[WARNING] The DNS Resolver Cache service is not running.

J

Jim Carlock

DNS Test Passed.
[WARNING] The DNS Resolver Cache service is not running.

This is the message that is being presented on an XP machine when
I run NetDiag /fix on it. It also reports:

No DCs are up (Cannot run test).

[FATAL] Secure channel to domain '' is broken.
Trust relationship failed.
[ERROR_NO_TRUST_SAM_ACCOUNT]
[WARNING] Failed to query SPN registration on DC

The message above is on an XP machine, and the domain
security has been tightened up with very restrictive group
policies, I'm wondering if the Domain group policies are
causing the DNS problem.

Thanks once again in advance... I'm going to search through
the newsgroup to see if I can find a previous post about this
problem and see if there's an answer there.

Happy Holiday to all!
 
A

Ace Fekay [MVP]

In
Jim Carlock said:
DNS Test Passed.
[WARNING] The DNS Resolver Cache service is not running.

This is the message that is being presented on an XP machine when
I run NetDiag /fix on it. It also reports:

No DCs are up (Cannot run test).

[FATAL] Secure channel to domain '' is broken.
Trust relationship failed.
[ERROR_NO_TRUST_SAM_ACCOUNT]
[WARNING] Failed to query SPN registration on DC

The message above is on an XP machine, and the domain
security has been tightened up with very restrictive group
policies, I'm wondering if the Domain group policies are
causing the DNS problem.

Thanks once again in advance... I'm going to search through
the newsgroup to see if I can find a previous post about this
problem and see if there's an answer there.

Happy Holiday to all!


Is the DHCP Client Service disabled or stopped? Were there any restrictive
settings in regards to any services?

Happy Holidays to you too!

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS-IS" with no warranties and confers no
rights.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory

HAM AND EGGS: A day's work for a chicken; A lifetime commitment for a
pig. --
=================================
 
J

Jim Carlock

The DHCP service on the client XP machine is up and running.

C:\Program Files\Support Tools>ipconfig /displaydns
Windows IP Configuration
Could not display the DNS Resolver Cache.

DNS on the server is running, but I'm wondering if I'm just passing
through it and going out to the internet through the router and NAT
deal.

I just tested it and I'm going through my DNS server which is
working for the most part. The cache was cleared on the server,
and I went to www.theonion.com and it showed up immediately
in the DNS cache. So the Routing and NAT is working fine,
I'm getting full connection to the DHCP and all the appropriate
servers are being configured properly by the DHCP server.

I can connect to the dc from the XP machine and browse the
system drives even though I'm not hooked up to the domain
and there is NO trust relationship. This is throwing me for a
loop.

C:\Program Files\Support Tools>ipconfig /displaydns
Windows IP Configuration
Could not display the DNS Resolver Cache.

ipconfig /all

Ethernet adapter xp001:
Connection-specific DNS Suffix . : fl.microcosmotalk.com
Description . . . . . . . . . . . : 3Com Model
Physical Address. . . . . . . . . : 00-00-00-00-00-00
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 10.10.0.20
Subnet Mask . . . . . . . . . . . : 255.0.0.0
Default Gateway . . . . . . . . . : 10.10.1.1
DHCP Server . . . . . . . . . . . : 10.10.1.1
DNS Servers . . . . . . . . . . . : 10.10.1.1
Primary WINS Server . . . . . . . : 10.10.1.1
Lease Obtained. . . . . . . . . . : April 11 8:41:24 PM
Lease Expires . . . . . . . . . . : April 11 9:41:24 PM

I changed the NAT numbers to protect the NICocent. <g>

--
Jim Carlock
http://www.microcosmotalk.com/
Post replies to the newsgroup.


"Ace Fekay [MVP]" SubMyFName&[email protected]
inquired about about these things after, Jim Carlock posted
his thoughts:
DNS Test Passed.
[WARNING] The DNS Resolver Cache service is not running.

This is the message that is being presented on an XP machine when
I run NetDiag /fix on it. It also reports:

No DCs are up (Cannot run test).

[FATAL] Secure channel to domain '' is broken.
Trust relationship failed.
[ERROR_NO_TRUST_SAM_ACCOUNT]
[WARNING] Failed to query SPN registration on DC

The message above is on an XP machine, and the domain
security has been tightened up with very restrictive group
policies, I'm wondering if the Domain group policies are
causing the DNS problem.

Thanks once again in advance... I'm going to search through
the newsgroup to see if I can find a previous post about this
problem and see if there's an answer there.

Happy Holiday to all!


Is the DHCP Client Service disabled or stopped? Were there any restrictive
settings in regards to any services?

Happy Holidays to you too!

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS-IS" with no warranties and confers no
rights.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory

HAM AND EGGS: A day's work for a chicken; A lifetime commitment for a
pig. --
=================================
 
J

Jim Carlock

The DNS Resolver Cache does not work on the XP client. It
works on the Server though, and it is listing a bunch of unvisited
sites.

Am I interpretting that wrong? I was thinking that running the
following command on the XP client would grab the cache from
the Server.

ipconfig /displaydns

When I run that on the server, it looks like it's grabbing someone
else's DNS, so let me ask this, what is that command supposed
to display when run on a DNS server?

And if run on a client machine, what is it supposed to display. I
think that's where I'm confused, and I was making assumptions.

--
Jim Carlock
http://www.microcosmotalk.com/
Post replies to the newsgroup.


"Jim Carlock" thought:
The DHCP service on the client XP machine is up and running.

C:\Program Files\Support Tools>ipconfig /displaydns
Windows IP Configuration
Could not display the DNS Resolver Cache.

DNS on the server is running, but I'm wondering if I'm just passing
through it and going out to the internet through the router and NAT
deal.

I just tested it and I'm going through my DNS server which is
working for the most part. The cache was cleared on the server,
and I went to www.theonion.com and it showed up immediately
in the DNS cache. So the Routing and NAT is working fine,
I'm getting full connection to the DHCP and all the appropriate
servers are being configured properly by the DHCP server.

I can connect to the dc from the XP machine and browse the
system drives even though I'm not hooked up to the domain
and there is NO trust relationship. This is throwing me for a
loop.

C:\Program Files\Support Tools>ipconfig /displaydns
Windows IP Configuration
Could not display the DNS Resolver Cache.

ipconfig /all

Ethernet adapter xp001:
Connection-specific DNS Suffix . : fl.microcosmotalk.com
Description . . . . . . . . . . . : 3Com Model
Physical Address. . . . . . . . . : 00-00-00-00-00-00
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 10.10.0.20
Subnet Mask . . . . . . . . . . . : 255.0.0.0
Default Gateway . . . . . . . . . : 10.10.1.1
DHCP Server . . . . . . . . . . . : 10.10.1.1
DNS Servers . . . . . . . . . . . : 10.10.1.1
Primary WINS Server . . . . . . . : 10.10.1.1
Lease Obtained. . . . . . . . . . : April 11 8:41:24 PM
Lease Expires . . . . . . . . . . : April 11 9:41:24 PM

I changed the NAT numbers to protect the NICocent. <g>

--
Jim Carlock
http://www.microcosmotalk.com/
Post replies to the newsgroup.


"Ace Fekay [MVP]" SubMyFName&[email protected]
inquired about about these things after, Jim Carlock posted
his thoughts:
DNS Test Passed.
[WARNING] The DNS Resolver Cache service is not running.

This is the message that is being presented on an XP machine when
I run NetDiag /fix on it. It also reports:

No DCs are up (Cannot run test).

[FATAL] Secure channel to domain '' is broken.
Trust relationship failed.
[ERROR_NO_TRUST_SAM_ACCOUNT]
[WARNING] Failed to query SPN registration on DC

The message above is on an XP machine, and the domain
security has been tightened up with very restrictive group
policies, I'm wondering if the Domain group policies are
causing the DNS problem.

Thanks once again in advance... I'm going to search through
the newsgroup to see if I can find a previous post about this
problem and see if there's an answer there.

Happy Holiday to all!


Is the DHCP Client Service disabled or stopped? Were there any restrictive
settings in regards to any services?

Happy Holidays to you too!

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS-IS" with no warranties and confers no
rights.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory

HAM AND EGGS: A day's work for a chicken; A lifetime commitment for a
pig. --
=================================
 
A

Ace Fekay [MVP]

In
Jim Carlock said:
The DNS Resolver Cache does not work on the XP client. It
works on the Server though, and it is listing a bunch of unvisited
sites.

Am I interpretting that wrong? I was thinking that running the
following command on the XP client would grab the cache from
the Server.

ipconfig /displaydns

When I run that on the server, it looks like it's grabbing someone
else's DNS, so let me ask this, what is that command supposed
to display when run on a DNS server?

And if run on a client machine, what is it supposed to display. I
think that's where I'm confused, and I was making assumptions.

--

I think we may be assuming stuff here, If you like, post the /displaydns
output from both servers and we can tell you if there's any problems
(hijacked HOSTS files, etc).



--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS-IS" with no warranties and confers no
rights.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory

HAM AND EGGS: A day's work for a chicken; A lifetime commitment for a
pig. --
=================================
 
J

Jim Carlock

Okay here's the info about the server:

The hosts file is over 100K in size and can be found at the following
website:

http://mvps.org/winhelp2002/ hosts.txt

I was under the assumption that ipconfig /displaydns would
display the sites visited. And I can see that that true.

The hosts file is located here:

\winnt\system32\drivers\etc\hosts
\winnt\system32\drivers\etc\lmhosts.sam

I'm not sure how the lmhosts.sam is used or what it is used
for right at the moment. And I do NOT know how to make
the hosts file work for the DNS server for client browsing.

Ipconfig /displaydns confirms the host file in effect.
Ipconfig /displaydns confirms that the XP client is going to the
DNS server. I ran a small test whereby I cleared the cache
and then jumped out to a website that is not used much and
it popped up in the Ipconfig /displaydns results.

So all that is well and good. What I am NOT seeing is the
hosts file being effective for "client" machines connected to the
network. DNS SERVER is ignoring the hosts file when clients
are browsing. How do I configure the hosts file to take effect
for the whole domain?

The hosts file is not when a client tries to ping the sites in it. I can
ping the hosts in it (from the client machine). The server pings are
properly translated to 127.0.0.1 from the server.

--
Jim Carlock
http://www.microcosmotalk.com/
Post replies to the newsgroup.


"Ace Fekay [MVP]"
message In
Jim Carlock said:
The DNS Resolver Cache does not work on the XP client. It
works on the Server though, and it is listing a bunch of unvisited
sites.

Am I interpretting that wrong? I was thinking that running the
following command on the XP client would grab the cache from
the Server.

ipconfig /displaydns

When I run that on the server, it looks like it's grabbing someone
else's DNS, so let me ask this, what is that command supposed
to display when run on a DNS server?

And if run on a client machine, what is it supposed to display. I
think that's where I'm confused, and I was making assumptions.

--

I think we may be assuming stuff here, If you like, post the /displaydns
output from both servers and we can tell you if there's any problems
(hijacked HOSTS files, etc).



--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS-IS" with no warranties and confers no
rights.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory

HAM AND EGGS: A day's work for a chicken; A lifetime commitment for a
pig. --
=================================
 
J

Jim Carlock

Let me adjust some things again, this is the same info that
was in the last post, but I see I didn't fully explain things,
so... I'm adding comments in the <comment> format:

# ------------------------------------------------

Okay here's the info about the server:

The hosts file is over 100K in size and can be found at the following
website:

http://mvps.org/winhelp2002/ hosts.txt

I was under the assumption that ipconfig /displaydns would
display the sites visited. And I can see that that true.

The hosts file is located here:

\winnt\system32\drivers\etc\hosts
\winnt\system32\drivers\etc\lmhosts.sam

I'm not sure how the lmhosts.sam is used or what it is used
for right at the moment. And I do NOT know how to make
the hosts file work for the DNS server for client browsing.

Ipconfig /displaydns confirms the host file in effect.
<comment>
When Ipconfig /displaydns is run on the DNS server.
</comment>
Ipconfig /displaydns confirms that the XP client is going to the
DNS server. I ran a small test whereby I cleared the cache
and then jumped out to a website that is not used much and
it popped up in the Ipconfig /displaydns results.
<comment>
Again, I ran IPCONFIG /DISPLAYDNS on the server.
The server results are okay.
</comment>

So all that is well and good. What I am NOT seeing is the
hosts file being effective for "client" machines connected to the
network. DNS SERVER is ignoring the hosts file when clients
are browsing. How do I configure the hosts file to take effect
for the whole domain?
<comment>
IPCONFIG /DISPLAYDNS on an XP client displays:
C:\WINDOWS\system32\drivers\etc>ipconfig /displaydns
Windows IP Configuration
Could not display the DNS Resolver Cache.
</comment>

The hosts file is not when a client tries to ping the sites in it. I can
ping the hosts in it (from the client machine). The server pings are
properly translated to 127.0.0.1 from the server.

<comment>
The pings when done from the XP client do not translate to the
server, and do not translate to 127.0.0.1 and this indicates that
DNS does not use the hosts file at all when a client on the
network is going through the DNS server.
</comment>

<comment>
The XP Client is connected to the domain. It can browse the
files on the Domain Controller. The DHCP settings are
acquired from the DC and everything looks great there. DHCP
is running fantastically. No problems whatsoever.

I'm not quite sure how it's connected to the domain, but it is.
NETDIAG when run on the XP client indicates:

DNS test . . . . . . . . . . . . . : Passed
[WARNING] The DNS Resolver Cache service is not running.
[FFFFFFFF]
DC discovery test. . . . . . . . . : Passed
DC list test . . . . . . . . . . . : Failed
'FL': No DCs are up.
LDAP test. . . . . . . . . . . . . : Passed
[WARNING] Failed to query SPN registration on DC
Kerberos test. . . . . . . . . . . : Skipped
Trust relationship test. . . . . . : Failed
'FL': No DCs are up (Cannot run test).
[FATAL] Secure channel to domain 'FL' is broken.
[ERROR_NO_TRUST_SAM_ACCOUNT]

All other tests reported by NetDiag on the XP client machine,
indicate "Passed."

1) From the client machine I can type in the following at the
Explorer bar:
\\dc001\C$

And I have full access to that drive. (I have administrative
priveleges. I have to go through a secondary logon to get
there, but I can do it.)

On the Domain Controller, I cannot do the same to view the
client machine. I think this is a problem with the XP machine.

On the XP machine, when I go through Network Neighborhood,
I can see the domain name, see the computers listed in that
domain, but the XP machine IS NOT listed. It's out there, but it
is not in the list of computers connected to the domain. Also, the
XP machine cannot see it self in the list of computers. It's like it
is invisible.

When I go to the DC computer, and browse the network, the
xp client doesn't exist.

When I go into the DHCP applet, I see the XP client as getting
an IP address from it. That is the ONLY place I see the XP
client when I'm looking for it through the Domain Controller.

When I go into Explorer and type the following:

\\xp001\C$

I get a trust relationship failed message.
</comment>
 
A

Ace Fekay [MVP]

In Jim Carlock <[email protected]> posted their thoughts, then I offered mine
<snip>

Holy Yipes Batman, you've been railroaded, hijacked, overtaken.....

Delete everything except this stuff below, which is the only thing that
should be in the HOSTS file:




# This HOSTS file is a free download from:
# http://www.mvps.org/winhelp2002/
#
# Notes: the browser does not read this "#" symbol
# You can create your own notes, after the # symbol
# This *must* be the first line: 127.0.0.1 localhost
# ********************************************************
# -------------------Updated: 04-09-04-------------------*
# ********************************************************
# Entries marked with Parasite or Trojan comments should
# be placed in the IE Restricted Zone
# http://mvps.org/winhelp2002/restricted.htm
#
# Entries with other comments are searchable via Google
#
# Disclaimer: this file is free to use, however it is NOT
# permitted to post on any other site without permission.

127.0.0.1 localhost



Then save it. Then go into Security tab and make everyone Read on it, but
make System FC.

THen run an antivirus scan, then run Adaware 6.0, then look for a trojan
hunter and run that too. Watch what websites you go to.
--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS-IS" with no warranties and confers no
rights.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory

HAM AND EGGS: A day's work for a chicken; A lifetime commitment for a
pig. --
=================================
 
J

Jim Carlock

What makes you think it's got a virus or has been hijacked?

I was going to start off with a laugh or chuckle. But I'll wait to see
if I can get something better, than just someone saying I've been
hijacked.


I ran an older version of AdAware on it, and it flagged out the
typical item, which was a tracking cookie.

I think I'll start up a terminal session on it and see what there is
to see. Terminal Services is running on it as of yesterday.

I don't see any activity on it that indicates it's been hijacked. Hard
to tell through Terminal Services though.

Is there a reason you've indicated it's been hijacked? At worst, I
think I've found a bug in XP that I just haven't pin pointed yet, or
maybe it's a bug that is in the Win2K server / XP relationships.
 
J

Jim Carlock

Ace Fekay mentioned:
<snip>
Make everyone Read on it, but make System FC.
</snip>

One thing I've done is have deleted the EVERYONE group.

It is not in place at all and NOT used. That was one of the Security
things I went through last year.

<snip>
Then run an antivirus scan, then run Adaware 6.0, then look for a trojan
hunter and run that too. Watch what websites you go to.
</snip>

Now back to the one of my other questions, HOW does one make
that hosts file apply to DNS? The computers are routing right through
it. DNS knows it's there but doesn't use it. I don't want to replicate it
to clients. That's just too inconvenient. If DNS recogizes it 100% and
clients in turn recognize it, I'll redirect the 127.0.0.1 to a local web
server and everything will be grand. Meaning I'll change the numbers
to a network adapter that is running IIS.

AVG reports no virus. An updated version (4/12/2004) of Lavasoft
reports de nada. I don't think there is an opening. But I'm not fully
100% trained in finding such openings. If there is an opening, and it's
private information, send an email to my first name at the other
domain I listed in my previous post.
 
A

Ace Fekay [MVP]

In
Jim Carlock said:
Ace Fekay mentioned:
<snip>
Make everyone Read on it, but make System FC.
</snip>

One thing I've done is have deleted the EVERYONE group.

It is not in place at all and NOT used. That was one of the Security
things I went through last year.

<snip>
Then run an antivirus scan, then run Adaware 6.0, then look for a
trojan hunter and run that too. Watch what websites you go to.
</snip>

Now back to the one of my other questions, HOW does one make
that hosts file apply to DNS? The computers are routing right through
it. DNS knows it's there but doesn't use it. I don't want to
replicate it to clients. That's just too inconvenient. If DNS
recogizes it 100% and clients in turn recognize it, I'll redirect the
127.0.0.1 to a local web server and everything will be grand. Meaning
I'll change the numbers
to a network adapter that is running IIS.

AVG reports no virus. An updated version (4/12/2004) of Lavasoft
reports de nada. I don't think there is an opening. But I'm not fully
100% trained in finding such openings. If there is an opening, and
it's private information, send an email to my first name at the other
domain I listed in my previous post.


Maybe just make Everyone Read on it only. This will prevent HOSTS file
hijacking, is what happened to you. It was probably some site you went to
that ran an Actice X Object that updated your hosts file with what it wanted
to.

Notice the sort of names in the HOSTS file? They're all advertising sites,
unless they're all your sites?

The cache is checked first before DNS during resolution and if there's
anything in the HOSTS file, it's loaded into cache.

Sorry Jim, you've been hijacked. Not the first time I've seen this.

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS-IS" with no warranties and confers no
rights.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory

HAM AND EGGS: A day's work for a chicken; A lifetime commitment for a
pig. --
=================================
 
K

Kevin D. Goodknecht [MVP]

In Ace Fekay [MVP] <PleaseSubstituteMyActualFirstName&[email protected]>
posted a question
Then Kevin replied below:
Sorry Jim, you've been hijacked. Not the first time I've seen this.

Ace, I think this is intentional, self hijacked, host file to block these
sites by name.
 
J

Jim Carlock

Self-hijacked? LOL

It is intentional. It prevents anyone (at least on the server) from
gaining access to any of the sites listed in the file. It does not
replicate itself though to clients hooked up through NAT/Routing.

Ace is missing how the file is used. He made me go through and
rethink things though, but if he continues in his response without
providing details on how HE knows I'm hijacked, then ... either
I am a complete idiot or he's just overlooking something.

Ace, do this for me. Go to a computer, open your hosts file,
then put in the following line:

127.0.0.1 www.playboy.com

Save the file, then open your browser and watch what happens.

--
Jim Carlock
http://www.microcosmotalk.com/
Post replies to the newsgroup.


In Ace Fekay [MVP] <PleaseSubstituteMyActualFirstName&[email protected]>
posted a question
Then Kevin replied below:
Sorry Jim, you've been hijacked. Not the first time I've seen this.

Ace, I think this is intentional, self hijacked, host file to block these
sites by name.
 
J

Jim Carlock

Maybe I'm going about this the wrong way. How does one
redirect DNS to a local page when someone types in a
corny web address into their browser? Where is this list of
prohibited websites held?
 
A

Ace Fekay [MVP]

In
Kevin D. Goodknecht said:
In Ace Fekay [MVP]
<PleaseSubstituteMyActualFirstName&[email protected]> posted a
question
Then Kevin replied below:


Ace, I think this is intentional, self hijacked, host file to block
these sites by name.

My bad, didn't see the loopback... blinded by all those entries! LOL


--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS-IS" with no warranties and confers no
rights.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory

HAM AND EGGS: A day's work for a chicken; A lifetime commitment for a
pig. --
=================================
 
A

Ace Fekay [MVP]

In
Jim Carlock said:
Self-hijacked? LOL

It is intentional. It prevents anyone (at least on the server) from
gaining access to any of the sites listed in the file. It does not
replicate itself though to clients hooked up through NAT/Routing.

Ace is missing how the file is used. He made me go through and
rethink things though, but if he continues in his response without
providing details on how HE knows I'm hijacked, then ... either
I am a complete idiot or he's just overlooking something.

Ace, do this for me. Go to a computer, open your hosts file,
then put in the following line:

127.0.0.1 www.playboy.com

Save the file, then open your browser and watch what happens.


Sorry, didn't see the loopback. I was just blinded by all the entries!

Then maybe I'm not seeing what the problem is with the error you're
receiving, DNS Resolver Cache no running, so sorry. But I know one thing,
when you restart the DNS client service, it loads the HOSTS file into cache,
so when you do a /displaydns, you'll see what's in your cache.

So sorry, not sure why the service may not be running, other than asking
what other errors show up in the Event logs. Is this the only XP machine
it's happening on? Were there any reg changes recently made? Were any
services stopped thinking thay may have not been needed? The services I look
for to be running for this are:
DHCP Client Service
DNS Client Service

When you try to start the Client service, what error is it giving you (if
any)?

And as far as this statement (from an earlier post in the thread):
Am I interpretting that wrong? I was thinking that running the
following command on the XP client would grab the cache from
the Server.

ipconfig /displaydns

No, it doesn;t get the cache from the server, but rather from it';s own
HOSTS file. If you are trying to load this into the DNS Server so it works
for everyone on the network, that won;'t work. The DNS server's own client
cache is it's own local machine's resolver cache. The DNS Server's cache
itself for the DNS services is a separate service. If you want to load this
whole list into DNS, then I would probably suggest to use DNSCMD to load
them by creating individual zones with resources all pointing to the local
host.

Sorry if I got off track earlier. I hope this post explains or understands
what you;'re trying to accomplish and the limitations.

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS-IS" with no warranties and confers no
rights.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory

HAM AND EGGS: A day's work for a chicken; A lifetime commitment for a
pig. --
=================================
 
J

Jim Carlock

"Ace Fekay [MVP]" cited...
Is this the only XP machine it's happening on?
</snip>

Yes, and there's a trust relationship failure, which I'm pretty
sure I can get around, by changing the SID on the machine to
match the old machine. Is there another way to knock it off
the server?

Were there any reg changes recently made?
Were any services stopped thinking thay may have not been
needed?
</snip>

Think it's just the SID problem that is the big problem. Don't
think the services come into play at all right at the moment.
When you try to start the Client service, what error is it
giving you (if any)?

Not sure what you're refering to there. Everything is a client
service, even the server services seem to be client services.
IE, Microsoft tries to write things to the HDD via 127.0.0.1
instead of using the HDD interrupts. All I know is when I
put ZoneAlarm up on an XP machine, Zone Alarm gives fits
because 127.0.0.1 has to be added as trusted zone because
the OS seems to be using it alot to write event logs (???).

<errorlog on the XP machine>
Windows cannot log you on because your profile cannot be
loaded. Check that you are connected to the network, or
that your network is functioning correctly. If this problem
persists, contact your network administrator.

</errorlog on the XP machine>

DCOM is giving event messages as well about not being
able to log itself into the machine. I've been doing a
lot of registry manipulations and testing for some
software I'm writing, I think it's quite possible I
need to reinstall DCOM. Do you know of a way to do
this?

I'm onto something now. It lost its ability to logon.
One of the biggest and bestest things about the Windows
OS in the past is that TCP was seperate from the OS, you
could uninstall it, reinstall and it would sometimes fix
itself. Microsoft is now hellbent on proclaiming that
everything is THE OS. They are being heavily fined for
it as well. They are destroying consumer confidence.
That is something I've been seeing happen but didn't
know how to declare it and I think I just stumbled upon
the problem and how to fix it. The software being built
by Microsoft is no longer built by United States
programmers, but instead being outsourced to Bushy
Lawyers. No I really don't have anything against bushy
fellows, but I really think Chimpanzees could make a
better operating system.

I think the DNS service might be using DCOM. DCOM is
NOT working because of software tests. Now I need to
figure out how to get DCOM working. The DNS client
service is NOT working either, but it might be based
upon the DCOM service.

So the question is, do you know how to reinstall the
DCOM client service? And the DNS client service. I
hope reinstalling those two components... and it's
really funny, because DCOM means...

Distributed Component Object Model

And I really need to know how to reinstall those
components. They are not components if they are THE
OPERATING SYSTEM. Microsoft needs to outsource to
Chimpanzees inside the country instead of outside
the country. It really won't look good if terrorists
are being paid to build our operating systems.

<gulp>

--
Jim Carlock
I did not create the site below, but I find it Bushy
and Hilauraious!
http://www.bushorchimp.com/
Which one is George and which one is Laura?

PS. Thanks for your help Ace. I appreciate everything greatly.
 
A

Ace Fekay [MVP]

In
Jim Carlock said:
"Ace Fekay [MVP]" cited...

</snip>

Yes, and there's a trust relationship failure, which I'm pretty
sure I can get around, by changing the SID on the machine to
match the old machine. Is there another way to knock it off
the server?

How was that determined?

</snip>

Think it's just the SID problem that is the big problem. Don't
think the services come into play at all right at the moment.


NOt sure how the SID problem, that you believe is occuring, relates with a
local service on a client desktop, unless there's some specific service
installed that's using a domain account for startup?

Not sure what you're refering to there. Everything is a client
service, even the server services seem to be client services.


The DNS Client service (also called the DNS Resolver Cache service, the
namesake of this thread), isn't that what you've been referring to all
along? Unless now I'm getting lost as to what is being asked and the thread
has changed?
If s, sorry....

IE, Microsoft tries to write things to the HDD via 127.0.0.1
instead of using the HDD interrupts. All I know is when I
put ZoneAlarm up on an XP machine, Zone Alarm gives fits
because 127.0.0.1 has to be added as trusted zone because
the OS seems to be using it alot to write event logs (???).


Didn't know you are using ZA. Maybe that has something to do with the whole
thing?
Is ICF running as well?

<errorlog on the XP machine>
Windows cannot log you on because your profile cannot be
loaded. Check that you are connected to the network, or
that your network is functioning correctly. If this problem
persists, contact your network administrator.

</errorlog on the XP machine>


Maybe tht has something to do with ICF or ZA blocking communication.

DCOM is giving event messages as well about not being
able to log itself into the machine. I've been doing a
lot of registry manipulations and testing for some
software I'm writing, I think it's quite possible I
need to reinstall DCOM. Do you know of a way to do
this?

Not off hand. I had to do it once for a client on an Ex2k machine. I can
provide links later on unless you find them first.

I'm onto something now. It lost its ability to logon.
One of the biggest and bestest things about the Windows
OS in the past is that TCP was seperate from the OS, you
could uninstall it, reinstall and it would sometimes fix
itself. Microsoft is now hellbent on proclaiming that
everything is THE OS. They are being heavily fined for
it as well. They are destroying consumer confidence.
That is something I've been seeing happen but didn't
know how to declare it and I think I just stumbled upon
the problem and how to fix it. The software being built
by Microsoft is no longer built by United States
programmers, but instead being outsourced to Bushy
Lawyers. No I really don't have anything against bushy
fellows, but I really think Chimpanzees could make a
better operating system.

I think the DNS service might be using DCOM. DCOM is
NOT working because of software tests. Now I need to
figure out how to get DCOM working. The DNS client
service is NOT working either, but it might be based
upon the DCOM service.

So the question is, do you know how to reinstall the
DCOM client service? And the DNS client service. I
hope reinstalling those two components... and it's
really funny, because DCOM means...

Distributed Component Object Model

And I really need to know how to reinstall those
components. They are not components if they are THE
OPERATING SYSTEM. Microsoft needs to outsource to
Chimpanzees inside the country instead of outside
the country. It really won't look good if terrorists
are being paid to build our operating systems.

<gulp>

I think this thread has evolved into something on a different level than
DNS, so sorry I cannot help since I'm not a programmer, an outsourcer, bushy
fellow or chimp. Maybe one of the programming newsgroups may better help
you?



--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS-IS" with no warranties and confers no
rights.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory

HAM AND EGGS: A day's work for a chicken; A lifetime commitment for a
pig. --
=================================
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads


Top