lemme see... i am using Windows 2003 server enterprise i ran dcpromo to install AD and DC. i have only 1 domain controller, which is a server that connects to the internet. it runs sygate home network to share internet with the rest of its subnet... i dont want to use it, but for some reason the internet sharing has conflict with my database's webpublishing and works fine with sygate. in Network Services... i have only DNS installed... the DNS name is orion.vastluck.com, and it is not registered on Internet. 2 NICs. To LAN: 192.168.0.8 255.255.255.0 DNS - 127.0.0.1 To Internet: 192.168.0.2 255.255.255.0 DNS - 127.0.0.1 Then this is the info from the client machine... Windows 2000 IP Configuration Host Name . . . . . . . . . . . . : LEE Primary DNS Suffix . . . . . . . : vastluck.com Node Type . . . . . . . . . . . . : Mixed IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : vastluck.com Ethernet adapter LAN: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : D-Link DFE-530TX PCI Fast Ethernet Adapter (Rev B) Physical Address. . . . . . . . . : 00-50-BA-24-2D-47 DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IP Address. . . . . . . . . . . . : 192.168.0.11 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.0.8 DHCP Server . . . . . . . . . . . : 192.168.0.8 DNS Servers . . . . . . . . . . . : 192.168.0.8 Lease Obtained. . . . . . . . . . : 2004-8-23 22:38:03 Lease Expires . . . . . . . . . . : 2038-1-19 11:14:07 Then the errors in my event viewer... (I am trying to translate from a different language) Application - there are just way too many errors... mostly are... (Userenv) 1. Windows finished applying GPO.... (or something like that, and yes, it's an error) (Userenv) 2. Windows didn't apply ... IP security/Software Installation/etc. ... because of .. already deleted group or changed..... (something like that... ) (Userenv) 3. to be applied GPO Security has no error messages System - warnings and infos... (LsaSrv) 1. Security system cannot establish a secure connection with DNS/dns.guangzhou.gd.cn, there is no applicable authentication certificate.... (something like that) AD Service - has no errors or warnings... only messages like finished clustering.. blah blah blah DNS Server - mostly messages and a recurring warning 1. DNS server received invalid domain name packet from 127.0.0.1.. packet will be rejected.... (something like that) 2. DNS met many running events... to make sure ... these events.... ID higher than 3000..... (something like that) Replication service - seems to have no problem.. very old messages from a few days ago... sorry i am on a machine with a different language so the above messages may be a little off.... but i am quite lost here... don't know what to do. i can't find where i got wrong~ please help~ and i don't have WINS server installed.... i'm installing now....