ClearFoundation Tracker - ClearOS
View Issue Details
0014521ClearOSapp-dns - DNS Serverpublic2017-04-25 11:272017-05-10 09:10
user2 
user2 
normalfeaturealways
closedfixed 
7.3.1 
7.3.1 Updates7.3.1 Updates 
0014521: Add extra DNS resolution for primary domain membership in DNSMasq on creation
The best practices for Active Directory connector should have the option for adding the split horizon DNS for the AD domain controller.

This should be maintained on the join of the domain as a preliminary step and a DNS check can be made to validate that the information is correct before committing the join.

The new field is optional but if specified will perform the following validation check:

New Fields: AD DNS Server 1, AD DNS Server 2

AD DNS Server 1 = dns1
AD DNS Server 2 = dns2
AD Realm = var1
Domain Controller = var2

Validation check:

var1 = tolower(var1)
var2 = tolower(var2)

dig @${dns1} srv _ldap._tcp.dc._msdcs.${var1}

This must yield matches for the the $var2 on the answer section line.

If it does not, the configuration is INVALID.

If the value is valid then the add of the DNS configuration should be made preceeding the domain join:

/etc/dnsmasq.conf:

server=/${var1}/${dns1}
server=/${var1}/${dns2}

DNSMasq should be reloaded before the join.

For more information, see these guides:

https://www.clearos.com/resources/documentation/clearos/content:en_us:kb_o_splitting_dns_cache_to_use_specific_dns_server_for_domains [^]

https://www.clearos.com/resources/documentation/clearos/content:en_us:kb_troubleshooting_the_ad_connector [^]

No tags attached.
Issue History
2017-04-25 11:27user2New Issue
2017-04-25 11:27user2Issue generated from: 0014511
2017-04-25 11:28user2Statusnew => confirmed
2017-04-25 11:50user2Statusconfirmed => resolved
2017-04-25 11:50user2Fixed in Version => 7.3.1 Updates
2017-04-25 11:50user2Resolutionopen => fixed
2017-04-25 11:50user2Assigned To => user2
2017-05-04 10:15user2Product Version => 7.3.1
2017-05-04 10:15user2Target Version => 7.3.1 Updates
2017-05-10 09:10user2Statusresolved => closed

There are no notes attached to this issue.