MS Windows networking is predicated on the name each machine is given. This name is known variously (and inconsistently) as the “computer name,” “machine name,” “networking name,” “NetBIOS name,” or “SMB name.” All terms mean the same thing with the exception of “NetBIOS name,” which can also apply to the name of the workgroup or the domain name. The terms “workgroup” and “domain” are really just a simple name with which the machine is associated. All NetBIOS names are exactly 16 characters in length. The 16^th character is reserved. It is used to store a 1-byte value that indicates service level information for the NetBIOS name that is registered. A NetBIOS machine name is therefore registered for each service type that is provided by the client/server.

Unique NetBIOS names and group names tables list typical NetBIOS name/service type registrations.

It should be noted that all NetBIOS machines register their own names as per Unique NetBIOS names and group names. This is in vast contrast to TCP/IP installations where the system administrator traditionally determines in the /etc/hosts or in the DNS database what names are associated with each IP address.

One further point of clarification should be noted. The /etc/hosts file and the DNS records do not provide the NetBIOS name information that MS Windows clients depend on to locate the type of service that may be needed. An example of this is what happens when an MS Windows client wants to locate a domain logon server. It finds this service and the IP address of a server that provides it by performing a lookup (via a NetBIOS broadcast) for enumeration of all machines that have registered the name type *<1C>. A logon request is then sent to each IP address that is returned in the enumerated list of IP addresses. Whichever machine first replies, it then ends up providing the logon services.

The name “workgroup” or “domain” really can be confusing, since these have the added significance of indicating what is the security architecture of the MS Windows network. The term “workgroup” indicates that the primary nature of the network environment is that of a peer-to-peer design. In a workgroup, all machines are responsible for their own security, and generally such security is limited to the use of just a password (known as share-level security). In most situations with peer-to-peer networking, the users who control their own machines will simply opt to have no security at all. It is possible to have user-level security in a workgroup environment, thus requiring the use of a username and a matching password.

MS Windows networking is thus predetermined to use machine names for all local and remote machine message passing. The protocol used is called Server Message Block (SMB), and this is implemented using the NetBIOS protocol (Network Basic Input/Output System). NetBIOS can be encapsulated using LLC (Logical Link Control) protocol in which case the resulting protocol is called NetBEUI (Network Basic Extended User Interface). NetBIOS can also be run over IPX (Internetworking Packet Exchange) protocol as used by Novell NetWare, and it can be run over TCP/IP protocols in which case the resulting protocol is called NBT or NetBT, the NetBIOS over TCP/IP.

MS Windows machines use a complex array of name resolution mechanisms. Since we are primarily concerned with TCP/IP, this demonstration is limited to this area.