netbios name translation problem

Posted on 2011-02-17
Medium Priority
Last Modified: 2012-05-11

forsome reason i have netbios problem and computer seeing incorrect IP to the server name,
the wins server also have the bad record.

let's say that servername=, for some reason when pinging to the netbios name i receving (ping to FQDN is fine) , computer doesnt set to use WIN'S , however the server also have 2 records of the computername = (the wronge ip), i deleting the record but they keep coming back.

when i ping to to try to troubleshot the problem and find the computer or whaever it is i get no reply.

how do i troubleshot  this problem?

Question by:ymg800
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 8
  • 4
  • 2
  • +1

Expert Comment

ID: 34914826
IS this over vlans?

Expert Comment

ID: 34914882
Check you DNS server and remove the entries.

On the Client run ipconfig /displaydns and check the entries

then run ipconfig /flushdns and test

Author Comment

ID: 34915227
dns only have the right record...

when it will happend again i will try to use ipconfig /displaydns to see if it's telling me something usfull

ipconfig /flushdns solving the problem but i sure it's not a DNS problem since FQDN is fine and i also have the bad record in the WINS server....
Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI


Expert Comment

ID: 34915373
You shouldn't be using WINS if you have DNS on your network.

Is there a reason why you have both?

Author Comment

ID: 34915478
wins reduce broadcasts when trying to find compuer by nebiose name...
u can access computer with UPN (\\servername) without wins?(not sure about that?)
also if old app trying to access single lable name...
and ... if some computer didnt registered in the dns server then i have backup...

please tell me with of my statment are correct and which isnt....

Expert Comment

ID: 34915706
Microsoft is trying to Phase out WINS
You only require it if you have applications that still use NetBIOS to function

Have a look at this:

I disabled it on my network and have a pure DNS lookup, now I migrated from an old NT WINS domain to a new AD domain and done away with WINS

Author Comment

ID: 34915724
yes but global names had problems...(so i heard)

i know ms trying to get rid of it but it doent saying that this day has come

can u access computer with single lable name without wins , link the ups : " \\SERVERNAME"

Expert Comment

ID: 34915739
Yes of course, the domain prefix only comes into effect when you are moving from the LAN to a WAN

Author Comment

ID: 34915764
dont make sence...

u only need it when u moving from LAN
if u are in a LAN the domain prefix is added automaticlly as per as your domain name
there can be mulitype dns zones so the prefix is valid...
LVL 39

Expert Comment

ID: 34931962
Don't confuse or try to integrate WINS with DNS... They are separate entities.

WINS should only be used to resolve Netbios names across a WAN. It's because netbios is not routable, and held to the broadcast domain. A WINS server will accept the netbios broadcast for its local LAN, and then replicate that database with outer WINS partners on the WAN...

The ONLY corelation between WINS and DNS is if a master browser server can not resolve a netibos name, then DNS can look for another netbios server...

If you do NOT have a faulty DNS record, then it would appear that your computer has an ALTERNATIVE IP address or a second nic that isn't registering within DNS.

Can you provide an IPconfig /all of this computer that has a bad record..

If IPconfig flushDNS resolves the issue, then we have a different problem of a compter that has the same name as your server on the network. IP of .178 would probably be a Dynamic IP address. So, do you have that IP allocated to a computer in the network?

One thing you can do as a network admin is go to explorer and as a URL type:

//$   and look at the admin shares where is the incorrect IP.

Another handy tool to get more information is to go to the server and type:
Browstat /status
To make sure your browser is a unique name.

Author Comment

ID: 34967762

let me put it in points:

1. do u say that WINS doesnt reduce the broadcast in a LAN? far as i understand client use the wins server in unicast mode to resolve netbiose name

2.how can DNS serach for another WINS server? where is the option for that? is that automatic?

3.there is no another IP or server or another NIC, only single IP also run ipconfig /all to confirm

4.well here is a new thing , while the record for wins for app-metro (server name) is not shown in WINS  anymore i now see that i have some DHCP for the 178 to the app-metro!!
but there is no ping to the IP and ping to the name app-metro gives me the right ip (12), well how can i trace that PC if it's exist??

5.when tring to access \\\c$, no reply

6. i tried goint to the server and type Browstat /status but it's saying the command is not recodnized??

thank a head!

LVL 39

Expert Comment

ID: 35042124
Sorry for the late reply:

I am bringing up a new domain.

1) Netbios broadcast are spit out by the client to populate a WINS server, If no WINS server exists, there is a WINS caching server, (called a domain master browser), that collects the information. Typically the domain master browser is the PDCe. So, no a WINS server really doesn't reduce netbios broadcasts.

2) http://support.microsoft.com/kb/142309

3) OK, is there a VPN connection. Those can also be considered and extra Netbios binding.
Multiple bindings can be a physical nic or virtual connection, when it comes to netbios.

4) It appears you may have created a manual IP address on app-metro, not a dynamic IP?? DHCP  updates are performed by the client. When the client releases the IP, the lease isn't immediately deleted from the DHCP database. It's held, (by default), for 4 hours called a reprieval time. Then once an hour, the DHCP server comes through and eliminates those leases so they can be used by other clients. It's my guess, you see the lease during this 4 hour period. If not, you have a machine that was once called app-metro that has a different mac address, and it was DISABLED in ADUC. Disabling a PC in ADUC will retain the lease in DHCP and not allow the DHCP server to clean up that lease. Leases are reserved by MAC addresses. So, look in ADUC to see if you have a computer called app-metro disabled.

I found this out myself during this problematic period:

5) that leads into a disabled computer in ADUC, as in my thread above.

6)Browstat is a part of the 2003 server admin pack. Do you have DCdiag on that computer?

Author Comment

ID: 35067074
1. ok undertood

2.sorry but it cant see how it is related, where is the option it's mentioned how the DNS find another WINS in diffrent segment? also i didnt understood how can DNS help to resolve nebios name? do they mean that when netbouse name cant be resoved then it simply using DNS by adding the suffix?

3.no vpn

4. i dont have computer named   app-metro disabled... DHCP still showing app-metro = 10.x..x.178
by the way the server is using static DHCP so i cant understand why it's there...and no other name for app-metro there or record for the real address.

another thing, the name app-metro is not listed with the FQDN name but only the namebiose name while almost all other records listed with FQDN in the DHCP.

5.cant disbale as only the vailid on is there
6.Browstat /status svailble on the DC and the master browser is the DC which is the PDC


Accepted Solution

ymg800 earned 0 total points
ID: 35094341
well finnaly find the problematic computer...

it's appear someone created VM with that name and that IP... stupid stupid stupid... :)

Author Closing Comment

ID: 35135808
that is the solution

Featured Post

Ransomware Attacks Keeping You Up at Night?

Will your organization be ransomware's next victim?  The good news is that these attacks are predicable and therefore preventable. Learn more about how you can  stop a ransomware attacks before encryption takes place with our Ransomware Prevention Kit!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Setting up a Microsoft WSUS update system is free relatively speaking if you have hard disk space and processor capacity.   However, WSUS can be a blessing and a curse. For example, there is nothing worse than approving updates and they just have…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
In this video, Percona Director of Solution Engineering Jon Tobin discusses the function and features of Percona Server for MongoDB. How Percona can help Percona can help you determine if Percona Server for MongoDB is the right solution for …
Suggested Courses

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question