DNS Forward Lookup Zone False IP

Everytime a certain user (Only one) logs into their computer, the server adds a fake DNS entry for the ip address.
Basically the server ip is 192.168.x.x but once they log on a second entry shows up, 10.1.x.x
It has never happened before and the network is over a year old, what can i do to stop this entry from appearing? It is sending her computer to the wrong IP and she cannot get outlook or server access. Thanks for reading!
oblacknovaAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

piattndCommented:
Log on as administrator and rename the local profile.  If you use a roaming profile, rename that as well.  Have the user log back in and see if the issue clears.
0
oblacknovaAuthor Commented:
If they are using a roaming profile, wont that mess up their connection to their documents and desktop?
0
piattndCommented:
You can copy those items back over once the new profile is created and confirmed as being fixed.  There is likely something else within the user profile settings that's causing the issue, but it could take hours to identify.  This step will tell you for sure it is something specific to the profile and you can decide whether you go back to the original profile and troubleshoot or copy over all the documents, desktop, and favorites, setup outlook printers and whatnot, then continue on from there.
0
Powerful Yet Easy-to-Use Network Monitoring

Identify excessive bandwidth utilization or unexpected application traffic with SolarWinds Bandwidth Analyzer Pack.

Ugo MenaCommented:
Is WiFi turned on?
Has the user enabled a WiFi access point?

Since both of those addresses are internal IPs from an internal DHCP server, it seems like 2 different adapters are contacting your DHCP server(s), requesting and getting an IP and DNS server entry.
0
oblacknovaAuthor Commented:
The user computer only has 1 network connection which is wired. I tried renewing her profile to no success.
I did notice that when I ran an ipconfig it has 2 ipv4 address, and one happens to he the DNS the computer keeps picking up. The server has 2 network adapters but the one is off and all the boxes in properties are unchecked. Why is it there? And how can I remove it? Thanks
0
DrDave242Commented:
Are you saying that the user's machine has two IP addresses? If so, are they bound to two different adapters or the same adapter?
0
oblacknovaAuthor Commented:
No the server has to Ipv4 address's, even though the second network adapter is disabled and not plugged in.
0
DrDave242Commented:
So the user's machine ends up trying to use the wrong address as a DNS server?  If so, is it getting its DNS server list through DHCP?
0
oblacknovaAuthor Commented:
Yes exactly that! But the user computer has the DNS setup manually, so that is why its very confusing that it is using that second ipv4 on the server. No one else has this issue.
0
DrDave242Commented:
Would you mind posting the output of ipconfig /all on the server and the client?
0
oblacknovaAuthor Commented:
Microsoft Windows [Version 6.1.7600]
Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

C:\Users\Administrator>ipconfig /all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : SERVER
   Primary Dns Suffix  . . . . . . . : domain.local
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : domain.local

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom BCM5716C NetXtreme II GigE (NDIS
 VBD Client)
   Physical Address. . . . . . . . . : 90-B1-1C-16-44-8C
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::3783:b59e:a3b1:bec%11(Preferred)
   Link-local IPv6 Address . . . . . : fe80::cdd2:cba0:3755:7c04%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 10.1.10.2(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   IPv4 Address. . . . . . . . . . . : 192.168.1.11(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 244363548
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-3B-2C-80-90-B1-1C-16-44-8C

   DNS Servers . . . . . . . . . . . : fe80::3783:b59e:a3b1:bec%11
                                       192.168.1.11
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{D4BCE0C7-9557-4EA8-A66F-6727EA55B463}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
0
Ugo MenaCommented:
You will probably need to remove the Preferred DNS IP (10.x.x.x) within the client's manual settings and set DNS to (Obtain DNS server address automatically).

If IP is automatically assigned, the DNS servers should be too. That will let the DHCP serve out the correct (preferred) DNS server address.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
oblacknovaAuthor Commented:
How do i remove the wrong ip address 10.x.x.x manually from their machine?
0
DrDave242Commented:
Is that 10.x.x.x address needed on the server at all?
0
oblacknovaAuthor Commented:
As far as i know not at all. The server ip is 192.168.x.x and the 10.x.x.x is doing nothing that i setup
0
DrDave242Commented:
You can remove it from the advanced TCP/IP properties of the server's adapter. Open the adapter's properties window, then select TCP/IPv4 and click Properties. In that properties window, click Advanced, and you should see both addresses in the IP Addresses field. Remove the 10.x.x.x address and click OK until all properties windows are closed.

Removing it from the server is a good place to start, but that may not clear up the issue on the client. I'm not really sure where the client would be obtaining that address, to be honest, especially if the client's DNS servers are configured manually and the bogus address only shows up when a particular user is logged in. You can try searching the client's registry for that address, I suppose. Maybe it'll show up in an odd location...
0
oblacknovaAuthor Commented:
Okay i will check the registry. because in the advance tab only the 192.x.x.x is showing up, which is why i'am super confused right now.
0
oblacknovaAuthor Commented:
I just set it to automatically find the DNS and so far it seems to be working as intended. Why would setting it manually cause it to find the WRONG one? Seems working for now (only 1 restart so far, user is busy) but i cant rule it fixed just yet. Thanks for the help :)
0
DrDave242Commented:
No problem. I really don't know why setting it manually would cause it to use the wrong address, unless there was something goofy in the registry somewhere. Did searching for that address turn up anything?
0
oblacknovaAuthor Commented:
Welp, while the user was working it just did it again, I will be checking the registry at 530
When they are done working and will post my findings
0
oblacknovaAuthor Commented:
Also no registry entries have that IP address in them on the user machine
0
Ugo MenaCommented:
setting a DNS server IP manually will add it, in addition to the settings being pushed by the DHCP server. So both will show up.

Typically used if there is a secondary DNS available that is not listed in DHCP server.
0
oblacknovaAuthor Commented:
The solution he provided helped me solve the issue
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Legacy OS

From novice to tech pro — start learning today.