Help

DHCP DNS being overwritten as 127.0.0.1

Go to solution
CoryCooper
New Contributor III

Posted on ‎07-27-2021 12:19 PM

Hi All,

We are having some issues with iMacs in a school lab. We are updating them over the summer, and encountering a DNS issue that is preventing them from contacting Self Service. They are managed and supervised

They are all AD bound, connected with profile to Wi-Fi using SCEP and DHCP. They can ping outside domains such as google.com, apple.com, and our internal DNS gateway and servers.

 

When in Network prefs > Wi-Fi > DNS, our internal DNS is replaced by 127.0.0.1. If we delete that manual entry, it shows the correct DHCP DNS server for a few secs, then repopulates it with 127.0.0.1.

 

Have tried the following:

-Unbinding for AD and rebinding

-New network location

-Multiple Wi-Fi networks

-Edited/replaced hosts and resolv.conf files

-No software installed in lab or on the iMacs that can cause it

-No one but our group has admin accounts/privileges

 

Any ideas other than wiping?

0 Kudos
1 ACCEPTED SOLUTION

Go to solution
CoryCooper
New Contributor III

Posted on ‎08-02-2021 05:15 AM

Hi All,

I finally identified the culprit - it was a software agent for a filtering system we use. Originally, we used it with an onprem device, but now use it exclusively with their cloud-based solution. Uninstalling it restores the DHCP DNS to normal operation, without any overwriting.

Thanks to all who responded - stay healthy and safe everyone!

View solution in original post

7 REPLIES 7

Go to solution
bpavlov
Honored Contributor

Posted on ‎07-27-2021 12:32 PM

Are you using a DNS filtering application like Cisco Umbrella? I imagine that might be what's setting your DNS to 127.0.0.1.

0 Kudos

Go to solution
CoryCooper
New Contributor III

Posted on ‎07-27-2021 01:15 PM

Hi,

 

Not that I know of. The weird thing is it only affects one lab of Macs, not all of them. The lab next door is fine, and the two other s in the building are fine as well.

Our network folks took a look, and nothing is set any differently for that lab, and nothing has changed recently.

0 Kudos

Go to solution
CoryCooper
New Contributor III

Posted on ‎07-27-2021 01:29 PM

BTW - they will not connect to Jamf Pro via Terminal or using Jamf  Remote to recon or re-enroll.

0 Kudos

Go to solution
mainelysteve
Valued Contributor II

Posted on ‎07-28-2021 06:29 AM

You mentioned using a profile to configure your WiFi setting. Have you gone through and perhaps excluded one of your clients from everything including that Wifi config profile? Get it down to just the MDM profile and the Jamf Binary and then re-include one policy and config profile at time until the culprit is found.

0 Kudos

Go to solution
CoryCooper
New Contributor III

Posted on ‎07-29-2021 11:26 AM

Hi,

 

Yes, I actually wiped a few of them to try that very thing...will let you know if that helps.

 

Thanks!

0 Kudos

Go to solution
CoryCooper
New Contributor III

Posted on ‎08-01-2021 02:47 PM

The iMacs that were wiped and setup again no longer have the issue. Seems like some piece of software installed on them may be causing it.

Still working on it...

0 Kudos

Go to solution
CoryCooper
New Contributor III

Posted on ‎08-02-2021 05:15 AM

Hi All,

I finally identified the culprit - it was a software agent for a filtering system we use. Originally, we used it with an onprem device, but now use it exclusively with their cloud-based solution. Uninstalling it restores the DHCP DNS to normal operation, without any overwriting.

Thanks to all who responded - stay healthy and safe everyone!