03-27-2017 12:40 PM
I have several employees who suddenly cannot access the office home page. The ATT DNS "Assist" page opens instead.
If AT&T wants to redirect 404 errors for their customers, that's their business. But when my employees come into the office (not on AT&T internet) and cannot access our internal webserver because their DNS has been hijacked. That is a problem.
What is the fix for this?
Why has AT&T decided it's OK to override ANY computer's DNS functionality to earn a few pennies from YAHOO! (of all places) search?
03-28-2017 6:12 AM
Can provide more infomation on this issue? Send us links and screenshot of the errors your employees are getting with this issue. That may help us understand to provide a solution.
- edited 04-05-2017 11:03 AM
We are having this exact issue, 2 employees who were on an ATT network at one of their parents homes came in Monday and can no longer reach any of our internal resources via Internet Explorer without getting redirected to the DNS Assist page. Went through all the standard TS stuff, setting DNS servers statically, flush/register DNS, and have found the issue:
1. Only occurs with Internet Explorer
2. Is isolated to the profile that was used on the ATT network, if i log in with my account everything works fine.
Ive checked for alterations to the TARGET line in their IE shortcuts, Add-Ons, scripts in task manager, reset IE to defaults, etc and still cant get this DNS hijack to go away.
04-05-2017 1:27 PM
We are sorry about the issues. Hopefully, everything starts working correctly, but if not, you may want to disable it. Here is a post that goes over it.
04-28-2017 9:00 AM
This is an issue for many companies. Opting out of the service isn't a resolution. We need a fix that can be applied at the time it happens. Asking the end user to opt out when they need access to the company resources NOW isn't a fix. We have this issue with several users, it comes and goes. Different behavior with different users. Our VP has had this issue multiple times. Can you please escalate this to your technical teams and post a KB on how to resolve it.
05-01-2017 8:51 AM
DNS error assist is there to help when the DNS entry is not taking you to the right location. To correct it, you can look to make sure the DNS is populated correctly, and if it is, and still taking you to the catch site, the only thing that can be done is work on making sure the DNS servers are mapping correctly or turning off the DNS error assist.
05-02-2017 10:39 AM
Our business is experiencing the same issue. I agree that asking each user to sign into their AT&T account to disable this "feature" is not a valid solution. We have hundreds of users and our help desk is dealing with this frequently. Opting out can take up to 48 hours, so this is a major impact to our productivity/business.
When you say "make sure the DNS servers are mapping correctly", what exactly do you mean? When a user connects to the internal network, they obtain DHCP and that sets the correct local DNS server (confirmed). When they open a browser to request "intranet.domain.com", the specified DNS server looks for the record and finds a match, and returns the appropriate IP address (confirmed). This all works for other browsers and network tools/commands like "nslookup" (confirmed, and stated by other posts above). The only thing that fails is Internet Explorer, which tells me that AT&T has modified the browser or traffic in some way. If so, this is a major breach of consumer confidence, and we need to know exactly what is changed (i.e. registry entries) to undo the changes! If AT&T claims this is not a physical change to IE, then AT&T needs to explain exactly how "DNS assist" works so that we can configure our networks to avoid/block it, and so that AT&T engineers can implement a fix.
I had one of our techs call in about this issue over the weekend and spent over 2 hours with support, and the only solution that could be provided by AT&T was to "opt out". This issue needs to be escalated within AT&T as soon as possible so that the appropriate engineers can post the root cause.
05-02-2017 10:57 AM
With the DNS error assist, the way it was meant to function was to route you to that page if the DNS entry is suspicious or the website it is mapping to is not correct. If you notice this consistently with one page, then it may be an issue with how AT&T's DNS servers are handling the request to that one page, and you want to ensure that page's Reverse DNS entries are good. It sounds like you have, and the other problem could just be an issue with the DNS servers at AT&T. Let us know if you see consistent issues to a page and we can look into it.
05-02-2017 1:44 PM
I think we all are experiencing consistent issues with specific entries. What I'm not understanding is your DNS servers should have nothing to do with these requests. Users are internal, the DNS servers are internal, and the end server is internal. The DNS request should never leave our network, and yet somehow Internet Explorer is intercepting the request and using the DNS Assist. Of course AT&T can't get to it because it is not a public DNS entry, nor do we allow external access. So the question remains, how does DNS Assist intercept the traffic when the request is supposed to be internal only.
I did experiment with a problem machine, and the following fixed the issue (at least temporarily)
- Removed ATT.net entry in network adapter DNS suffixes. Apparently this is added automatically for AT&T users
- deleted all entries in registry that said "attdnsassist.net".
- Cleared IE history
- Re-launched IE
Can anyone else confirm a combination of these changes resolve the issue? Is the DNS suffix the root cause? It is last in the list so I doubt it would cause issues, but seems to be the only culprit.
FYI - I'm willing to share our specific domain with ATT support via private message.
06-01-2017 8:47 AM
ATT needs to explain exactly how this works. If it is bypassing internal DNS servers specified by DHCP, it is broken and little more than malware. What modifications are being made and where?
06-21-2017 4:12 AM
NO this did not fix it.. I am at work and cannot function because of this.. some of my sites are not compatible with browsers other than IE.. I am an IT security analyst and this is ridiculous! to say the least.. anyone have a fix.. ATT.. I have words for you on this and they are NOT good!!!!!!!
06-27-2017 5:56 AM
We had the same issue in corporate environment and are currently testing something with success-- check the option to look for updated version of the webpage every time IE starts-- this should resolve the issue.
My theory is that the intranet page errors while they're using their home internet and that error page gets cached so it appears once they've arrived back at work on the work network.
This may be something to consider changing through GPO company wide to prevent it altogether.
Best of luck!