Link to home
Start Free TrialLog in
Avatar of TechGuy_007
TechGuy_007Flag for United States of America

asked on

Cannot Change Local DNS

I have a set of computers running Windows 7 Professional on a domain network where their DNS server is manually set in the network adapter to 127.0.0.1. These computers function properly with no issue; however, when I attempt to change this to "Obtain DNS server address automatically" to grab what DHCP hands out it automatically reverts back to the manual setting. I have never seen this before and I am unsure how it works. I'm assuming it has something to do with an AS400 that is onsite.
Avatar of Edward Pamias
Edward Pamias
Flag of United States of America image

Are you using DHCP to grab the IP address, and manually setting the DNS Settings?

Try this to reset the IP stack.

netsh int ip reset C:\temp\ip.log
Avatar of TechGuy_007

ASKER

The computer is grabbing IP addresses from DHCP. The DNS is manually set but when I tell it to grab the DNS from the DHCP server automatically and hit apply it reverts back to the manual setting by itself as if someone went into the network adapter and selected "Use the following DNS server address" and entered the IP.
If these computers are in a domain, then its getting its orders from the domain controller via group policy
Did you try resetting the IP stack with the command line above? Open a command prompt and past this in there...

netsh int ip reset C:\temp\ip.log


Also, I was just reading it that it may be malware causing your issue. Run a scan using Malwarebytes or the software of your choice.
I have checked group policy and I don't see anything set to change the DNS servers. It's also only with a handful of computers here, not all of them. This is a preexisting setup and I believe it's set that way for a reason, I just don't understand how it works. I've looked through the programs on the machines as well as group policy. I will reset the IP stack as well as running Malwarebytes and let you know what I find.
ASKER CERTIFIED SOLUTION
Avatar of Gary Patterson, CISSP
Gary Patterson, CISSP
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
log on to the coputer in safe mode and change the dns, if it works, then as mention above you have malware and need to scrub your machine. In the mean time I would remove those machines from the network and isolate them.
Great idea! I was able to find what was causing the DNS to switch. the process controlling the DNS was dnscrypt-proxy.exe which lead me to this site https://dnscrypt.org/#dnscrypt-proxy

Thanks for all the help!
How did you find the process that was causing the DNS to switch?