DHCP DNS being overwritten as 127.0.0.1

CoryCooper
New Contributor III

Hi All,

We are having some issues with iMacs in a school lab. We are updating them over the summer, and encountering a DNS issue that is preventing them from contacting Self Service. They are managed and supervised

They are all AD bound, connected with profile to Wi-Fi using SCEP and DHCP. They can ping outside domains such as google.com, apple.com, and our internal DNS gateway and servers.

 

When in Network prefs > Wi-Fi > DNS, our internal DNS is replaced by 127.0.0.1. If we delete that manual entry, it shows the correct DHCP DNS server for a few secs, then repopulates it with 127.0.0.1.

 

Have tried the following:

-Unbinding for AD and rebinding

-New network location

-Multiple Wi-Fi networks

-Edited/replaced hosts and resolv.conf files

-No software installed in lab or on the iMacs that can cause it

-No one but our group has admin accounts/privileges

 

Any ideas other than wiping?

1 ACCEPTED SOLUTION

CoryCooper
New Contributor III

Hi All,

I finally identified the culprit - it was a software agent for a filtering system we use. Originally, we used it with an onprem device, but now use it exclusively with their cloud-based solution. Uninstalling it restores the DHCP DNS to normal operation, without any overwriting.

Thanks to all who responded - stay healthy and safe everyone!

View solution in original post

7 REPLIES 7

bpavlov
Honored Contributor

Are you using a DNS filtering application like Cisco Umbrella? I imagine that might be what's setting your DNS to 127.0.0.1.

CoryCooper
New Contributor III

Hi,

 

Not that I know of. The weird thing is it only affects one lab of Macs, not all of them. The lab next door is fine, and the two other s in the building are fine as well.

Our network folks took a look, and nothing is set any differently for that lab, and nothing has changed recently.

CoryCooper
New Contributor III

BTW - they will not connect to Jamf Pro via Terminal or using Jamf  Remote to recon or re-enroll.

mainelysteve
Valued Contributor II

You mentioned using a profile to configure your WiFi setting. Have you gone through and perhaps excluded one of your clients from everything including that Wifi config profile? Get it down to just the MDM profile and the Jamf Binary and then re-include one policy and config profile at time until the culprit is found.

CoryCooper
New Contributor III

Hi,

 

Yes, I actually wiped a few of them to try that very thing...will let you know if that helps.

 

Thanks!

CoryCooper
New Contributor III

The iMacs that were wiped and setup again no longer have the issue. Seems like some piece of software installed on them may be causing it.

Still working on it...

CoryCooper
New Contributor III

Hi All,

I finally identified the culprit - it was a software agent for a filtering system we use. Originally, we used it with an onprem device, but now use it exclusively with their cloud-based solution. Uninstalling it restores the DHCP DNS to normal operation, without any overwriting.

Thanks to all who responded - stay healthy and safe everyone!