controller server name (svr-1 in this example): ping svr-1
If NetBIOS name resolution is in use, the ping will not return the FQDN, indicating a failure of DNS lookups. If the FQDN is returned, this means it is returning it either from the DNS server or from the cache. This is why you should flush the dns cache prior to pinging your domain controller.




Steps to Installing WINS:


In this example, SVR1 is where we will install the WINS server, DC1 is the domain controller.

Installing and Configuring the WINS server feature

Log onto DC1.

Switch to SVR1.

Log onto SVR1.

  • Launch Server Manager
  • Highlight Features
  • In the right pane, click on Add Features
  • Scroll down and select WINS Server
  • Click Next
  • Click Install
  • Click Close
  • Close Server Manager

Verify the WINS server has been installed

  • Go to Start | Administrative Tools
  • Select WINS
  • Check to see if the WINS server is installed. Right click and select Properties to see several tabs with the WINS settings. WINS SVR1 IP address is 10.10.0.24 in this example.
  • Click OK
  • Close the WINS server console

Create Burst Handling on the WINS server

  • Open WINS
  • Open the SVR1
  • Right click SVR1 Properties dialog box, and click the Advanced tab
  • Check Enable burst handling and select the Low option and click OK

Create New Static Mapping in the WINS database for a Workstation

  • In the WINS console list pane, right-click Active Registrations
  • Select New Static Mapping. You can add static name-to-address mappings to the WINS database, but only for computers that cannot register dynamically in WINS. Static mappings can replicate throughout your WINS environment and write over records on other servers.
  • Type:
    • Computer name: compa (example)
    • Type: Unique
    • IP address: 10.10.0.10 (example)
  • Right-click Active Registrations and click Display Records
  • Click Find Now
  • Click Active Registrations to view results. Verify the static record you entered for the workstation exists on SVR1.

Configure Scavenging on the database

  • In the WINS console list pane, right-click the server and click Properties
  • Click on the Intervals tab. Set the Extinction timeout value to 7 Days, and click OK.

Switch to DC1

Configure DC1 to use WINS for NetBIOS resolution

  • START | Network
  • Right-click Network and select Properties
  • In Network and Sharing Center , click Manage network connections under Tasks
  • Right-click Local Area Connection and click Properties
  • In the Local Area Connection Properties dialog box, under This connection uses the following items, click Internet Protocol Version 4 (TCP/IP4)
  • Click Properties
  • Select Advanced
  • In the Advanced TCP/IP Settings dialog box, click the WINS tab
  • Under WINS addresses, in order of use, click Add
  • Enter the WINS server IP address: 10.10.0.24
  • Click Add
  • Click OK
  • In the Internet Protocol Version 4 (TCP/Ipv4) Properties dialog box, click OK
  • Click Close on the Local Area Connection Properties dialog box
  • Close Network Connections window
  • Close Network and Sharing Center window

Test NetBIOS name resolution

  • START | Command Prompt
  • Type: ping compa
  • Press Enter
  • The name resolution should resolve to 10.10.0.10, successfully

Manage the WINS Server


What does a WINS client record include?


  • Record Name: Record Name is the registered NetBIOS name, which can be a unique name, or group, Internet group, or multihomed computer.
  • Record Type: Record Type is the service that registered the entry, including the hex type identifier.
  • IP Address: IP Address is the IP address corresponding to the NetBIOS registered name.
  • State: State is the state of the database entry, either active, released, or tombstoned.
  • Static: Static indicates whether the entry is static by displaying an “x” entry. If the display is “null” or blank, this means the entry is not static.
  • Owner: Owner is the WINS server IP address from which the entry originates.
  • Version: Version is a unique hex number the WINS server assigns during name registration. The server’s pull partner uses the version id during replication of new records for the NetBIOS client.
  • Expiration: Expiration is when the entry expires, date and time. Infinite means the registration will not expire.


How to filter and view records in WINS?


  • Start | Administrative Tools | WINS
  • Under the server name, highlight and right click on Active Registrations node.
  • Select Display Records.
    • Records Mapping tab:
      • Filter records matching the Name pattern
      • Filter records matching this IP address
    • Record Owners tab:
      • You will see the WINS server that owns that record
      • Click Find Now to see all of the WINS records registered with the owner
    • Record Types tab:
      • Remove the check mark on the record type to filter record types

How does Scavenging work?

Scavenging removes old, expired records, no longer in use, from the WINS database.

Scavenging also removes entries that were replicated from a remote WINS server and not removed from the local database.

Scavenging examines each record in the WINS database and compares the time stamp to the current time, and changes the state of expired records from active to released.

Renewal interval: the frequency a WINS client renews its registration with the WINS server (default value is 6 days).

Extinction interval: the difference in the time the record is marked as released and the time the record is marked as extinct (default value is 4 days).

Extinction timeout: the difference in the time the record is marked as extinct and the time the record is scavenged from the database (default value is 6 days and cannot be less than 24 hours).

Verification interval: the time the WINS server verifies records it does not own (from replication partners) are still active (minimum value 24 days).

Note: WINS should not be stopped or restarted before half of the renewal interval has passed, else, scavenging will not occur.


Deleting WINS Records


  • Simple deletion: deletes a WINS database record stored on a single WINS database.
  • Tombstoned deletion: records are marked for deletion and replicated to other WINS servers, then removed during the next scavenging operation.

Deleting WINS records allows you to recover unused space.


Backing Up and Restoring the WINS Database


Backup a WINS database

  1. Indicate the backup directory for the database in the WINS console. You should also backup the registry entries.
  2. Backup manually or automate the backups using the WINS admin tool.

Steps to Backup WINS database

  • START | Administrative Tools | WINS
  • Right-click the WINS server
  • Select Back Up location and click OK (It will normally take awhile to backup the files)



Restore a WINS database

  1. Stop the WINS service (make sure the WINS service is completely stopped before the restore).
  2. Manually delete the files in the %systemroot%\System32\ WINS folder on the WINS server and restore the database files using the WINS Management console. You could also replicate from a secondary WINS server if there is a secondary WINS server configured.


Compacting the WINS Database


Compaction of the WINS Database aids in recovering unused space, thereby increasing performance.

Compaction occurs dynamically in the background during idle time, so there is less need to perform offline compaction.

Offline compacting is done by stopping the WINS server (Administrator) and using the Jetpack.exe command-line tool.

Steps to Compact the WINS Database

  • Stop the WINS service. START | cmd
  • Type: net stop wins
    • The WINS service is stopping message displays
    • The WINS service was stopped successfully displays
  • Type: cd\ to go to the root of the C drive
  • Type: cd windows\system32\wins
  • Type: jetpack.exe wins.mdb temp.mdb
    • Note: wins.mdb is the WINS database
    • temp.mdb is the temporary file the database is copied to while the compacting is processed
    • Compacted database wins.mdb in ?.??? seconds displays
    • Moving temp.mdb => wins.mdb displays
    • Jetpack.exe completed successfully displays
  • Type: net start wins
    • The WINS service is starting message displays

Note: Jet produces J.log and other files in the %systemroot%\System32\ WINS folder.

Configuring WINS Replication

What is Push Replication?


WINS servers replicate only the changes made to their databases. When the specified threshold of changes is reached in the database, the push partner notifies replication partners. A push partner should have fast communication links with the servers.

How Push Replication works

  • Svr1 reaches the threshold of 50 changes (example) in its database
  • Svr1 notifies Svr2 the threshold is reached
  • Svr2 responds to Svr1 with a replication request
  • Svr1 sends replicas of its new database entries to Svr2


What is Pull Replication?


WINS servers replicate only the changes made to their databases. When the specified interval is reached in the database, the pull partner notifies replication partners. A pull partner should be configured if there are slow communication links with the servers.

How Pull Replication works

  1. Svr1 requests changes to its database every 8 hours
  2. Svr2 sends replicas of its new database entries

What is Push/Pull Replication


Push/Pull Replication is the default setting for replication partners in Windows Server 2008.

Ensures the WINS databases are nearly identical at any time by:

  1. Notifying the replication partners when the set threshold of changes is reached.
  2. Requesting replication based on a set time.

Configure the WINS replication partners as push/pull partners when you want both a replication threshold and interval for the partner.

WINS replication overview


Checking WINS Database Consistency

You will probably want to check the WINS database consistency, periodically. Checking database consistency aids in maintaining database integrity.

WINS database records are verified based on their ownership. If there is a record on the database where the consistency checker was started and the server does not own the WINS record, then the consistency checker checks with the owner of the record on another WINS server to see if the record is consistent.

Steps to check Wins database consistency

  • START | Administrative Tools | WINS
  • Highlight the WINS server and right-click
  • Click Verify Database Consistency
  • Click Yes

Note: It is best to do this check during off-peak hours because the consistency check can be resource intensive.

Steps to configuring WINS Push and Pull Replication and Checking the Database

In this example, WINS SVR1 and DC1 will be configured to be push/pull replication partners

Switch to SVR1

  • START | Administrative Tools | WINS
  • Click on SVR1
    • Highlight Replication Partners
      • Right-click Replication Partners
        • Select Properties
        • Select the Advanced menu
          • Check Enable automatic partner configuration. This option uses multicast over the Internet Group Management Protocol (IGMP) to exchange replication with other WINS servers automatically using the multicast group address 224.0.1.24.

Another option is to set up a replication partner:

Switch to DC1

  • START | Administrative Tools | WINS
  • Click on DC1
    • Right-click Replication Partners
        • Select New Replication Partner
          • Enter the name or IP address of the server you want to add in the WINS server box as a replication partner (in this example, we will use SVR1 10.10.0.24)
          • Click OK. Click on Replication Partners. You will now see the server you just added as a replication partner SVR1 10.10.0.24
            • Right-click on the server just added and select Properties
            • Select the Advanced tab to check the push/pull properties
            • Click OK

Switch to SVR1

  • START | Administrative Tools | WINS
  • Click on SVR1
    • Highlight Replication Partners
      • Right-click Replication Partners
        • Select New Replication Partner
          • Enter the name or IP address of the server you want to add in the WINS server box as a replication partner (in this example, we will use DC1 10.10.0.10)
          • Click OK. Click on Replication Partners. You will now see the server you just added as a replication partner DC1 10.10.0.10
            • Right-click on the server just added and select Properties
            • Select the Advanced tab to check the push/pull properties
            • Click OK

Launch Replication

  • Another option is to Replicate Now : right-click Replication Partners and select Replicate Now to force replication. Check the event log later to make sure replication has taken place.
  • Another option is to overwrite the static mappings on the WINS server to dynamic mappings if the client registered, under the static mappings, changes its IP address to help maintain database consistency: right-click Replication Partners and select Properties
    • Stay on the General tab
    • Check Overwrite unique static mappings at this server (migrate on)
    • Click OK

Verify Records

  • In the WINS console, right-click Active Registrations, and click Refresh
  • Click on the Active Registrations node. Notice records from 10.10.0.10 and 10.10.0.24 are listed.
  • Do this for both DC1 and SVR1


Migrating from WINS to DNS


WINS is entering legacy mode, so it is past time to migrate WINS to DNS.

Name Resolution –Single Label


On Windows Server 2008, there is something called the GlobalNames Zone (GNZ). If an organization previously used NetBIOS names for servers and now wants to remove the NetBIOS names, the GlobalNames Zone will help. The GNZ is not a new zone type, but the name GlobalNames tells the DNS Server service on Windows Server 2008, the zone is to be used for single-name resolution.

With the GlobalNames Zone, the DNS server resolves single-label names without utilizing WINS. It mitigates the management and maintenance of the DNS suffix search lists, but relies on creating the records in the zone manually, a static record creation. The GlobalNames Zone must be on all servers in the forest and the servers must be Windows Server 2008.

Instead of using the GlobalNames Zone, WINS can be integrated with DNS. This is done by configuring the DNS zone properties to do WINS-lookups for NetBIOS names. This way, client computers can be configured to use DNS and yet still be able to resolve NetBIOS names.


Best Practice 
If your organization relies heavily on NetBIOS applications, continue to use WINS. If you plan to migrate from WINS to DNS, implement WINS integration on your DNS zones. When you have decommissioned most of your NetBIOS applications, or only have a few NetBIOS applications, use the GNZ to manage static, single-label names. 



What is the GlobalNames Zone?

The GlobalNames Zone is there to support the migration from a WINS infrastructure to a complete DNS infrastructure. The GNZ is not a replacement for WINS.

  • Enables single-label name resolution for IPV6 networks
  • Uses CNAME records to point to the FQDN of the computer that hosts the resource
  • Recommended to be Active Directory Domain Services Integrated and have forest-wide replication
  • Can be used to decommission WINS servers
  • Requires no additional client configuration. The client resolves the name in a standard DNS query format

How does the GlobalNames Zone Name Resolution Work?

See DNS-GlobalNames-Zone-Deployment-2 for a detailed explanation:

Migrating WINS to DNS

Migrate single-label name resolution from WINS to GlobalNames zone in DNS. In this exercise, we have DC1 domain controller and WINS SVR1 and CompA is the workstation.
Requirements:

  • Authoritative name servers running Windows Server 2008
  • Forest-wide, Active Directory-integrated replication of the GlobalNames zone
  • Need to create static CNAME records pointing to the FQDN records
  • Disable dynamic updates on the GlobalNames zone
  • Enable single-label GlobalNames zone support on all DNS servers that host the zone. This is done using the dnscmd utiliy:
    • dnscmd /config /EnableGlobalNamessupport 1

Steps to set up the GlobalNames Zone:

  • Log onto DC1
  • START | Administrative Tools | DNS
  • Highlight the server root and right-click
  • Select New Zone
  • Welcome to the New Zone Wizard displays
  • Click Next
  • Choose Primary zone and check Store the zone in Active Directory
  • Click Next
  • In the Active Directory Zone Replication Scope dialog box, select To all DNS servers in this forest
  • Click Next
  • In the Forward or Reverse Lookup Zone dialog box, select Forward lookup zone
  • Click Next
  • In the Zone Name dialog box, type GlobalNames (not case sensitive)
  • Click Next
  • In the Dynamic Update dialog box, choose Do not allow dynamic updates
  • Click Next
  • Click Finish

Verify by checking the DNS Manager under Forward Lookup Zones for GlobalNames for the SOA and NS records.

Steps to create the Alias record for the single-label name resource:

From here, manually create any entries for the single-label names that need to be mapped to a FQDN.:

  • Right-click GlobalNames located in the forward lookup zone and select New Alias (CNAME)
  • Complete the Alias name box and FQDN for the target host box.
  • Click OK.

This allows clients to find the server by typing in the Alias name into the browser.

Once you set up all of the Alias names, go to the dnscmd utility to enable the GlobalNames support.

Steps to enable GNZ functionality:

  • START | CMD

    • Type: dnscmd DC1 /config /EnableGlobalNamessupport 1

  • Hit Enter

Steps to decommission WINS:

  • Log onto SVR1
  • START | Administrative Tools | Server Manager
  • Select Server Manager
  • In the list pane, right-click Features
  • Click Remove Features
  • From the list of Features, scroll down and uncheck WINS.
  • Click Next
  • Click Remove
  • The WINS removal begins. On the Removal Results page, click Close
  • Click Yes to restart
    The WINS removal continues. Click Close after the removal completes.
  • Repeat the above steps to remove WINS from DC1

Steps to Verify GlobalNames single-label name resolution

  • Log onto DC1. The removal continues.
  • Click Close
  • Log onto SVR1. The removal continues.
  • Click Close
  • On DC1, close Server Manager.
  • Click Start
  • Click Command Prompt.
  • Type: ping CompA
  • Press Enter


Posted by Unknown
Related Posts: , , , , , ,

No comments:

Post a Comment

"Comment As:" anonymous if you would rather not sign into an account!

Subscribe to: Post Comments (Atom)