One IP with different computer names in DNS

for some reason in my DNS forward lookup zone, I can see one IP address assigned for 4 different name computers with type Host(A).
can someone explain to me the reason why this happen and how to fix it?
how do I know which record is corretely assigned to whic computer name and which is incorrectely assigned?

thanks
jskfanAsked:
Who is Participating?
 
starmonkeyCommented:
open computer management:
right click my compute on desktop, choose manage

Action menu, select "connect to remote compute" (use the IP address)

now you are looking at the computer management console for the remote computer (by IP address).   You want to find out the name that computer is using.

Go to local users and groups, groups folder.
Open the administrators group (this will be the remotes computer's local administrators group).  Look at the members, they should look something like this:
workstation-one\Administrators
workstation-one in the above axample is the remote computer's name and should match one of your DNS host A records

0
 
Jan SpringerCommented:
For your domain, view the 'A' records in the forward domain zone.

The primary hostname of that IP should have an 'A' record.

For the other hosts that have an 'A' or a 'CNAME' record and map to that same IP or host, just delete those records individually.  

Be cautious, though, if that IP address handles many services.  It is not unusual for a single IP to be known as 'www', 'mail', 'smtp', etc.

As far as knowing what to delete or change, you need to know the primary hostname for each machine, what services run on it and which DNS entries were provided for access to those services.
0
 
starmonkeyCommented:
I fyou are using DHCP you can also see what Lease is issued to what hostname.  Trace the computer back and run IP config to verify.

If you need multiple names to point to the same machine, I would use CNAMES (aliases) rather that A records.

Know that by default 2000 and up uses strick nameing for file and printer shares.  (ie you can't access a share using the alias name).  this can be disabled in the registry.

If you have bogus A recods in your for lookp zone, you can simply delete then.
0
On-Demand: Securing Your Wi-Fi for Summer Travel

Traveling this summer?Check out our on-demand webinar to learn about the importance of Wi-Fi security and 3 easy measures you can start taking immediately to protect your private data while using public Wi-Fi. Follow us today to learn more!

 
jskfanAuthor Commented:
for the same IP(10.1.1.28) I can see 4 different machine names and they are all Host(A).
How can I tell which one has been assigned the IP correctely, which one not?

This issue affects McAfee Epolicy orchestrator.
0
 
starmonkeyCommented:
There are many different ways, it depends on the PC being on, can you take control of it etc.

The general idea is to access the PC by IP address, then gather hte info you need

If you have netbios enabled you can type this into a command prompt:
net send 10.1.1.28 please call the IT department at x999
or something like that.  see who calls.

Or if you prefer, RDP to the device by IP address, then look at system properties.
Are the PCs close to you?

non-invasivly, you use computer management to
0
 
starmonkeyCommented:
sorry, hit the return early...
0
 
starmonkeyCommented:
non-invasivly, you use computer management to connect to the remote PC by IP address.  Once you are connected there should be somewhere you could pick up the name.  Let me take a look for a sec...
0
 
jskfanAuthor Commented:

<<<non-invasivly, you use computer management to>>>

how would this help?
0
 
starmonkeyCommented:
Because you can connect to the remote computer by IP address, then go to local users and groups.  Open any of the group objects and you will see the computers netbios name listed.  The IP address that corresponds to this name (in DNS) is the coerrect one
0
 
starmonkeyCommented:
big picture is that you are using the IP address to connect to the PC, then using that remote connecting to determine what the local name of that machine is.

Are you using static address assignments or DHCP?
0
 
jskfanAuthor Commented:
we use DHCP, but I don't understand when you said:
"you can connect to the remote computer by IP address, then go to local users and groups.  Open any of the group objects and you will see the computers netbios name listed.  The IP address that corresponds to this name (in DNS) is the coerrect one"
I don't see where it shows up the computer netbios name.
0
 
jskfanAuthor Commented:
I can see it now
0
 
jskfanAuthor Commented:
so there will be no problem if I delete the other records that have the same ip and different names of the machines
0
 
starmonkeyCommented:
Shouldn't be an issue.  since you are using DHCP and new computers will register it's name when DHCP issues an address.

You could actually delete all 4 wait a day, the the correct entry will register itself when it is rebooted.
0
 
jskfanAuthor Commented:
after finding the right computer using the computer management and the IP addresst , if I delete the wrong records in DNS would this be fine?
would those machines whose (A)records is delete be able to create a  correct one on DNS next time they connect?
0
 
starmonkeyCommented:
So long as the security settings on the zone are OK.  Right click the zone and go to properties, security tab.  I think it uses authnticated uses to create child object (the A records).

You can test it by deleting your PC's host record and rebooting.  When your computer comes back it should re-register the dns entry (you might need to refresh the zone but I don't think so)
0
 
starmonkeyCommented:
Worst case sinerio, you try it out on yours.  If it doesn't work manually re-create the record.
0
 
jskfanAuthor Commented:
I deleted teh A record for my computer and rebooted and it gets recreated.
0
 
jskfanAuthor Commented:
I would like to know how this issue ,of having many computer names with DNS A record pointing to the same IP address, happens.
Does this come from DHCP address pool and lease duration when they are relativel short regardingthe number of computers?
0
 
starmonkeyCommented:
Yes as long a the security settings on the zone allow authenticated users to create child objects
0
 
jskfanAuthor Commented:
after checking DHCP I found that I have a pool  of 101 address with 80 computers and lease duration of 1 day, how would the problem happen in this case?
0
 
starmonkeyCommented:
Somehow the different computer names regestered thier netbios names with the same IP address.  It can happen if DHCP assigns the same IP address to different computers at different times (different days, judging from your lease durration).  The old registed records don't go away when a new address is assigned.

You might want to set aging and scavanging on the zone (zone properties, general tab).  I find 7 days to work well.

You also might want to expand the pool of IP address DHCP can issue,  It can help prevent DHCP from issuing the same IP address at different times.
0
 
jskfanAuthor Commented:
I can't expand the pool as the next IP range is assigned to another pool.
If I understand when DHCP assigns an IP to a computer, the computer will keep this IPthe next time it will restart, and there are less computers than the IPs in the pool, so how DHCP give one IP to different computers. Can you explain this in details?

Thanks
0
 
starmonkeyCommented:
My understanding is that this is only true for the duration of the lease.   If the computer is off when it's lease expires, DHCP can issue the IP address to a different computer.
Typically in my network this happens when a presenter will come in with a laptop, and plug it into my network.
Other times this has happened when I change a computer name, change the NIC card, or restore a backup from one PC to a different PC.  I compensate for this by setting scavenging and aging in DNS.  In the worst case, I just determine the real current computer name for a given IP address, and delete any stale host A records
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.