DNS Server with Netbios over TCP/IP disabled?

[Eric B.]

I've been trying for the last couple of hours to get my Win2K server to run
the DNS server service with Netbios over TCP/IP disabled. The server is
intended to be ONLY a web-server / dns server on a public connection, and as
such, I don't need or want any Netbios ports/protocols running.

Unfortunately, I have been unable to successfully get this to happen. No
matter what combination of options I try, I always get the following msg in
the event log:

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7001
Date: 9/18/2003
Time: 1:25:56 AM
User: N/A
Computer: WEB1
Description:
The DNS Server service depends on the NetBios over Tcpip service which
failed to start because of the following error:
The service cannot be started, either because it is disabled or because it
has no enabled devices associated with it.


The obvious answer is to reenable the Netbois over Tcpip driver. But that's
precisely the point that I am trying to avoid. It opens up unneeded
additional ports on my machine for no good reason. Microsoft even says it
is doable in one of its documents:
http://www.microsoft.com/technet/tr...ecurity/prodtech/windows/secwin2k/default.asp.


Can someone please point me in the right direction? What do I need to do to
get the DNS server working WITHOUT Netbios enabled? Otherwise, does anyone
have a suggestion for another DNS server I can use? (preferably gui-driven
for the other admins to be able to use)

Thanks!

Eric

 

[J.C. Hornbeck [MSFT]]

Hi Eric, I haven't seen that issue before and I'm running my Win2K DNS's the
same way (with NetBIOs over TCP/IP disabled). If you go into the properties
of the DNS Server service is the TCP/IP NetBIOS service listed as a
dependency?

J.C. Hornbeck

This posting is provided "AS IS" with no warranties, and confers no rights.

 

[Eric B.]

No - that's what I don't understand. The dependencies listed for DNS Server
are:
- NT LM Security Support Provider
- Remote Procedure Call (RPC)

Both are started and running.

I've got the Client for Microsoft Networks installed but not bound to my NIC
(otherwise the LM Security doesn't load and IIS doesn't load either), and
the File & Print Sharing installed but not bound to my NIC either (or LANMAN
doesn't run, and neither does BackupExec).

In my NIC TCP/IP Properties, i've selected Disable Netbios over TCP/IP.

I also disabled the actual device in the device manager (Device Manager ->
View -> Show Hidden Devices -> Non P&P devices -> Netbios over tcpip).
That's the one that I disabled to ensure that none of the netbios ports are
open/accessible. It seems that I need to enable that device, even though
the MS doc says otherwise.

Any suggestions? Is there something in the registry I can modify to get DNS
to work without Netbios?

Thanks!

Eric