[Freeipa-users] AD Trust - Cannot resolve servers for KDC after reboot [SOLVED]
Alexander Bokovoy
abokovoy at redhat.com
Thu Sep 25 12:58:55 UTC 2014
On Thu, 25 Sep 2014, Genadi Postrilko wrote:
>The NetworkManager service was overriding the /etc/resolv.conf, so kinit
>couldn't resolve with the right DNS server.
>
>After stopping the NetworkManager and canceling its start up on boot, i can
>kinit with no problem.
>Didn't even had to change to forward-policy=only.
>
>Thank you for the help, and sorry i haven't noticed it sooner.
I'd recommend you to switch NetworkManager into using dnsmasq backend
for resolver. Then you can define additional parameters and even
redefine where to look at for specific zones. I'm using this to
get home networks accessible properly even when there are multiple VPN
sessions opened and number of servers in resolv.conf would otherwise be
out of proportion.
# cat /etc/NetworkManager/NetworkManager.conf
[main]
plugins=ifcfg-rh
dns=dnsmasq
# cat /etc/NetworkManager/dnsmasq.d/interfaces
interface=lo
except-interface=virbr0,vnet0,vnet1,vnet2,tun0,tun1,tun2
bind-interfaces
# cat /etc/NetworkManager/dnsmasq.d/fixed-servers
server=/ipa.example.com/1.2.3.4
server=/ad.example.com/3.4.2.1
--
/ Alexander Bokovoy
More information about the Freeipa-users
mailing list