Jun 05 2023 12:19 AM - edited Jun 05 2023 12:28 AM
Disabling Netbios Name service via GPO, new in Windows 11, does not seeem to work as expected / advertised.
Using the latest Windows 11 build (22H2, 1702 as of June 2023), all patches updates and drivers installed.
This seems to be a bug
As mentioned also here [1], the Windows 11 ADMX features a new setting to disable Netbios name resolution.
The option "Configure NetBIOS settings" can be found under Computer Configuration > Policies > Administrative Templates > Network > DNS Client
This option can be set to "Disable Netbios Name Resultion", if activated.
Setting it however does not have the desired effect.
Tried locally as well as via the domain controller.
Evidence:
ipconfig [2] still shows NetBIOS enabled.
Also nbtstat shows names on an interface [3].
The fact that this GPO does not work as advertised might be a security relevant topic as people setting this directive will expect Netbios to be disabled, which it seems is not the case. So they will also refrain from taking any other actions to enahance Netbios related security.
Cheers
[1]
[2] excerpt from "ipconfig /all"
..[cut]
NetBIOS over Tcpip. . . . . . . . : Enabled
[3] "nbtstat -n"
..cut..
WLAN:
Node IpAddress: [192.168.xx.yy] Scope Id: []
NetBIOS Local Name Table
Name Type Status
---------------------------------------------
xxxx <20> UNIQUE Registered
Jun 05 2023 12:26 AM
Replying to myself with further info.
Also, the Registry Key as mentioned here [4] is not created setting the GPO
[4]
Feb 21 2024 01:28 PM
Mar 07 2024 04:46 AM