Skip to main content
Solved

DHCP DNS being overwritten as 127.0.0.1

  • July 27, 2021
  • 7 replies
  • 79 views
C
Forum|alt.badge.img+6

Hi All,

We are having some issues with iMacs in a school lab. We are updating them over the summer, and encountering a DNS issue that is preventing them from contacting Self Service. They are managed and supervised

They are all AD bound, connected with profile to Wi-Fi using SCEP and DHCP. They can ping outside domains such as google.com, apple.com, and our internal DNS gateway and servers.

 

When in Network prefs > Wi-Fi > DNS, our internal DNS is replaced by 127.0.0.1. If we delete that manual entry, it shows the correct DHCP DNS server for a few secs, then repopulates it with 127.0.0.1.

 

Have tried the following:

-Unbinding for AD and rebinding

-New network location

-Multiple Wi-Fi networks

-Edited/replaced hosts and resolv.conf files

-No software installed in lab or on the iMacs that can cause it

-No one but our group has admin accounts/privileges

 

Any ideas other than wiping?

Best answer by CoryCooper

Hi All,

I finally identified the culprit - it was a software agent for a filtering system we use. Originally, we used it with an onprem device, but now use it exclusively with their cloud-based solution. Uninstalling it restores the DHCP DNS to normal operation, without any overwriting.

Thanks to all who responded - stay healthy and safe everyone!

    7 replies

    bpavlov
    Forum|alt.badge.img+18
    • bpavlov
    • Esteemed Contributor
    • July 27, 2021

    Are you using a DNS filtering application like Cisco Umbrella? I imagine that might be what's setting your DNS to 127.0.0.1.

    C
    Forum|alt.badge.img+6
    • CoryCooper
    • Author
    • Contributor
    • July 27, 2021

    Hi,

     

    Not that I know of. The weird thing is it only affects one lab of Macs, not all of them. The lab next door is fine, and the two other s in the building are fine as well.

    Our network folks took a look, and nothing is set any differently for that lab, and nothing has changed recently.

    C
    Forum|alt.badge.img+6
    • CoryCooper
    • Author
    • Contributor
    • July 27, 2021

    BTW - they will not connect to Jamf Pro via Terminal or using Jamf  Remote to recon or re-enroll.

    M
    Forum|alt.badge.img+16
    • mainelysteve
    • Contributor
    • July 28, 2021

    You mentioned using a profile to configure your WiFi setting. Have you gone through and perhaps excluded one of your clients from everything including that Wifi config profile? Get it down to just the MDM profile and the Jamf Binary and then re-include one policy and config profile at time until the culprit is found.

    C
    Forum|alt.badge.img+6
    • CoryCooper
    • Author
    • Contributor
    • July 29, 2021

    Hi,

     

    Yes, I actually wiped a few of them to try that very thing...will let you know if that helps.

     

    Thanks!

    C
    Forum|alt.badge.img+6
    • CoryCooper
    • Author
    • Contributor
    • August 1, 2021

    The iMacs that were wiped and setup again no longer have the issue. Seems like some piece of software installed on them may be causing it.

    Still working on it...

    C
    Forum|alt.badge.img+6
    • CoryCooper
    • Author
    • Contributor
    • Answer
    • August 2, 2021

    Hi All,

    I finally identified the culprit - it was a software agent for a filtering system we use. Originally, we used it with an onprem device, but now use it exclusively with their cloud-based solution. Uninstalling it restores the DHCP DNS to normal operation, without any overwriting.

    Thanks to all who responded - stay healthy and safe everyone!

      Terms & ConditionsCookie settingsAccessibility statement