Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'How to set up Active Directory' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
How to set up Active Directory
Authored by: Schwie on Nov 20, '03 05:04:43PM

I'm having the following problem. I'm running 10.3.1, and I'm trying to bind. I keep getting the following error message. As far as I can tell, DNS is set up correctly. Any ideas?

DNS is not properly configured

DNS service on this computer is not properly configured. DNS entries for your servers must have forward and reverse entries that match. You should verify correct operation of the DNS service or contact your System Administrator for assistance.

*I'm not allowed to get support for my TiBook in the company (my choice if I want to use a Mac).*



[ Reply to This | # ]
How to set up Active Directory
Authored by: djlc on Nov 21, '03 03:58:09PM

Your forward zone and reverse zones have to be corresponding. In other words, make sure the reverse zone has pointers for all the hosts in the forward zone. and then feel free to add any other pointers in the reverse zone.
i'm having a problem myself though. i get my powerbook to bind, and if i use some terminal commands, i can call up the list of domain users and groups, but none of them are authenticating on the powerbook. do i need to disable smb services? the reason i ask is because i tried admitmac out and it made me disable smb service before i could even install it.



[ Reply to This | # ]
How to set up Active Directory
Authored by: Schwie on Dec 12, '03 05:15:14PM
I took a peek in my localhost.zone file and found the following:
$TTL    86400
$ORIGIN localhost.
@                       1D IN SOA       @ root (
                                        42              ; serial (d. adams)
                                        3H              ; refresh
                                        15M             ; retry
                                        1W              ; expiry
                                        1D )            ; minimum

                        1D IN NS        @
                        1D IN A         127.0.0.1

in my named.local file, I found:
$TTL    86400
@       IN      SOA     localhost. root.localhost.  (
                                      1997022700 ; Serial
                                      28800      ; Refresh
                                      14400      ; Retry
                                      3600000    ; Expire
                                      86400 )    ; Minimum
              IN      NS      localhost.

1       IN      PTR     localhost.

I'm not really sure what you want me to add here... Should I be adding entries for the WIN Servers here, and pointers to them? I dont' know...

Was "vtzeb" able to help you with the authentication problems? I'm sure I'll be stumbling upon that, next....

Brad

[ Reply to This | # ]

How to set up Active Directory
Authored by: ktappe on May 04, '04 12:44:13PM

Are you using DHCP? If so, the reverse DNS problem is your network admin's fault, not yours.

And if they try to deny you support, tell them you are not asking for support for your Mac, you are asking them to do their job. Lack of reverse DNS is a server misconfiguration that would affect any client regardless of OS. Any sysadmin who doles out IP addresses that are not configured for reverse lookup has not properly configured his server. There are several websites out there (though I fear I cannot recall one right now) that won't even let you on if your reverse DNS lookup fails.

If all else fails, put a PC on your desk, try to visit one of those sites, then tell your sysadmin that your WINDOWS COMPUTER needs reverse DNS configured. Then put your Mac back. :-)



[ Reply to This | # ]
How to set up Active Directory
Authored by: martinp on Mar 21, '05 07:58:22AM

I had the same problem with 10.3.8. After much tinkering with the DHCP and DNS servers, I managed to find a way around it.

Open Directory access, go to Active Directory and configure.

Untick 'authenticate multiple domains' (if you only use one).
Tick 'prefer this domain server' and then enter the full address for the main domain server.
Then bind.

That fixed it for me. Hope it helps.



[ Reply to This | # ]