Trying to ping a laptop from Domain Controller, won't work with hostname, showing wrong IP.  Can ping the actual IP of the laptop though.

g8rcub
g8rcub used Ask the Experts™
on
I have a laptop here I recently reloaded with W10 for a user.  I am trying to deploy ESET antivirus through the admin console.  ESET is installed on our backup DC (DC02).  The agent deploy task kept failing so I went to the machine and was able to ping the DC hostname from the laptop but from the DC, I can't ping the laptop if I use the hostname, it fails because it is trying to ping the wrong address (192.168.1.136).  The IP of the laptop is 192.168.1.122 and when I ping that, I do get a response (this is the network adapter address, not wifi).

I flushed the DNS on both DCs and tried again but it is still seeing the laptop with the wrong IP.  192.168.1.136 isn't a used IP right now, it is nowhere on the network.  I removed the laptop from the domain, removed it from AD and from ESET, shut it down, flushed the DNS on the DCs again.  Started the laptop up, joined the domain (it pulled the same 192.168.1.122 address from the network adapter), moved the laptop into the correct folder in AD, sync'd AD with ESET, tried to push the agent again but it failed.

I went back to the DC and it is still associating the hostname of the laptop to 192.168.1.136.

Any ideas on what else to try? I can't deploy the laptop until I have ESET on it.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Top Expert 2014
Commented:
Flushing DNS only clears the cache.  It doesn't really change anything when you have a record on a server.  You need to modify the A record on the server which corresponds with the laptop.  So delete the existing record.  Then you can either recreate it manually, or if you have dynamic registration working you can run ipconfig /registerdns on the laptop (or ipconfig /renew if you have DHCP set to register your records) to have the record recreated.
Top Expert 2015

Commented:
Agree with footech.  Delete the laptop's A record from the DNS manager then just do ipconfig /renew for DHCP to re-register the laptop's host name with the IP........assuming the laptop is DHCP configured.

Also, ensure that you don't have a static DHCP assignment for the laptop's MAC address with ip address 192.168.1.136

Author

Commented:
Thank you!  How do I go about deleting the computers A record?

Do I do this from the primary or backup DC?  I am digging around in DNS manager but I can't find the laptop.
Ensure you’re charging the right price for your IT

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

Philip ElderTechnical Architect - HA/Compute/Storage

Commented:
Where is DHCP set up on the network?

Author

Commented:
DHCP is set up on the primary domain controller

Author

Commented:
So I went into DHCP manager and into the address leases and found that 192.168.1.136 is registered to another user's apple watch.
Philip ElderTechnical Architect - HA/Compute/Storage

Commented:
Okay, then in the DHCP console server's properties under the Advanced tab is a spot to enter a set of credentials. Those credentials are used to update DNS with the correct IP address once a device IP has expired and been renewed.

Author

Commented:
I don't see any advanced tab in the DHCP console.

Just:
Scope: and in that folder:
Address pool
Address Leases
Reservations
Scope OPtions
Policies

Then other foldersL:
Server Options
Policies
Filters
Top Expert 2014

Commented:
Unless the DHCP server is configured with the proper settings to register all records for clients (not the default), then clients will try to register their own A record.  That gets into a much larger discussion than I think is necessary to resolve your immediate problem.

What likely happened was that the laptop was connected via wifi, it registered an A record for the name pointing at 192.168.1.136 (because that's the IP it was assigned), then the laptop was switched to ethernet, it got a new IP (192.168.1.122) and tried to register/update the record but couldn't (or the NIC was previously connected and already had a lease for 192.168.1.122, so no need to renew when it was connected again, etc.).  This results in a stale DNS record which either should be manually deleted or scavenged automatically (if you have scavenging configured) after some period of time.  The laptop then remained connected to ethernet, the DHCP lease for the wifi interface expired and was removed, then an Apple Watch came along and was issued the IP.

You said you couldn't find the A record for the laptop, but if you see the record when you run a command like nslookup laptopName then it's there.  It would be present under the Forward Lookup Zone that corresponds with your Active Directory domain name.  That zone should have a type of "Active Directory-Integrated Primary", which is multi-master, meaning you should be able to make changes to it on any DC/DNS.

Author

Commented:
Yes I think that is exactly what happened.  I had it connected to wifi at first but then connected directly to Ethernet when I was running updates.  But I released both IP's and I haven't connected it to wifi since yesterday.

When I go into DNS manager - Forward lookup zones I see my domain company.local but there are only a few choices:

Start of Authority (says hostmaster.company.local), 2 name servers, an alias (CNAME) and  Host (A) that is from our old exchange server.

When I go into the properties of any of them there are no computers shown, just tab choices like WINS, Zone Transfers, Security, General, SOA, Name Severs.  The only place I saw the laptop name was in DHCP manager.
Top Expert 2014

Commented:
Run this command on the DC and post the results here.
nslookup laptopname

Author

Commented:
I finally found the area in DNS Manager - forward lookup zones to delete the record.  I don't know why I couldn't find that the other day, my apologies.

Thank you so much for all the help on this.  I was able to delete the .136 record, renewed and let the laptop pull a new IP, and checked the DC's which are now showing the correct IP.  I was able to remotely install the antivirus agent and program this morning.  Thanks again!
Top Expert 2014

Commented:
Glad to help.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial