Sign in with
Sign up | Sign in
Your question

Possible DNS Registration issue (Windows 2003)

Last response: in Windows 2000/NT
Share
Anonymous
February 10, 2005 4:21:04 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

All of my Windows Server 2003 clients are getting a message like this in
their security logs when any account (even domain admin) tries to run an
ipconfig /registerdns:

Object Open:
Object Server: SC Manager
Object Type: SERVICE OBJECT
Object Name: Dnscache
Handle ID: -
Operation ID: {0,396436}
Process ID: 524
Image File Name: C:\WINNT\system32\services.exe
Primary User Name: VMPSAVT01$
Primary Domain: CMUTUALD
Primary Logon ID: (0x0,0x3E7)
Client User Name: NETWORK SERVICE
Client Domain: NT AUTHORITY
Client Logon ID: (0x0,0x3E4)
Accesses: Issue service-specific control commands

Privileges: -
Restricted Sid Count: 0
Access Mask: 0x100


Haven't noticed any obvious DNS problems due to this yet, but just found out
about it while trying to troubleshoot some other issues. Can't find anything
out there about this -- and the Network Service does seem to have the
necessary rights.

thanks for any help!

- David
Anonymous
February 13, 2005 8:25:27 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

In news:D 2EA687D-4DE4-49D0-8ABC-1AA843FB835F@microsoft.com,
Svengali <Svengali@discussions.microsoft.com> made a post then I commented
below
> All of my Windows Server 2003 clients are getting a message like this
> in their security logs when any account (even domain admin) tries to
> run an ipconfig /registerdns:
>
> Object Open:
> Object Server: SC Manager
> Object Type: SERVICE OBJECT
> Object Name: Dnscache
> Handle ID: -
> Operation ID: {0,396436}
> Process ID: 524
> Image File Name: C:\WINNT\system32\services.exe
> Primary User Name: VMPSAVT01$
> Primary Domain: CMUTUALD
> Primary Logon ID: (0x0,0x3E7)
> Client User Name: NETWORK SERVICE
> Client Domain: NT AUTHORITY
> Client Logon ID: (0x0,0x3E4)
> Accesses: Issue service-specific control commands
>
> Privileges: -
> Restricted Sid Count: 0
> Access Mask: 0x100
>
>
> Haven't noticed any obvious DNS problems due to this yet, but just
> found out about it while trying to troubleshoot some other issues.
> Can't find anything out there about this -- and the Network Service
> does seem to have the necessary rights.
>
> thanks for any help!
>
> - David


Interesting error. Did you lock down these machines with a security template
(either locally or thru the domain)?

--?
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services

Security Is Like An Onion, It Has Layers
HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.
--?
=================================
Anonymous
February 14, 2005 10:17:09 AM

Archived from groups: microsoft.public.win2000.dns (More info?)

All of our servers are built using a local security template (which was based
originally from our Windows 2000 security template) as well as locked down
via GPO. I've checed the police on the DNS Client (dnscache), but there
doesn't seem to be anything unusual there (Administrators have full control).

- David


"Ace Fekay [MVP]" wrote:

> In news:D 2EA687D-4DE4-49D0-8ABC-1AA843FB835F@microsoft.com,
> Svengali <Svengali@discussions.microsoft.com> made a post then I commented
> below
> > All of my Windows Server 2003 clients are getting a message like this
> > in their security logs when any account (even domain admin) tries to
> > run an ipconfig /registerdns:
> >
> > Object Open:
> > Object Server: SC Manager
> > Object Type: SERVICE OBJECT
> > Object Name: Dnscache
> > Handle ID: -
> > Operation ID: {0,396436}
> > Process ID: 524
> > Image File Name: C:\WINNT\system32\services.exe
> > Primary User Name: VMPSAVT01$
> > Primary Domain: CMUTUALD
> > Primary Logon ID: (0x0,0x3E7)
> > Client User Name: NETWORK SERVICE
> > Client Domain: NT AUTHORITY
> > Client Logon ID: (0x0,0x3E4)
> > Accesses: Issue service-specific control commands
> >
> > Privileges: -
> > Restricted Sid Count: 0
> > Access Mask: 0x100
> >
> >
> > Haven't noticed any obvious DNS problems due to this yet, but just
> > found out about it while trying to troubleshoot some other issues.
> > Can't find anything out there about this -- and the Network Service
> > does seem to have the necessary rights.
> >
> > thanks for any help!
> >
> > - David
>
>
> Interesting error. Did you lock down these machines with a security template
> (either locally or thru the domain)?
>
> --Â?
> Regards,
> Ace
>
> Please direct all replies ONLY to the Microsoft public newsgroups
> so all can benefit.
>
> This posting is provided "AS-IS" with no warranties or guarantees
> and confers no rights.
>
> Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
> Microsoft Windows MVP - Windows Server - Directory Services
>
> Security Is Like An Onion, It Has Layers
> HAM AND EGGS: A day's work for a chicken;
> A lifetime commitment for a pig.
> --Â?
> =================================
>
>
>
!