Wireshark

  • Riverbed Technology
  • WinPcap
the world's foremost network protocol analyzer
  • Wireshark
    • About
    • Download
    • Blog
  • Get Help
    • Ask a Question
    • FAQs
    • Documentation
    • Mailing Lists
    • Online Tools
    • Wiki
    • Bug Tracker
  • Develop
    • Get Involved
    • Developer's Guide
    • Browse the Code
    • Latest Builds

Display Filter Reference: Microsoft Windows Logon Protocol (Old)

Protocol field name: smb_netlogon
Versions: 1.0.0 to 1.6.5

Back to Display Filter Reference

Field name Type Description Versions
smb_netlogon.client_site_name Character string Client Site Name 1.0.0 to 1.6.5
smb_netlogon.command Unsigned integer, 1 byte Command 1.0.0 to 1.6.5
smb_netlogon.computer_name Character string Computer Name 1.0.0 to 1.6.5
smb_netlogon.date_time Unsigned integer, 4 bytes Date/Time 1.0.0 to 1.6.5
smb_netlogon.db_count Unsigned integer, 4 bytes DB Count 1.0.0 to 1.6.5
smb_netlogon.db_index Unsigned integer, 4 bytes Database Index 1.0.0 to 1.6.5
smb_netlogon.domain.guid Sequence of bytes Domain GUID 1.0.0 to 1.6.5
smb_netlogon.domain_dns_name Character string Domain DNS Name 1.0.0 to 1.6.5
smb_netlogon.domain_name Character string Domain Name 1.0.0 to 1.6.5
smb_netlogon.domain_sid_size Unsigned integer, 4 bytes Domain SID Size 1.0.0 to 1.6.5
smb_netlogon.flags.autolock Boolean Autolock 1.0.0 to 1.6.5
smb_netlogon.flags.enabled Boolean Enabled 1.0.0 to 1.6.5
smb_netlogon.flags.expire Boolean Expire 1.0.0 to 1.6.5
smb_netlogon.flags.homedir Boolean Homedir 1.0.0 to 1.6.5
smb_netlogon.flags.interdomain Boolean Interdomain Trust 1.0.0 to 1.6.5
smb_netlogon.flags.mns Boolean MNS User 1.0.0 to 1.6.5
smb_netlogon.flags.normal Boolean Normal User 1.0.0 to 1.6.5
smb_netlogon.flags.password Boolean Password 1.0.0 to 1.6.5
smb_netlogon.flags.server Boolean Server Trust 1.0.0 to 1.6.5
smb_netlogon.flags.temp_dup Boolean Temp Duplicate User 1.0.0 to 1.6.5
smb_netlogon.flags.workstation Boolean Workstation Trust 1.0.0 to 1.6.5
smb_netlogon.forest_dns_name Character string Forest DNS Name 1.0.0 to 1.6.5
smb_netlogon.large_serial Unsigned integer, 8 bytes Large Serial Number 1.0.0 to 1.6.5
smb_netlogon.lm_token Unsigned integer, 2 bytes LM Token 1.0.0 to 1.6.5
smb_netlogon.lmnt_token Unsigned integer, 2 bytes LMNT Token 1.0.0 to 1.6.5
smb_netlogon.low_serial Unsigned integer, 4 bytes Low Serial Number 1.0.0 to 1.6.5
smb_netlogon.mailslot_name Character string Mailslot Name 1.0.0 to 1.6.5
smb_netlogon.major_version Unsigned integer, 1 byte Workstation Major Version 1.0.0 to 1.6.5
smb_netlogon.minor_version Unsigned integer, 1 byte Workstation Minor Version 1.0.0 to 1.6.5
smb_netlogon.nt_date_time Date and time NT Date/Time 1.0.0 to 1.6.5
smb_netlogon.nt_version Unsigned integer, 4 bytes NT Version 1.0.0 to 1.6.5
smb_netlogon.os_version Unsigned integer, 1 byte Workstation OS Version 1.0.0 to 1.6.5
smb_netlogon.pdc_name Character string PDC Name 1.0.0 to 1.6.5
smb_netlogon.pulse Unsigned integer, 4 bytes Pulse 1.0.0 to 1.6.5
smb_netlogon.random Unsigned integer, 4 bytes Random 1.0.0 to 1.6.5
smb_netlogon.request_count Unsigned integer, 2 bytes Request Count 1.0.0 to 1.6.5
smb_netlogon.script_name Character string Script Name 1.0.0 to 1.6.5
smb_netlogon.server_dns_name Character string Server DNS Name 1.0.0 to 1.6.5
smb_netlogon.server_ip IPv4 address Server IP 1.0.0 to 1.6.5
smb_netlogon.server_name Character string Server Name 1.0.0 to 1.6.5
smb_netlogon.server_site_name Character string Server Site Name 1.0.0 to 1.6.5
smb_netlogon.unicode_computer_name Character string Unicode Computer Name 1.0.0 to 1.6.5
smb_netlogon.unicode_pdc_name Character string Unicode PDC Name 1.0.0 to 1.6.5
smb_netlogon.unknown Unsigned integer, 1 byte Unknown 1.0.0 to 1.6.5
smb_netlogon.update Unsigned integer, 2 bytes Update Type 1.0.0 to 1.6.5
smb_netlogon.user_name Character string User Name 1.0.0 to 1.6.5

Wireshark and the "fin" logo are registered trademarks of the Wireshark Foundation