Display Filter Reference: Microsoft Windows Logon Protocol (Old)

Protocol field name: smb_netlogon

Versions: 1.0.0 to 2.6.5

Back to Display Filter Reference

Field name Description Type Versions
smb_netlogon.client_site_name Client Site Name Character string 1.0.0 to 2.6.5
smb_netlogon.command Command Unsigned integer, 1 byte 1.0.0 to 2.6.5
smb_netlogon.computer_name Computer Name Character string 1.0.0 to 2.6.5
smb_netlogon.data Data Sequence of bytes 2.0.0 to 2.6.5
smb_netlogon.date_time Date/Time Unsigned integer, 4 bytes 1.0.0 to 2.6.5
smb_netlogon.db_count DB Count Unsigned integer, 4 bytes 1.0.0 to 2.6.5
smb_netlogon.db_index Database Index Unsigned integer, 4 bytes 1.0.0 to 2.6.5
smb_netlogon.domain.guid Domain GUID Sequence of bytes 1.0.0 to 2.6.5
smb_netlogon.domain_dns_name Domain DNS Name Character string 1.0.0 to 2.6.5
smb_netlogon.domain_name Domain Name Character string 1.0.0 to 2.6.5
smb_netlogon.domain_sid_size Domain SID Size Unsigned integer, 4 bytes 1.0.0 to 2.6.5
smb_netlogon.flags Account control Unsigned integer, 4 bytes 2.0.0 to 2.6.5
smb_netlogon.flags.autolock Autolock Boolean 1.0.0 to 2.6.5
smb_netlogon.flags.enabled Enabled Boolean 1.0.0 to 2.6.5
smb_netlogon.flags.expire Expire Boolean 1.0.0 to 2.6.5
smb_netlogon.flags.homedir Homedir Boolean 1.0.0 to 2.6.5
smb_netlogon.flags.interdomain Interdomain Trust Boolean 1.0.0 to 2.6.5
smb_netlogon.flags.mns MNS User Boolean 1.0.0 to 2.6.5
smb_netlogon.flags.normal Normal User Boolean 1.0.0 to 2.6.5
smb_netlogon.flags.password Password Boolean 1.0.0 to 2.6.5
smb_netlogon.flags.server Server Trust Boolean 1.0.0 to 2.6.5
smb_netlogon.flags.temp_dup Temp Duplicate User Boolean 1.0.0 to 2.6.5
smb_netlogon.flags.workstation Workstation Trust Boolean 1.0.0 to 2.6.5
smb_netlogon.forest_dns_name Forest DNS Name Character string 1.0.0 to 2.6.5
smb_netlogon.large_serial Large Serial Number Unsigned integer, 8 bytes 1.0.0 to 2.6.5
smb_netlogon.lm_token LM Token Unsigned integer, 2 bytes 1.0.0 to 2.6.5
smb_netlogon.lmnt_token LMNT Token Unsigned integer, 2 bytes 1.0.0 to 2.6.5
smb_netlogon.low_serial Low Serial Number Unsigned integer, 4 bytes 1.0.0 to 2.6.5
smb_netlogon.mailslot_name Mailslot Name Character string 1.0.0 to 2.6.5
smb_netlogon.major_version Workstation Major Version Unsigned integer, 1 byte 1.0.0 to 2.6.5
smb_netlogon.minor_version Workstation Minor Version Unsigned integer, 1 byte 1.0.0 to 2.6.5
smb_netlogon.nt_date_time NT Date/Time Date and time 1.0.0 to 2.6.5
smb_netlogon.nt_version NT Version Unsigned integer, 4 bytes 1.0.0 to 2.6.5
smb_netlogon.os_version Workstation OS Version Unsigned integer, 1 byte 1.0.0 to 2.6.5
smb_netlogon.pdc_name PDC Name Character string 1.0.0 to 2.6.5
smb_netlogon.pulse Pulse Unsigned integer, 4 bytes 1.0.0 to 2.6.5
smb_netlogon.random Random Unsigned integer, 4 bytes 1.0.0 to 2.6.5
smb_netlogon.request_count Request Count Unsigned integer, 2 bytes 1.0.0 to 2.6.5
smb_netlogon.script_name Script Name Character string 1.0.0 to 2.6.5
smb_netlogon.server_dns_name Server DNS Name Character string 1.0.0 to 2.6.5
smb_netlogon.server_ip Server IP IPv4 address 1.0.0 to 2.6.5
smb_netlogon.server_name Server Name Character string 1.0.0 to 2.6.5
smb_netlogon.server_site_name Server Site Name Character string 1.0.0 to 2.6.5
smb_netlogon.signature Signature Unsigned integer, 8 bytes 2.0.0 to 2.6.5
smb_netlogon.unicode_computer_name Unicode Computer Name Character string 1.0.0 to 2.6.5
smb_netlogon.unicode_pdc_name Unicode PDC Name Character string 1.0.0 to 2.6.5
smb_netlogon.unknown Unknown Unsigned integer, 1 byte 1.0.0 to 2.6.5
smb_netlogon.update Update Type Unsigned integer, 2 bytes 1.0.0 to 2.6.5
smb_netlogon.user_name User Name Character string 1.0.0 to 2.6.5
Go Beyond with Riverbed Technology

Riverbed is Wireshark's primary sponsor and provides our funding. They also make great products that fully integrate with Wireshark.

I have a lot of traffic...

ANSWER: SteelCentral™ Packet Analyzer PE
  • • Visually rich, powerful LAN analyzer
  • • Quickly access very large pcap files
  • • Professional, customizable reports
  • • Advanced triggers and alerts
Learn More

Buy Now

No, really, I have a LOT of traffic…

ANSWER: SteelCentral™ AppResponse 11
  • • Full stack analysis – from packets to pages
  • • Rich performance metrics & pre-defined insights for fast problem identification/resolution
  • • Modular, flexible solution for deeply-analyzing network & application performance
Learn More