Linux - SoftwareThis forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
I am implementing virtual servers using Active Directory as LDAP source. I have had success with the user accounts (though it stopped working last week). Now I want to set up computer name resolution without maintaining individual host files on each Linux guest server. My resolve.conf points to Google public dns, but I need to resolve my internal servers by name internally. I added the computers in my Active Directory within the local domain container. I set the Unix Atrributes for nisplus to my internal container that also has my user accounts and put in the static IP address as appropriate.
in nsswitch.conf I have "hosts: files dns". Do I need to add nisplus?
what has any of this got to do with ldap? should you not just be using the DNS services provided by AD? Your servers should never be going to an external DNS service, AD should be forwarding public requests centrally.
Nothing to do with Networking - moved to Linux - Software.
changed nameservers in resolv.conf to my primary and backup Active Directory servers. Verified that they would forward for external resolution by "dig @<AD IP address> cnn.com" and got affirmative response.
Rebooted server server. Still cannot resolve a name.
You are not using NIS, so there is no need to include that in nsswitch.conf. If you are implementing Linux servers using AD as an LDAP directory, then you can just hit it with the stock LDAP client and command line tools on either port 389 or port 3268.
If you get no response for DNS name resolution from the DCs, check the iptables config with an "iptables -L" and check the host-based firewall on the Windows DC and any intermediate device, such as an ASA, between the hosts. If the DC is Server 2008, try a "netsh advfirewall set allprofiles state off" and then try to hit it from the Linux host again.