Syed Khairuddin

Windows 2003 DNS issue A Records are continuously dissapearing and DHCP SERVICE Access Denied

Last couple of days back I received a call from one of my friend describing a typical problem he was facing with his Windows 2003 DNS server. So I took the remote session and started troubleshooting the problem step by step and came to know that  DHCP client service was not started on the Server which is the most important service on the Windows 2003 DNS SERVER. Dynamic DNS registration relies on the Dynamic Host Configuration Protocol (DHCP) client service to perform dynamic updates. When you disable or set the DHCP client service to start manually, it prevents dynamic DNS updates from occurring. Even if the client or server uses a static Internet Protocol (IP) address, the DHCP client service must be running for dynamic DNS updates to occur.

http://support.microsoft.com/kb/264539

http://support.microsoft.com/kb/268674

When I tried to start the DHCP Client Service from the services  I ended up with a pop  "Could not start the DCHP Client service on Local Computer.
Error 5: Access is denied. " (see the screenshot attached below) even though I was logged on with the Administrators account then I followed this article  http://support.microsoft.com/kb/895149 which mentions

This problem occurs because the Network Service account does not have sufficient permissions to access the following registry subkeys when you upgrade to Windows Server 2003:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dhcp
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip
I tried giving the permisson and tried to start the service but I was unsucessfull. After lot of tries and comparing the other servers registry keys i came to know that there is one more registry key which has to be given permisson which is not mentioned in the KB article which is
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dhcp\Parameters.Right Clicked on Parameteres clicked security and  I added "Network Service" and gave it Full
Control and Resolved the Issue.
Note: This problem might occur if you have conficker virus on your network as well.
Posted: 03-10-2010 12:08 PM by skhairudin | with 1 comment(s)
Filed under:

Comments

Asem Alhourani said:

Syed I believe this article is very valuable!

Sharing the real life scenarios which you daily face is a very intersting thing to do...

Please keep'em coming...

We want to hear more from you..

Thanks for participating... :)

# March 10, 2010 3:35 PM