Resolving VPN access issues with Mac OS X 10.7 and later
Starting with Mac OS X 10.7, /etc/resolv.conf
is no longer used for domain controller name resolution. Therefore, some VPN programs no longer update DNS server information in /etc/resolv.conf
when signing on. On computers running Mac OS X 10.7 and later, this can result in the computer not being able to connect to a domain controller through a VPN.
To resolve this issue, explicitly specify in centrifydc.conf
the location of DNS servers that are used to resolve domain controller names:
- Open
/etc/centrifydc/centrifydc.conf
for editing. - Specify the IP addresses of DNS servers in the
dns.servers
parameter (if the parameter does not exist yet, create it now):dns.servers: x.x.x.x y.y.y.y
where
x.x.x.x y.y.y.y
are the IP addresses of the DNS servers to use. This example shows two IP addresses; note that each IP address is separated by a space. -
Save your changes to
centrifydc.conf
. -
Restart the agent for the changes to take effect:
sudo /usr/local/share/centrifydc/bin/centrifydcrestart