Microsoft KB Archive/121281

= LMHOSTS #Include Directives Requires Null Session Support =

Article ID: 121281

Article Last Modified on 10/31/2006

-

APPLIES TO


 * Microsoft Windows 2000 Server
 * Microsoft Windows 2000 Advanced Server
 * Microsoft Windows 2000 Professional Edition
 * Microsoft Windows NT Advanced Server 3.1
 * Microsoft Windows NT Workstation 3.1
 * Microsoft Windows NT Advanced Server 3.1
 * Microsoft Windows NT Workstation 3.5
 * Microsoft Windows NT Workstation 4.0 Developer Edition
 * Microsoft Windows NT Server 3.5
 * Microsoft Windows NT Server 4.0 Standard Edition
 * Microsoft TCP/IP-32 for Windows for Workgroups 1.0

-



This article was previously published under Q121281





SUMMARY
In order for #INCLUDE directives in an LMHOSTS file to succeed at startup time, the referenced system(s) shares must support "null sessions". Null sessions are those where the user credentials passed in the Session Setup SMB are null.



MORE INFORMATION
The LMHOSTS files used by Microsoft Windows NT version 3.1 and 3.5 and Microsoft TCP/IP-32 allow the contents of LMHOSTS files on other systems to be referenced using the #INCLUDE keyword. Parsing of the LMHOSTS file is done at startup time, prior to a user logging on. Therefore the system must use a null username to obtain the contents of remote LMHOSTS files that are included, and those files must be publicly available.

Windows NT version 3.1 supports null sessions by default. However, Windows NT version 3.5 does not provide this support unless specifically configured to do so. This change was made in order to provide a higher default level of security.

If null session support is desired, it may be configured on a per-share basis on the computer(s) containing the LMHOSTS files to be included, as follows:

WARNING: Using the Registry Editor incorrectly can cause serious, system- wide problems that may require you to reinstall Windows NT to correct them. Microsoft cannot guarantee that any problems resulting from the use of the Registry Editor can be solved. Use this tool at your own risk.

 Open the Registry Editor, REGEDT32.EXE  From the HKEY_LOCAL_MACHINE subtree, go to the key:

     \System \CurrentControlSet \Services \LanmanServer \Parameters \NullSessionShares

NOTE: NullSessionShares is type REG_MULTI_SZ.  Create a new line within the NullSessionShares key, type in the share you want to access with a null session(for example: "PUBLIC") Stop and restart the server.

An alternative is to have the user log on to the system, and then type "nbtstat -R" which re-parses the LMHOSTS file. At this point, since the #INCLUDE is done in the context of the current user, any LMHOSTS file that is available to the currently logged on user on the network can be retrieved.

NOTE: #INCLUDE and other LMHOSTS directives are case-sensitive.

Additional query words: prodtcp32 wfw wfwg prodnt tcp/ip tcpip For additional information, please see the following article(s) in Microsoft Knowledge Base:

Keywords: kbnetwork KB121281

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.