I have a domain controller that I've just set up. As far as I can tell everything is working ok, but I don't seem to be able to join my machine to the domain. When I try, I get the following error: I have my DC is running DNS with a forward lookup for my router. In TCP/IP settings. Cannot complete this function. After verifying that DHCP was only handing out the recovered SBS as the only DNS server we went on to clean out DSSite.msc of the secondary DC and then on to DNS to clean up domain.local and msdcs.domain.local. M273875 and M295335 - It is not possible to promote a computer named 'Internet' to a Domain Controller. Internet is a restricted Windows 2000 computer name and cannot be used by a domain controller, a member server, or a Microsoft Windows 2000 Professional-based client that is a member of a Windows 2000 domain.
When you type the domain name, make sure that you type the Domain Name System (DNS) name and not the Network Basic Input/Output System (NetBIOS) name. For example, if the DNS name of the target domain is contoso.com, make sure that you enter contoso.com instead of the NetBIOS domain name of 'contoso.' Do not adjust the DNS or DHCP properties of your VMs in Azure. You just need to make sure that the virtual network you created in Azure has your internal IP address of the domain controller listed. In this case, 10.0.0.4. This way your second machine can located the first DC to join the domain.
Click here to return to the 'The .local domain and DNS issues' hint |
if you want still to use Rendezvous, choose an other local domain extension!
like .home or .myself ...
.local is reserved for Rendezvous usage, and you'll be sorry is it stop's working someday.
Join Domain Cannot Complete This Function Without
our entire network is based on this .local thing.
it's not a good solution just to change everything we run to .home etc
the windows admins don't see it as a solution... ;)
10.2 was an unpleasant surprise in this area... no more name resolution... :(
SOLUTION:
we just changed our LOCAL entries
in /etc/resolver/local
to list our local name servers and changed port to 53
seems to work again...
:)
matx
That's excellent! I wish I'd known about it before I'd renamed our domain. Where'd you find out about /etc/resolver/*?
And for the record, yes, this does break Rendezvous. I don't personally consider that a loss, but YMMV. Proceed with caution. ;-)
well, when 10.2 first came out and it broke our domain name resolution, we searched
hi and lo for a solution and found one on the apple discussion boards... someone had
figured this thing out (/etc/resolver/local). congrats to them. it works.
who needs rendezvous, not yet anyway.
Yes where did you find out about resolver? I never heard anything about it. Just checked mine and its says:
nameserver 224.0.0.251
port 5353
timeout 1
I don't know WHAT the heck that is....none of my info...
That's Rendezvous' 'Multicast DNS' information. Fortunately MDNS uses standard DNS queries, so replacing that info with your DNS server's ip and port 53 results in standard DNS queries being issued for the .local domain.
I tried dropping a foo.local file in that directory to see if subdomains would then resolve correctly, but it appears .local always gets processed first.
Not sure if this is related - but ever since upgrading to Jaguar I can no longer access my local machine via 'localhost'. I have a Linux box I have used for over a year with my DNS server and localhost has always worked for me. All the machines within my LAN or named with .lan conventions. If I want to access my local machine - I have to use the .lan defined name instead of localhost. I can watch it and see whats happening too - the local machine is querying the DNS server for a machine named 'localhost' and of course its not finding one.
Also - oddity in my /etc/hosts file - anyone have this also or can I get rid of it...
127.0.0.1 localhost
255.255.255.255 broadcasthost
::1 localhost
What is that last localhost entry for? I did not put it there - and it was not there before.
'::1 localhost' is the ipv6 version of 127.0.0.1, probably added by the network config tools
I have this entry in my /etc/hosts file too.
In addition, I have another DNS issue with Jaguar...
On my local network, I have my own DNS (Bind9) doing split horizon DNS (internal requests get results from one view, external requests get results from another view). In my Network PrefPane, I have my internal DNS listed first followed by two provided by my ISP. On a boot/restart everything works fine; my Mac gets DNS resolutions properly. But after the Mac goes to sleep, or sits for an extended period, it forgets about the internal DNS server and queries external servers. A re-apply in the Network PrefPane resolves the problem until the next time the Mac sleeps. No other non-Mac on my network has this problem (Win, Linux, *BSD).
Bizarre.
Out of curiousity, the next time your mac comes back from sleep, try running 'host some_machine your_mac' and see if you get a valid response. That should at least tell you if it's a bind/sleep issue, or an Apple resolver/sleep issue. My suspicion is that latter.
From playing around here, it looks like lookupd cycles throught the nameservers declared in /etc/resolv.conf until it finds one that works and then sticks with that nameserver until either it times out, or the modification date on /etc/resolv.conf is changed ('touch /etc/resolv.conf' as root is sufficient).
The host and nslookup commands, on the other hand, always start each query with the first server listed. That seems to be consistent with the resolv.conf man page. Yet another situation where 'ping foo' fails and 'host foo' succeeds.
So it looks like every time your system wakes from sleep, lookupd think its current nameserver choice has timed out and cycles to the next one. Since that server answers, you never get back to your internal server.
What I've done here is to setup a DNS cache machine which all the local machines use as their DNS server. The cache machine sends local queries to the local DNS server and everything else to my ISP's DNS servers. My resolv.conf only contains a single nameserver entry, so I've never hit this particular problem. Unfortunately I can't remember how to set this up in Bind (I switched to djbdns years ago), but it should be possible.
Hope this helps.
DNS servers are not ordered, have no priority. If you have more than one server, they must all present the same view of the DNS. This same issue arises with a VPN: you cannot have DNS servers that know about the VPN mixed with those that do not, or you will get inconsistent results.
and
Here at iana
as a primer
before changing anything finally, read the last part of How to set up DNS on Mac OS X 10.1.x: by sal paradise --Nov 11,2001 looks like Apple answered a request...regarding multicast DNS requests
Since I run a mixed network, I found it easier to add my Mac's address into my Winclones host file. That way everything resolves nicely without relying on the Mac being attached to the network.
This is easily one of the most boneheaded approaches to DNS I've seen from a vendor in a long while.
My experience with this is that 10.2 completely breaks hostnames like 'x.corporate.local', which is fundamentally wrong.
I have had to resort to mangling the /etc/resolver/local file to get my mac to access internal sites, which is a plain stupid thing for Apple to force its corporate customers to do.
Apple should realize that .local is a perfectly reasonable suffix for an internal LAN within a large organization, and that corporates actually USE it.
Join Domain Cannot Complete This Function Using
Check this out:
Mac OS X 10.3, 10.4: How to look up '.local' hostnames via both Bonjour and standard DNS
http://docs.info.apple.com/article.html?artnum=107800