Jump to content
  1. Tech

      • No posts here yet
    1. Cisco

      Cisco Operating System and Hardware Support

      98
      posts
    2. 60
      posts
    3. DevOps

      Discussions around cloud hosting, automation efforts etc.

      3
      posts
    4. 19
      posts
    5. 132
      posts
    6. Programming

      Welcome to the topics and discussions surrounding programming.  

      10
      posts
    7. 286
      posts
    8. 5
      posts
    9. Web

      Stuff related to the internet

      78
      posts
  • Who's Online   0 Members, 0 Anonymous, 5 Guests (See full list)

    • There are no registered users currently online
  • Member Statistics

    126
    Total Members
    16
    Most Online
    Alexander1010
    Newest Member
    Alexander1010
    Joined

Announcements

  • Forum Statistics

    • Total Topics
      1.2k
    • Total Posts
      1.9k
  • FAQ Posts

    • Another option is to use the suggestion found on this apple support forum https://support.apple.com/lt-lt/guide/mac-help/mh27452/mac
    • I gave that a shot and running into issues USFNTMNBSJEMD6R:~ cowboy$ nsupdate -g > server 10.40.88.162 > update add usfntmnbsjemd6r.nao.global.gearcrushers.com 86400 A 10.34.224.125 > send tkey query failed: GSSAPI error: Major =  Miscellaneous failure (see text), Minor = Server (DNS/det1oapdn103.gearcrushers.corp@NAO.GLOBAL.GEARCRUSHERS.COM) unknown while looking up 'DNS/det1oapdn103.gearcrushers.corp@NAO.GLOBAL.GEARCRUSHERS.COM' (cached result, timeout in 1200 sec). >                         Any idea?
    • If you have admin access you can set debug on to get more info on what's going on Enabling logging for the Mac Directory Service In addition to enabling logging for the agent, you may find it necessary to enable logging for the Open Directory Service. To create a log file for the Open Directory Service: 1. Log in as or switch to the root or admin user. 2. Run the following command: sudo odutil set log debug 3. After running this command, you can find the resulting log files at: /var/log/opendirectoryd.log*  sudo log stream --predicate '(messageType == debug) and (subsystem == "com.apple.opendirectoryd")' or sudo log stream --debug --predicate 'subsystem == "com.apple.opendirectoryd"'   Just ideas to try
    • For those who run into this issue - Apple standard command line tool dsconfigad and option -restrictDDNS allow to control interfaces used for DDNS.   From the research I've done, it sounds like OSX has the native capability to do Dynamic DNS (DDNS) updates according to RFC 2136, however I'm confused as to how to actually get it to do so. On a Mac, I verified that if I set my Windows DNS server to allow non-secure updates, I could use nsupdate to manually register a new DNS record: # nsupdate > update add newhost.hosangit.com 86400 A 10.11.12.13 > send So, it seems like if that works, then OSX itself ought to be able to do the same thing.  Let me break it down a little bit more Get an nsupdate shell going nsupdate -g Set the DNS Server you are talking to server 10.0.0.4 Add the Record update add newhost.hosangit.com 86400 A 10.11.12.13 Send it send NOTE: The default behavior for macOS and Windows is to send updates for all connected interfaces. This behavior is not always the best method, especially cases in which the client is connect to different network, say a local network, VPN network, etc.. A better behavior could be a method to check the DHCP search domain against the AD DNS domain and only update the interfaces which match (wired and wireless for instance). Another good option would be to get the interface service order and only submit highest connected interface to mimic the dsconfigad -restrictDDNS command. This feature would be most helpful in environments where the computername is set and controlled programmatically then locked from changing through the sharing prefpane with a config profile. Hope that helps...
    • We are observing a strange case when our VPN client activates on macOS. It configures utun interface through DynamicStore API with fixed non-routable local IP 10.34.130.125. $ ifconfig utun3 utun3: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1376         inet 10.34.130.125 --> 10.34.130.125 netmask 0xffffffff  Problem is that this IP is getting registered with DNS server for this host name together with another, real local IP. So DNS query returns two addresses - one is good and another one is bad. This obviously creates a lot of problems. We did traffic capturing with tcpdump and it shows that nsupdate tool is indeed registering both IPs. This seems to be part of OpenDirectory/Active Directory integration. Is there way to prevent this from happening? VPNs with local only non-routable IPs are very common and I don't understand logic why such IP would be picked for Dynamic DNS update.
  • Latest Blog Entries

  • Popular Contributors

    Nobody has received reputation this week.

×
×
  • Create New...