Resolving VPN access issues with Mac OS X 10.7 and later

Starting with Mac OS X 10.7, /etc/resolv.conf is no longer used for domain controller name resolution. Therefore, some VPN programs no longer update DNS server information in /etc/resolv.conf when signing on. On computers running Mac OS X 10.7 and later, this can result in the computer not being able to connect to a domain controller through a VPN.

To resolve this issue, explicitly specify in centrifydc.conf the location of DNS servers that are used to resolve domain controller names:

1. Open /etc/centrifydc/centrifydc.conf for editing.
2. Specify the IP addresses of DNS servers in the dns.servers parameter (if the parameter does not exist yet, create it now):
   dns.servers: x.x.x.x y.y.y.y

   where x.x.x.x y.y.y.y are the IP addresses of the DNS servers to use. This example shows two IP addresses; note that each IP address is separated by a space.

3. Save your changes to centrifydc.conf.

4. Restart the agent for the changes to take effect:

   sudo /usr/local/share/centrifydc/bin/centrifydc restart