15 N

name service entry: A unit of advertisement that is exported to the RPC Name Service. These entries are of three types: a Server Entry, which contains bindings for a single server and optionally a set of Object UUIDs (for more information, see [C706-Ch2Intro], "Name Service Attributes"); a Group Entry, which contains names of one or more server entries, other groups, or both (for more information, see [C706-Ch2Intro], "Name Service Attributes"); and a Profile Entry, which contains a prioritized set of profile elements (for more information, see [C706-Ch2Intro], "Name Service Attributes").

name service provider interface (NSPI): A method of performing address-book-related operations on Active Directory.

name table: The list of systems participating in a DXDiag, DirectPlay 4, or DirectPlay 8 session, as well as any application-created groups.

named pipe: A named, one-way, or duplex pipe for communication between a pipe server and one or more pipe clients.

named stream: A place within a file in addition to the main stream where data is stored, or the data stored therein. File systems support a mode in which it is possible to open either the main stream of a file and/or to open a named stream. Named streams have different data than the main stream (and than each other) and may be read and written independently. Not all file systems support named streams. See also, main stream.

naming context (NC): A set of objects organized as a tree that is referenced by a DSName. The distinguished name (DN) of the DSName is the distinguishedNameattribute of the tree root. The GUID of the DSName is the objectGUIDattribute of the tree root. The security identifier (SID) of the DSName, if present, is the objectSidattribute of the tree root; for Active Directory Domain Services (AD DS), the SID is present if and only if the NC is a domain naming context (domain NC). Active Directory supports organizing several NCs into a tree structure.

naming context (NC) replica: A tree of objects whose root object is identified by the naming context, which is a dsname.

naming context (NC) replica graph: A directed graph containing naming context (NC) replicas as nodes and repsFrom tuples as inbound edges by which originating updates replicate from each full replica of a given NC to all other NC replicas of the NC, directly or transitively.

naming context root (NC Root): The specific directory object referenced by the naming context dsname.

NAP: See Network Access Protection (NAP).

native mode: A state of an Active Directory domain in which all current and future domain controllers (DCs) use AD style domains. Native mode allows organizations to take advantage of the new Active Directory features such as universal groups, nested group membership, and interdomain group membership.

NBNS: See NetBIOS Name Server (NBNS).

NC: See naming context (NC).

NC replica: See naming context (NC) replica.

NDR64: See 64-bit Network Data Representation (NDR64).

negotiation: A series of exchanges. The successful outcome of a negotiation is the establishment of one or more security associations (SAs). For more information, see [RFC2408] section 2.

negotiation discovery: An Internet Key Exchange (IKE) extension that improves interoperation between Internet Protocol security (IPsec) and non-IPsec-aware hosts. Detecting that the peer host is not capable of IPsec usually involves waiting for the IKE negotiation to time out, then sending traffic in the clear. With negotiation discovery, the host starts the IKE negotiation and sends clear text traffic in parallel. If the IKE negotiation succeeds and security associations (SAs) are established, further traffic is secured.

.NET Framework: An integral Windows component that supports building and running applications and XML web services. The .NET Framework has two main components: the common language runtime and the .NET Framework class library. For more information about the .NET Framework, see [MSDN-.NET-FRAMEWORK].

The following versions of the .NET Framework are available in the following released Windows products or as supplemental software.

.NET Framework version

Windows version

.NET Framework 1.0

Windows 98, Windows Millennium Edition, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003

.NET Framework 1.1

Windows 98, Windows Millennium Edition, Windows 2000, Windows XP, Windows Vista, Windows Server 2003, Windows Server 2003 R2, and Windows Server 2008

.NET Framework 2.0

Windows 98, Windows Millennium Edition, Windows 2000, Windows XP, Windows Vista, Windows 7, Windows Server 2003, Windows Server 2003 R2, Windows Server 2008, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2

.NET Framework 3.0

Windows XP, Windows Vista, Windows 7, Windows Server 2003, Windows Server 2003 R2, Windows Server 2008, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2

.NET Framework 3.5

Windows XP, Windows Vista, Windows 7, Windows Server 2003, Windows Server 2003 R2, Windows Server 2008, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2

.NET Framework 4.0

Windows XP, Windows Vista, Windows 7, Windows Server 2003, Windows Server 2003 R2, Windows Server 2008, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2

.NET Framework 4.5

Windows Vista, Windows 7, Windows Server 2003, Windows Server 2003 R2, Windows Server 2008, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2

NetBIOS: A particular network transport that is part of the LAN Manager protocol suite. NetBIOS uses a broadcast communication style that was applicable to early segmented local area networks. The LAN Manager protocols were the default in Windows NT environments prior to Windows 2000.

NetBIOS datagram service: An implementation of NetBIOS services in a datagram environment as specified in [RFC1001] section 17.

NetBIOS host name: The NetBIOS name of a host (as specified in [RFC1001] section 14 and [RFC1002] section 4), with the extensions described in [MS-NBTE].

NetBIOS name: A 16-byte address that is used to identify a NetBIOS resource on the network. For more information, see [RFC1001] and [RFC1002].

NetBIOS Name Server (NBNS): A server that stores NetBIOS name-to-IPv4 address mappings and that resolves NetBIOS names for NBT-enabled hosts. A server running the Windows Internet Name Service (WINS) is the Microsoft implementation of an NBNS.

NetBIOS over TCP/IP (NBT): A feature that allows NetBIOS to be used over the TCP/IP protocol, as defined in [RFC1001] and [RFC1002].

NetBIOS suffix: The 16th byte of a 16-byte NetBIOS name that is constructed using the optional naming convention defined in [MS-NBTE] section 1.8.

NBT: See NetBIOS over TCP/IP (NBT).

Netlogon: (1) In a Windows NT-compatible network security environment, the component responsible for synchronization and maintenance functions between a primary domain controller (PDC) and backup domain controllers (BDC). Netlogon is a precursor to the directory replication server (DRS) protocol.

(2) Used to refer to the Windows Netlogonsecurity support provider (SSP). This is not provided for use by other applications. It has neither the full functionality of public SSPs nor access from non-Local Security Authority (LSA) applications.

(3) The Netlogon Remote Protocol, as specified in [MS-NRPC].

Network Access Policy: A set of rules that determines the behavior of a network access server (NAS). The policy consists of a set of conditions that matches an access request to the policy and an access profile.

Network Access Protection (NAP): A feature of an operating system that provides a platform for system health-validated access to private networks. NAP provides a way of detecting the health state of a network client that is attempting to connect to or communicate on a network, and limiting the access of the network client until the health policy requirements have been met.

Network Access Protection (NAP) client: A computer that supports the NAP feature by complying with the corresponding policy settings.

Network Access Protection (NAP) Group Policy (GP) Extension GUID: A GUID defined separately for each computer policy setting that associates a specific administrative tool extension with a set of policy settings that can be stored in a Group Policy Object (GPO).

network access server (NAS): A computer server that provides an access service for a user who is trying to access a network. A NAS operates as a client of RADIUS. The RADIUS client is responsible for passing user information to designated RADIUS servers and then acting on the response returned by the RADIUS server. Examples of a NAS include: a VPN server, Wireless Access Point, 802.1x-enabled switch, or Network Access Protection (NAP) server.

network address translation (NAT): The process of converting between IP addresses used within an intranet, or other private network, and Internet IP addresses.

network byte order: The order in which the bytes of a multiple-byte number are transmitted on a network, most significant byte first (in big-endian storage). This may or may not match the order in which numbers are normally stored in memory for a particular processor.

Network Data Representation (NDR): A specification that defines a mapping from Interface Definition Language (IDL) data types onto octet streams. NDR also refers to the runtime environment that implements the mapping facilities (for example, data provided to NDR). For more information, see [MS-RPCE] and [C706-Ch14TransSyntaxNDR].

network logon: A software method in which the account information and credentials previously supplied by the user as part of an interactive logon are used again to log the user onto another network resource.

Network Policy Server (NPS): For Windows Server 2008, NPS replaces the Internet Authentication Service (IAS) in Windows Server 2003. NPS acts as a health policy server for the following technologies:

  • Internet Protocol security (IPsec) for host-based authentication

  • IEEE 802.1X authenticated network connections

  • Virtual private networks (VPNs) for remote access

  • Dynamic Host Configuration Protocol (DHCP)

network redirector: A software component on a connected computer that handles requests for remote files and printer operations.

node: A computer system that is configured as a member of a cluster. That is, the computer has the necessary software installed and configured to participate in the cluster, and the cluster configuration includes this computer as a member.

nonce: A number that is used only once. This is typically implemented as a random number large enough that the probability of number reuse is extremely small. A nonce is used in authentication protocols to prevent replay attacks. For more information, see [RFC2617].

nonreplicated attribute: An attribute whose values are not replicated between naming context (NC) replicas. The nonreplicated attributes of an object are, in effect, local variables of the domain controller (DC) hosting the NC replica containing that object, since changes to these attributes have no effect outside that DC.

nonvolatile random access memory (NVRAM): Read/write memory that persists in its state when the power is removed, or normally volatile memory that has been fitted with a battery backup to retain data.

normal sync: The synchronization among replicas after initial sync is done.

notification area: An area of the desktop's taskbar containing program icons that provide status and notifications on events and system state, such as incoming email messages, updates, and network connectivity.

notification icon: An icon placed in the notification area.

NT backup file: A file that contains the representation of another file. It is made up of zero or more backup streams.

NT Directory Service (NTDS): A previous name for Active Directory.

NTDS: See NT Directory Service (NTDS).

NT file system (NTFS): NT file system (NTFS) is a proprietary Microsoft File System. For more information, see [MSFT-NTFS].

NTFS: See NT file system (NTFS).

NT hash: An MD5-based cryptographic hash of a clear text password. For more information, see [MS-NLMP].

NT LAN Manager (NTLM) Authentication Protocol: A protocol using a challenge-response mechanism for authentication in which clients are able to verify their identities without sending a password to the server. It consists of three messages, commonly referred to as Type 1 (negotiation), Type 2 (challenge) and Type 3 (authentication). For more information, see [MS-NLMP].

NTOWF: A general-purpose function used in the context of an NTLM authentication protocol, as specified in [MS-NLMP], which computes a one-way function of the user's password. For more information, see [MS-NLMP] section 6.

NULL GUID: A GUID of all zeros.

nullable column: A database table column that is allowed to contain no value for a given row.