Checking the DNS environment

The Centrify agent is designed to perform the same set of DNS lookups that a typical Windows computer performs in order to find the nearest domain controller for the local site. For example, the Centrify UNIX agent looks for service locator (SRV) records in the DNS server to find the appropriate controller for the domain it has joined.

In most cases, when you configure the DNS Server role on a Windows computer, you configure it to allow dynamic updates for Active Directory services. This ensures that the SRV records published when a domain controller comes online are available in DNS. If your DNS Server is configured to prevent dynamic updates, however, or if you are not using the Window computer as the DNS server, the Centrify UNIX agent might not be able to locate the domain controller.

Do the following to ensure the UNIX computer can look up the SRV records in the DNS server for the evaluation environment:

  • Configure the DNS Server role on the Windows computer to Allow secure dynamic updates.
  • Make sure that each UNIX or Linux computer you are using includes the Windows DNS server as a nameserver in the /etc/resolv.conf file.

When you configure the DNS Server, you should configure it to perform both forward and reverse lookups and to allow secure dynamic updates.