name service entry: A unit of advertisement exported to the RPC Name Service. These entries are of three types: a Server Entry, which contains bindings for a single server and optionally a set of Object UUIDs (for more information, see [C706], section "Name Service Attributes"); a Group Entry, which contains names of one or more server entries, other groups, or both (for more information, see [C706], section "Name Service Attributes"); and a Profile Entry, which contains a prioritized set of profile elements (for more information, see [C706], section "Name Service Attributes").
name service provider interface (NSPI): A method of performing address-book-related operations on Active Directory.
name table: The list of systems participating in a DXDiag session that are employed for both local use and for transmission to enable peer-to-peer connectivity when additional participants join. This could also be considered the player list. It has a version number that monotonically increases with every operation that changes the name table content, such as adding or removing a player.
named pipe: A named, one-way, or duplex pipe for communication between a pipe server and one or more pipe clients.
named stream: A place within a file in addition to the main stream where data is stored, or the data stored therein. File systems support a mode in which it is possible to open either the main stream of a file and/or to open a named stream. Named streams have different data than the main stream (and than each other) and may be read and written independently. Not all file systems support named streams. See also, main stream.
naming context (NC): A dsname, containing at least a distinguished name (DN) and a GUID, used in forming names for a tree of objects. The DN of the dsname is the distinguishedName attribute of the tree root. The GUID of the dsname is the objectGuid attribute of the tree root. The security identifier (SID) of the dsname, if present, is the objectSid attribute of the tree root. The SID is present if and only if the naming context (NC) is a domain NC. Active Directory allows NCs to be arranged into a tree structure.
naming context (NC) replica: A tree of objects whose root object is identified by the naming context, which is a dsname.
naming context (NC) replica graph: A directed graph containing naming context (NC) replicas as nodes and repsFrom tuples as inbound edges by which originating updates replicate from each full replica of a given NC to all other NC replicas of the NC, directly or transitively.
naming context root (NC Root): The specific directory object referenced by the naming context dsname.
NAP: See Network Access Protection (NAP).
native mode: A state of an Active Directory domain in which all current and future domain controllers (DCs) run Windows 2000 Server or higher; no DCs run Windows NT Server 4.0. Native mode allows organizations to take advantage of the new Active Directory features such as universal groups, nested group membership, and inter-domain group membership.
NBNS: See NetBIOS Name Server (NBNS).
NC: See naming context (NC).
negotiation discovery: An Internet Key Exchange (IKE) extension that improves interoperation between Internet Protocol security (IPsec) and non-IPsec-aware hosts. Detecting that the peer host is not capable of IPsec usually involves waiting for the IKE negotiation to time out, then sending traffic in the clear. With negotiation discovery, the host starts the IKE negotiation and sends clear text traffic in parallel. If the IKE negotiation succeeds and security associations (SAs) are established, further traffic is secured.
NetBIOS: A particular network transport that is part of the LAN Manager protocol suite. NetBIOS uses a broadcast communication style that was applicable to early segmented local area networks. The LAN Manager protocols were the default in Windows NT environments prior to Windows 2000.
NetBIOS datagram service: An implementation of NetBIOS services in a datagram environment as specified in section 17 of [RFC1001].
NetBIOS Name Server (NBNS): A server that stores NetBIOS name-to-IPv4 address mappings and that resolves NetBIOS names for NetBT-enabled hosts. The WINS Server service is the Microsoft implementation of an NBNS.
Network Access Policy: A set of rules that determines the behavior of a network access server (NAS). The policy consists of a set of conditions that matches an access request to the policy and an access profile.
Network Access Protection (NAP): A feature of an operating system that provides a platform for system health-validated access to private networks. NAP provides a way of detecting the health state of a network client that is attempting to connect to or communicate on a network, and limiting the access of the network client until the health policy requirements have been met.
Network Access Protection (NAP) client: A computer that supports the NAP feature by complying with the corresponding policy settings.
network access server (NAS): A computer server that provides an access service for a user to a network. A NAS operates as a client of RADIUS. The RADIUS client is responsible for passing user information to designated RADIUS servers and then acting on the response returned by the RADIUS server. Examples of a NAS include: a VPN server, Wireless Access Point, 802.1x-enabled switch, or Network Access Protection (NAP) server.
network address translation (NAT): The process of converting between IP addresses used within an intranet, or other private network, and Internet IP addresses.
network byte order: The order in which the bytes of a multiple-byte number are transmitted on a network, most significant byte first (in big-endian storage). This may or may not match the order in which numbers are normally stored in memory for a particular processor.
Network Data Representation (NDR): A specification that defines a mapping from Interface Definition Language (IDL) data types onto octet streams. NDR also refers to the runtime environment that implements the mapping facilities (for example, data provided to NDR). For more information, see [MS-RPCE] and chapter 14 of [C706].
network logon: A software method in which the account information and credentials previously supplied by the user as part of an interactive logon are used again to log the user onto another network resource.
network policy server (NPS): For Windows Server 2008, NPS replaces the Internet Authentication Service (IAS) in Windows Server 2003. NPS acts as a health policy server for the following technologies:
- Internet Protocol security (IPsec) for host-based authentication
- IEEE 802.1X authenticated network connections
- Virtual private networks (VPNs) for remote access
- Dynamic Host Configuration Protocol (DHCP)
network redirector: A software component on a connected computer that handles requests for remote files and printer operations.
nonce: A number that is used only once. This is typically implemented as a random number large enough that the probability of number reuse is extremely small. A nonce is used in authentication protocols to prevent replay attacks. For more information, see [RFC2617].
nonreplicated attribute: An attribute whose values are not replicated between naming context (NC) replicas. The nonreplicated attributes of an object are, in effect, local variables of the domain controller (DC) hosting the NC replica containing that object, since changes to these attributes have no effect outside that DC.
nonvolatile random access memory (NVRAM): Read/write memory that persists in its state when the power is removed, or normally volatile memory that has been fitted with a battery backup to retain data.
normal sync: The synchronization among replicas after initial sync is done.
notification area: An area of the desktop's taskbar containing program icons that provide status and notifications on events and system state, such as incoming e-mail messages, updates, and network connectivity.
notification icon: An icon placed in the notification area.
NT backup file: A file that contains the representation of another file. It is made up of zero or more backup streams.
NT hash: An MD5-based cryptographic hash of a clear text password. For more information, see [MS-NLMP].
NT file system (NTFS): The native file system for Windows 2000and later versions. For more information, see [MSFT-NTFS].
NTFS: See NT file system (NTFS).
NT LAN Manager (NTLM) Authentication Protocol: A protocol using a challenge-response mechanism for authentication in which clients are able to verify their identities without sending a password to the server. It consists of three messages, commonly referred to as Type 1 (negotiation), Type 2 (challenge) and Type 3 (authentication). For more information, see [MS-NLMP].
NTOWF: A general-purpose function used in the context of an NT LAN Manager (NTLM) authentication protocol, as specified in [MS-NLMP], which computes a one-way function of the user's password. For more information, see [MS-NLMP] section 7.
NULL GUID: A GUID of all zeros.
nullable column: A database table column that is allowed to contain no value for a given row.