'hosts' file not working?
Some of my web sites hosted on ORCS Web have recently moved to a new server. There are a few sites running from the same IP using ISAPI Rewrite, so ORCS Web kindly sent me a new hosts file to do the tests.
But of course hosts doesn't work on my machine, that would be too easy!
In the end, ORCS Web jumped onto my machine and poked around for a while and deleted a couple of old VPN connections that I had lying around (no change) and disabled the DNS service. That did it.
For some reason (and it's not supposed to work this way) if the DNS service is running, hosts is ignored. When I stop the service, hosts is used. Maybe this nugget will help someone trying to do the same thing.
UPDATE: THE REAL ANSWER! Hat tip to Terri Morton.
This guy determined his problem was that the for some reason NT AUTHORITY\NETWORK SERVICE did not have read added to the HOSTS file. When he granted read access his problem disappeared.
Here's the pertinent part:
In the Filemon log one entry, hidden between masses of activity, finally gave me the source problem:
OPEN C:\WINDOWS\system32\drivers\etc\hosts ACCESS DENIED NT AUTHORITY\NETWORK SERVICE
So I added this user to the security tab (with READ ONLY access), restarted the service... PROBLEM SOLVED.
The problem may have been my own doing, I might have copied the hosts file (and the default file permissions) from another machine. I don't remember... I probably did that 2 weeks or so back while setting up the VPN. Ah well,
live and learn.
Right, so to explain the initial behaviour I reported, in which I thought the dns client was ignoring the hosts file:
When you switch off the dnsclient, any software resolving domain names goes directly to the hosts file via the sockets library The process accesses the file as the user the process is running as, so no problem with read
permission. When the dnsclient is active software resolves via it, its running as a different user and has the read failure problem I discovered. Probably the biggest fault is that the problem is not announced (Microsoft:
an event entry would be a good thing here).