oblacknova
asked on
DNS Forward Lookup Zone False IP
Everytime a certain user (Only one) logs into their computer, the server adds a fake DNS entry for the ip address.
Basically the server ip is 192.168.x.x but once they log on a second entry shows up, 10.1.x.x
It has never happened before and the network is over a year old, what can i do to stop this entry from appearing? It is sending her computer to the wrong IP and she cannot get outlook or server access. Thanks for reading!
Basically the server ip is 192.168.x.x but once they log on a second entry shows up, 10.1.x.x
It has never happened before and the network is over a year old, what can i do to stop this entry from appearing? It is sending her computer to the wrong IP and she cannot get outlook or server access. Thanks for reading!
Log on as administrator and rename the local profile. If you use a roaming profile, rename that as well. Have the user log back in and see if the issue clears.
ASKER
If they are using a roaming profile, wont that mess up their connection to their documents and desktop?
You can copy those items back over once the new profile is created and confirmed as being fixed. There is likely something else within the user profile settings that's causing the issue, but it could take hours to identify. This step will tell you for sure it is something specific to the profile and you can decide whether you go back to the original profile and troubleshoot or copy over all the documents, desktop, and favorites, setup outlook printers and whatnot, then continue on from there.
Is WiFi turned on?
Has the user enabled a WiFi access point?
Since both of those addresses are internal IPs from an internal DHCP server, it seems like 2 different adapters are contacting your DHCP server(s), requesting and getting an IP and DNS server entry.
Has the user enabled a WiFi access point?
Since both of those addresses are internal IPs from an internal DHCP server, it seems like 2 different adapters are contacting your DHCP server(s), requesting and getting an IP and DNS server entry.
ASKER
The user computer only has 1 network connection which is wired. I tried renewing her profile to no success.
I did notice that when I ran an ipconfig it has 2 ipv4 address, and one happens to he the DNS the computer keeps picking up. The server has 2 network adapters but the one is off and all the boxes in properties are unchecked. Why is it there? And how can I remove it? Thanks
I did notice that when I ran an ipconfig it has 2 ipv4 address, and one happens to he the DNS the computer keeps picking up. The server has 2 network adapters but the one is off and all the boxes in properties are unchecked. Why is it there? And how can I remove it? Thanks
Are you saying that the user's machine has two IP addresses? If so, are they bound to two different adapters or the same adapter?
ASKER
No the server has to Ipv4 address's, even though the second network adapter is disabled and not plugged in.
So the user's machine ends up trying to use the wrong address as a DNS server? If so, is it getting its DNS server list through DHCP?
ASKER
Yes exactly that! But the user computer has the DNS setup manually, so that is why its very confusing that it is using that second ipv4 on the server. No one else has this issue.
Would you mind posting the output of ipconfig /all on the server and the client?
ASKER
Microsoft Windows [Version 6.1.7600]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.
C:\Users\Administrator>ipc
Windows IP Configuration
Host Name . . . . . . . . . . . . : SERVER
Primary Dns Suffix . . . . . . . : domain.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : domain.local
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom BCM5716C NetXtreme II GigE (NDIS
VBD Client)
Physical Address. . . . . . . . . : 90-B1-1C-16-44-8C
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::3783:b59e:a3b1:bec%1
Link-local IPv6 Address . . . . . : fe80::cdd2:cba0:3755:7c04%
IPv4 Address. . . . . . . . . . . : 10.1.10.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
IPv4 Address. . . . . . . . . . . : 192.168.1.11(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 244363548
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-3B-2C-80-90
DNS Servers . . . . . . . . . . . : fe80::3783:b59e:a3b1:bec%1
192.168.1.11
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter isatap.{D4BCE0C7-9557-4EA8
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 11:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Copyright (c) 2009 Microsoft Corporation. All rights reserved.
C:\Users\Administrator>ipc
Windows IP Configuration
Host Name . . . . . . . . . . . . : SERVER
Primary Dns Suffix . . . . . . . : domain.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : domain.local
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom BCM5716C NetXtreme II GigE (NDIS
VBD Client)
Physical Address. . . . . . . . . : 90-B1-1C-16-44-8C
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::3783:b59e:a3b1:bec%1
Link-local IPv6 Address . . . . . : fe80::cdd2:cba0:3755:7c04%
IPv4 Address. . . . . . . . . . . : 10.1.10.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
IPv4 Address. . . . . . . . . . . : 192.168.1.11(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 244363548
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-3B-2C-80-90
DNS Servers . . . . . . . . . . . : fe80::3783:b59e:a3b1:bec%1
192.168.1.11
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter isatap.{D4BCE0C7-9557-4EA8
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 11:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
How do i remove the wrong ip address 10.x.x.x manually from their machine?
Is that 10.x.x.x address needed on the server at all?
ASKER
As far as i know not at all. The server ip is 192.168.x.x and the 10.x.x.x is doing nothing that i setup
You can remove it from the advanced TCP/IP properties of the server's adapter. Open the adapter's properties window, then select TCP/IPv4 and click Properties. In that properties window, click Advanced, and you should see both addresses in the IP Addresses field. Remove the 10.x.x.x address and click OK until all properties windows are closed.
Removing it from the server is a good place to start, but that may not clear up the issue on the client. I'm not really sure where the client would be obtaining that address, to be honest, especially if the client's DNS servers are configured manually and the bogus address only shows up when a particular user is logged in. You can try searching the client's registry for that address, I suppose. Maybe it'll show up in an odd location...
Removing it from the server is a good place to start, but that may not clear up the issue on the client. I'm not really sure where the client would be obtaining that address, to be honest, especially if the client's DNS servers are configured manually and the bogus address only shows up when a particular user is logged in. You can try searching the client's registry for that address, I suppose. Maybe it'll show up in an odd location...
ASKER
Okay i will check the registry. because in the advance tab only the 192.x.x.x is showing up, which is why i'am super confused right now.
ASKER
I just set it to automatically find the DNS and so far it seems to be working as intended. Why would setting it manually cause it to find the WRONG one? Seems working for now (only 1 restart so far, user is busy) but i cant rule it fixed just yet. Thanks for the help :)
No problem. I really don't know why setting it manually would cause it to use the wrong address, unless there was something goofy in the registry somewhere. Did searching for that address turn up anything?
ASKER
Welp, while the user was working it just did it again, I will be checking the registry at 530
When they are done working and will post my findings
When they are done working and will post my findings
ASKER
Also no registry entries have that IP address in them on the user machine
setting a DNS server IP manually will add it, in addition to the settings being pushed by the DHCP server. So both will show up.
Typically used if there is a secondary DNS available that is not listed in DHCP server.
Typically used if there is a secondary DNS available that is not listed in DHCP server.
ASKER
The solution he provided helped me solve the issue