Sorting out DNS and Name resolution mysteries and deleting registry keys automatically

I’ll start with a weird one.  This is less of an article and more of "Finding a needle in a haystack" story.  It started with a client that had a series of laptops that would not surf off site.


Nice try smart guy.

Running the NETSH RESET doesn’t fix it, nor does renaming the WINSOCK,WINSOCK2 and reinstalling TCP/IP OR getting your hands on any one of a dozen "Stack fixers"


How about this

Onsite (Corporate lan) no issue.

Offsite Not working.

"EASY!" You scream out. "PROXY SERVERS!"

Swat.  Back down and sit at the back of the class.  Checking the Proxy settings in the browser.  Clean.

"STATIC DNS!" I see somebody jumping up "STATIC ENTRIES IN THE HOSTS FILE!"

No no no no and No.   Remember I said "Needle in a Haystack."

So let’s see what I have for info.  Notebooks had Novell Client32, 3 party dialup, any one of three internet connections and a domain configuration.

And to boot?  A new install was doing it too.

Right.  System restore.  Back to domain membership and before applications installed.   Install dialer.  Hey it works! It works!  Reboot and test several times STILL WORKING.

Now add in Novell Client32.   Login working.  Offsite NOT WORKING.  My first GUT reaction.  Some type of policy applied with Novell.   Other than the Service Pack, nothing had really changed.  Must be a service pack issue.  I beam with pride having pointed out the troublemaker.

Client taps me on the back.

"We have one with SP2 doing it as well as SP4 Novell Client32"

Magic words burst forth to the computer gods in the sky.   The gods look down and smile with glee.  "Buah hah hah hah! Ye shalt not solveth this one! Buah hah hah hah!"

The only hint.  Running NSLOOKUP would show the two internal Corporate DNS servers as default, hard coded.  Finally in desperation, a regedit search.  Maybe it’s in plain text.

FIND 10.x.x.x

DING.  It shows up under a policy "DNS SERVERS".  My eyes roll in my head.  Some old legacy policy? NT 4! An NTCONFIG.POL file!  But why today?

Why is not relevant.  A fix.   Try renaming the key.  Poof.  Internet surfing working immediately.  The bandaid?  A simple REG file created for the user to purge that entry.

Deleting a registry key is not difficult.  You can do some fancy RUNDLL or Vbscript stuff.  If you have Powershell that’s built in (LOVE Powershell!)

But with a .REG file (text file for importing changes to a registry) it’s not difficult.

Using REGEDIT, use the File/Export option to export the key in question.  Now it all depends if you want to delete the WHOLE KEY or just specific entries.  It’s still easy but a teeny bit different.

So let’s say the contents of "SAVED.REG" is


Windows Registry Editor Version 5.00

"iTunesHelper"=""C:\Program Files\iTunes\iTunesHelper.exe""
"SunJavaUpdateSched"=""C:\Program Files\Java\jre1.6.0-07\bin\jusched.exe""


Let’s pretend the offending key I want to remove is the "iTunesHelper" (not picking on Apple, just a random sample, so put the lawyers away!)

To remove the "Bad Apple" (sorry, bad pun!) from the system you simple make the file look like this.


Windows Registry Editor Version 5.00



So you change the contents being assigned to the value in the .REG file with a simple "-" (Minus, dash, hyphen, pokey thing) character

Resaving the file as FIX.REG or UNDO.REG or OHJANESTOPTHISCRAZYTHING.REG will get you a nice little file that will allow a merge into the registry to purge THAT SINGLE ITEM.  You will of course need adminstrative privaledges to do this but it IS handy to know this.

Now if you wanted to delete the entire key (BACK IT UP FIRST!) the command looks like this


Windows Registry Editor Version 5.00



Did anybody spot the difference and what we use to pull all of this off?  That’s right, the "-" (minus, dash, hyphen or whatever you would LIKE to call it).  Placed just after the "[" in that entry of the REG file will cause it to purge that ENTIRE key.  Careful.   This is a VERY powerful and dangerous option and should be used with extreme caution.

Now back to my "Needle in the Haystack" story

So digging into Group Policy later we found entries in the Default Domain applying hard coded DNS servers.  Why today.   That we didn’t isolate.  But it was revealed to me that the original consultant who setup the network years ago (Think just as A/D came out in Windows 2000) didn’t like using Active Directory Users and Computers and had turned on EVERY stupid legacy feature they could.  Best we could guess some automatic update triggered something between Windows and Novell to cause this beast to rise to the surface.   Normally I would have assumed a Group Policy, but it only applied when Client32 logged in.  

Boy doesn’t THAT throw you for a loop?

But I’ll tell you it was both interesting and frustrating to find it.  It also goes to show what can happen when you start over customizing the system.   Especially a) If you don’t document it and B) if you know JUST enough to get in trouble.

But it also shows that almost ANY problem CAN be solved without a full re-install of the operating system.  You just have to dig sometimes.

The Energized Tech
Dedication and Inspiration creating the new Generation

TechDays-ca 2008 – The Countdown begins!


That’s right everybody.  In a short time of barely 40 days Techdays-CA 2008, THE premier technology tour will be making it’s way through the dangerous highways and bi-ways.  Facing danger like no other human has ever seen. 

Professionals armed only with knowledge and NOTHING ELSE, are coming your way.

All joking aside, it will be here before you know it.  Techdays-ca 2008 is barely 40 days away.  Registration should happen soon.  Remember to register before October 15th 2008 to get the best price.

And you know what?


That’s right! An actual GLIMPSE inside the tour-de-force that is Techdays-ca 2008.

"You mean they’re going to show us the whole show before we get in?"

No, I mean I can tell you what you should be in store for.  

Think of it this way.   You want to learn?  Techdays-ca 2008 is cheaper than most courses.   It’s a day (or two depending where you are) away from work, hanging out learning stuff, inspiring AND relaxing at once.  


Like a peek?

Track details on Day one


Track Details on Day two


One word.  WOW!  Your brain will be stuffed good by the the end of THIS!

So ready to jump in? Convinced?  Get registered now, get two those two days off !  Do it now!  Get registered online.  Do it before Octobert 15th for the best rate.  Do it before all the spots are filled.

Do it before your boss finds out.  They just might want to go too… 🙂

It’s a time for learning and a time for growing.

Techdays-ca 2008.   It’s a time for you.


IT Pro Toronto


Don’t miss it! The new season is upon us all!

ItPro Toronto a place where all computer can meet up and check the latest technology meets tomorrow night at its *NEW* location!

Bahen Centre for Information Technology (BA)

40 St. George Street, Toronto, M5S 2E4

Meeting at 6:30pm this is within walking distance of Queens Pk subway stop!

Cost? Just your time.

Featuring the Great and Powerful Mitch Garvis and SBS 2008!

Be there or be lost in between time dimensions!