RE: Solved: DHCP Client Service cannot start after conficker invaded


Just as an FYI. These are the only permissions needed to fix this problem.
This is what a default out of box install does:

Modify the permissions of this registry key:
HKLM\SYSTEM\CurrentControlSet\Services\Dhcp\Parameters
Add this builtin group -- access: Network Service -- Full Control
Add this builtin group – access: Network Configuration Operators -- Read
Have these permissions applied down the hive from the Parameters key --
Check “Replace permission entries on all child objects….” Under advanced.

We ran into the same problem and fixed it on all computers with a GPO.

"Bobson" wrote:

Hi Meinolf,

My apology!! As mentioned, I followed one of the articles before (you also
sent me the same one). I claimed that it could not resovle the problem... I
was wrong!! Once the server rebooted after changing registry, the DHCP
clients can start again!

I should have done so earlier.

Thank you very much for all your help (everyone's) !!

Bobson

"Meinolf Weber [MVP-DS]" wrote:

Hello Bobson,

The client still has to registrate in DNS and the yone properties in the
DNS server mostly use secure dynamic updates.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


Hi Meinolf,

Thank you for the link. In the article, it mentioned "dynamic DNS".
But my server is using static IP... so would the server still sending
"dynamic DNS" update to the dns and DHCP server?

Bobson

"Meinolf Weber [MVP-DS]" wrote:

Hello Bobson,

See this one:
http://support.microsoft.com/kb/264539
Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and
confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
Hi Meinolf,

Yep I tried the article you just sent before. But it did not work.

I would like to ask... you metnioned that DHCP Client service could
not start would affect the DNS... may you tell me little more
speicifc details lke what would happen if the DHCP client service
could not start?

Thank you.

Bobson

"Meinolf Weber [MVP-DS]" wrote:

Hello Bobson,

Check this article, don't take care about the title, just control
the steps:
http://support.microsoft.com/default.aspx?scid=kb;en-us;895149

And if the problems go on better think about reinstalling if the
server was infected from a backup prior to it.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties,
and
confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
Hi Meinolf,

Thank you for your prompt response.

The "warning" i got is: Even ID 1004, Source DHCP. It said The
DHCP CLient Service is shutting down. The follow error occurred:
Access is Denied.

I did some resaarch and found couple of article to fix the similar
error by adding "network services" group to something in the
registry. But it could not fix the problem. WHen I start the
service, it would tell me it won't start and access denied.

Hope the info help.

Bobson

"Meinolf Weber [MVP-DS]" wrote:

Hello Bobson,

The DHCP client service IS important to update DNS records, even
when using fixed ip addresses. What error message do you get when
you try to start it?

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties,
and
confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!!
http://www.blakjak.demon.co.uk/mul_crss.htm
Hi everyone,

Thank you for your help in advaced.

I have some servers with static IP assigned and have been
running fine until the moment they got the "conficker" infected.
Now the servers are clean, and they can go to "mcafee.com" and
"microsoft.com". But they could not start the DHCP client
service. I know it is not important at this point as the servers
are running on static IP. But I just want to look into the
solution.

Thank you very much for your help.

Bobson




.

Relevant Pages

  • Re: Re: _msdcs question
    ... >> host A record (which for a writable DNS server is the same as the SOA ... >> * Stop and Disable the DHCP Client Service ... >> service and then restart the NETLOGON service. ...
    (microsoft.public.windows.server.active_directory)
  • Re: AD replication fails -
    ... Is the new DC registered correctly in DNS in forward/reverse lookup zone? ... The DHCP client service is started by the default 'Network Service'. ... The IPconfig for the Win2k server is: ... The DC ITASCA-DEV-AD is advertising itself as a DC and having ...
    (microsoft.public.windows.server.active_directory)
  • RE: Solved: DHCP Client Service cannot start after conficker invad
    ... I was about to reply to Meinolf that the fix still did not work. ... Once the server rebooted after changing registry, ... DNS server mostly use secure dynamic updates. ... speicifc details lke what would happen if the DHCP client service ...
    (microsoft.public.windows.server.general)
  • Solved: DHCP Client Service cannot start after conficker invaded
    ... Once the server rebooted after changing registry, ... DNS server mostly use secure dynamic updates. ... only reply to Newsgroups ... speicifc details lke what would happen if the DHCP client service ...
    (microsoft.public.windows.server.general)
  • Re: WMI Path Problem - DIDNT WORK
    ... but rather let it default to the DNS server ... There are a wide variety of DNS management Samples. ... Check the WMI permissions and make sure that the "Local Administrators" ...
    (microsoft.public.dotnet.languages.vb)