Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

One IP with different computer names in DNS

Posted on 2007-08-10
24
Medium Priority
?
256 Views
Last Modified: 2010-04-07
for some reason in my DNS forward lookup zone, I can see one IP address assigned for 4 different name computers with type Host(A).
can someone explain to me the reason why this happen and how to fix it?
how do I know which record is corretely assigned to whic computer name and which is incorrectely assigned?

thanks
0
Comment
Question by:jskfan
  • 13
  • 10
24 Comments
 
LVL 29

Assisted Solution

by:Jan Springer
Jan Springer earned 400 total points
ID: 19672868
For your domain, view the 'A' records in the forward domain zone.

The primary hostname of that IP should have an 'A' record.

For the other hosts that have an 'A' or a 'CNAME' record and map to that same IP or host, just delete those records individually.  

Be cautious, though, if that IP address handles many services.  It is not unusual for a single IP to be known as 'www', 'mail', 'smtp', etc.

As far as knowing what to delete or change, you need to know the primary hostname for each machine, what services run on it and which DNS entries were provided for access to those services.
0
 
LVL 4

Expert Comment

by:starmonkey
ID: 19672936
I fyou are using DHCP you can also see what Lease is issued to what hostname.  Trace the computer back and run IP config to verify.

If you need multiple names to point to the same machine, I would use CNAMES (aliases) rather that A records.

Know that by default 2000 and up uses strick nameing for file and printer shares.  (ie you can't access a share using the alias name).  this can be disabled in the registry.

If you have bogus A recods in your for lookp zone, you can simply delete then.
0
 

Author Comment

by:jskfan
ID: 19672995
for the same IP(10.1.1.28) I can see 4 different machine names and they are all Host(A).
How can I tell which one has been assigned the IP correctely, which one not?

This issue affects McAfee Epolicy orchestrator.
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 4

Expert Comment

by:starmonkey
ID: 19673038
There are many different ways, it depends on the PC being on, can you take control of it etc.

The general idea is to access the PC by IP address, then gather hte info you need

If you have netbios enabled you can type this into a command prompt:
net send 10.1.1.28 please call the IT department at x999
or something like that.  see who calls.

Or if you prefer, RDP to the device by IP address, then look at system properties.
Are the PCs close to you?

non-invasivly, you use computer management to
0
 
LVL 4

Expert Comment

by:starmonkey
ID: 19673042
sorry, hit the return early...
0
 
LVL 4

Expert Comment

by:starmonkey
ID: 19673051
non-invasivly, you use computer management to connect to the remote PC by IP address.  Once you are connected there should be somewhere you could pick up the name.  Let me take a look for a sec...
0
 

Author Comment

by:jskfan
ID: 19673070

<<<non-invasivly, you use computer management to>>>

how would this help?
0
 
LVL 4

Expert Comment

by:starmonkey
ID: 19673081
Because you can connect to the remote computer by IP address, then go to local users and groups.  Open any of the group objects and you will see the computers netbios name listed.  The IP address that corresponds to this name (in DNS) is the coerrect one
0
 
LVL 4

Expert Comment

by:starmonkey
ID: 19673115
big picture is that you are using the IP address to connect to the PC, then using that remote connecting to determine what the local name of that machine is.

Are you using static address assignments or DHCP?
0
 

Author Comment

by:jskfan
ID: 19673236
we use DHCP, but I don't understand when you said:
"you can connect to the remote computer by IP address, then go to local users and groups.  Open any of the group objects and you will see the computers netbios name listed.  The IP address that corresponds to this name (in DNS) is the coerrect one"
I don't see where it shows up the computer netbios name.
0
 

Author Comment

by:jskfan
ID: 19673264
I can see it now
0
 

Author Comment

by:jskfan
ID: 19673280
so there will be no problem if I delete the other records that have the same ip and different names of the machines
0
 
LVL 4

Accepted Solution

by:
starmonkey earned 1600 total points
ID: 19673292
open computer management:
right click my compute on desktop, choose manage

Action menu, select "connect to remote compute" (use the IP address)

now you are looking at the computer management console for the remote computer (by IP address).   You want to find out the name that computer is using.

Go to local users and groups, groups folder.
Open the administrators group (this will be the remotes computer's local administrators group).  Look at the members, they should look something like this:
workstation-one\Administrators
workstation-one in the above axample is the remote computer's name and should match one of your DNS host A records

0
 
LVL 4

Expert Comment

by:starmonkey
ID: 19673314
Shouldn't be an issue.  since you are using DHCP and new computers will register it's name when DHCP issues an address.

You could actually delete all 4 wait a day, the the correct entry will register itself when it is rebooted.
0
 

Author Comment

by:jskfan
ID: 19673326
after finding the right computer using the computer management and the IP addresst , if I delete the wrong records in DNS would this be fine?
would those machines whose (A)records is delete be able to create a  correct one on DNS next time they connect?
0
 
LVL 4

Expert Comment

by:starmonkey
ID: 19673378
So long as the security settings on the zone are OK.  Right click the zone and go to properties, security tab.  I think it uses authnticated uses to create child object (the A records).

You can test it by deleting your PC's host record and rebooting.  When your computer comes back it should re-register the dns entry (you might need to refresh the zone but I don't think so)
0
 
LVL 4

Expert Comment

by:starmonkey
ID: 19673387
Worst case sinerio, you try it out on yours.  If it doesn't work manually re-create the record.
0
 

Author Comment

by:jskfan
ID: 19673528
I deleted teh A record for my computer and rebooted and it gets recreated.
0
 

Author Comment

by:jskfan
ID: 19673649
I would like to know how this issue ,of having many computer names with DNS A record pointing to the same IP address, happens.
Does this come from DHCP address pool and lease duration when they are relativel short regardingthe number of computers?
0
 
LVL 4

Expert Comment

by:starmonkey
ID: 19673657
Yes as long a the security settings on the zone allow authenticated users to create child objects
0
 

Author Comment

by:jskfan
ID: 19673676
after checking DHCP I found that I have a pool  of 101 address with 80 computers and lease duration of 1 day, how would the problem happen in this case?
0
 
LVL 4

Expert Comment

by:starmonkey
ID: 19673722
Somehow the different computer names regestered thier netbios names with the same IP address.  It can happen if DHCP assigns the same IP address to different computers at different times (different days, judging from your lease durration).  The old registed records don't go away when a new address is assigned.

You might want to set aging and scavanging on the zone (zone properties, general tab).  I find 7 days to work well.

You also might want to expand the pool of IP address DHCP can issue,  It can help prevent DHCP from issuing the same IP address at different times.
0
 

Author Comment

by:jskfan
ID: 19675719
I can't expand the pool as the next IP range is assigned to another pool.
If I understand when DHCP assigns an IP to a computer, the computer will keep this IPthe next time it will restart, and there are less computers than the IPs in the pool, so how DHCP give one IP to different computers. Can you explain this in details?

Thanks
0
 
LVL 4

Expert Comment

by:starmonkey
ID: 19695395
My understanding is that this is only true for the duration of the lease.   If the computer is off when it's lease expires, DHCP can issue the IP address to a different computer.
Typically in my network this happens when a presenter will come in with a laptop, and plug it into my network.
Other times this has happened when I change a computer name, change the NIC card, or restore a backup from one PC to a different PC.  I compensate for this by setting scavenging and aging in DNS.  In the worst case, I just determine the real current computer name for a given IP address, and delete any stale host A records
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I will assume you are running a non-server version of some sort of Windows throughout this article. There are many flavors of Windows since Windows Server 2000 - 2008, XP Home & Pro, Vista Home & Pro, and Windows 7 Starter, Home, Pro, Ultimate, etc.…
BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
Despite its rising prevalence in the business world, "the cloud" is still misunderstood. Some companies still believe common misconceptions about lack of security in cloud solutions and many misuses of cloud storage options still occur every day. …
With just a little bit of  SQL and VBA, many doors open to cool things like synchronize a list box to display data relevant to other information on a form.  If you have never written code or looked at an SQL statement before, no problem! ...  give i…
Suggested Courses

564 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question