16th April 2010, 11:04 PM
Can anyone help with setting the DNS settings on an OSX server? I am having a hell of a time trying to get an open directory to kerberize.

17th April 2010, 10:06 AM
Can you provide a bit more information.

17th April 2010, 12:25 PM
I am trying to get a SL Server (10.6.3) right with the DNS so I can continue with other services like Open Directory/Kerberos. It seemed to all be fine, as it is working as my DNS route for web activity. But when I go to setup an OD master, it tells me that either DNS or SSO (which I have not done anything with so hopefully that is not broken already) are wrong.

I am using a DynDns domain name, not sure if that is an issue, but I am on a Dynamic IP so I need to use something like that.

Every-time I try to enter nameserver info it disappears after saving, but at the moment changeip -checkhost reports fine.

Any hints for a DNS newbie - I have read a lot, but never seen a good example of setups.

17th April 2010, 12:58 PM
You may have a networking snafu if you're using a port-forward or DMZ/default-host or similar from your router's WAN IP to your server and your router is like most consumer routers, it won't be able to direct traffic destined to the WAN IP from within the LAN back into the LAN. Does that sound like your network setup at all?

17th April 2010, 10:00 PM
You seem to have read me like a book there Teej. Port forwarding has been my tool of choice, is there another way around this?

I have ADSL router forwarding web/mail/ical/ARD and such. Do I need to use a fancier router? Or modem straight to the server?

18th April 2010, 11:22 AM
I'd be inclined to setup a DNS server on the LAN to act as a resolver and provide authoritative responses with local IP addresses for the appropriate hostnames. It should be possible to configure the bind install that comes with OS X server to do this, however, I've never used OS X server so there may be a barrier to doing this that I'm not aware of.

20th April 2010, 11:10 PM
Hi Fletch.
OS X Server should Kerberize itself if the DNS is configured correctly- so maybe you could tell us a little about the specifics of your IP ranges etc.

Or perhaps I could screen share into your server and work with you to fix up the issues and then we can post the results here?

20th April 2010, 11:17 PM
Legend! To the rescue again.
Can I line you up tomorrow evening for that? I am trying to organise a test bed at home. That would be very much appreciated.