5429 Views 9 Replies Latest reply: Dec 8, 2009 3:01 AM by Lazken
I'm thinking it could be a problem in my DNS setup
my server name's caesar, the domain is mydomain.com
I have 2 primary zones:
*caesar:~ admin$ nslookup caesar 192.168.1.10*
* server can't find caesar: NXDOMAIN*
does not work,
*caesar:~ admin$ nslookup caesar.mydomain.com 192.168.1.10*
*caesar:~ admin$ nslookup 192.168.1.10 192.168.1.10*
*10.1.168.192.in-addr.arpa name = caesar.mydomain.com.*
the old DNS server is still running on the old server, "Idefix" at 192.168.1.13,
where the opendirectory and kerberos and mail used to run. Those things have been migrated to caesar.
The idea is to have the DNS service also moved to caesar.
Kerberos was first configured/initialized with idefix as DNS.
point of intrest maybe, on the old dns server(idefix) nslookup gives the same results as the new one.
perhaps also good to know is that for the mail, I have to add aliases in Open directory manager for each user as email@example.com or their email adress is firstname.lastname@example.org as this is annoying, I figured the problem lied with the DNS, noticed it was still running off the old server, tried to change it, noticed all kerberos authentication failing.
Hi Lazken, I suspect your issues are more than DNS but also with your OD setup.
What do you get if you type
in the terminal?
sudo changeip -checkhostname
if everything is ok you should get something like
Primary address = 192.168.1.10
Current HostName = server.domain
DNS HostName = server.domain
The names match. There is nothing to change.
How was the migration from idefix to caesar done?
that's exactly when checkhostname does,
I had it working for a bit, everything was running smooth, even with idefix offline.
Today, I needed to add some DNS records, for some internal servers
I added a primary zone randomdomain.com
and added a machine to that with the appropriate ip. This was however not a solution to the issue I was facing. I also added a line to the /etc/hosts file.
I then deleted that line again, and also removed the newly created zone.
Since these changes to the DNS, kerberos is failing once again. I changed the DNS back to idefix for now, but Im going to need to solve this.
How can just editing your DNS zones result in kerberos going loony?
thanks in advance for the effort!