Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >

KB-1365: adclient's dependency on /etc/resolv.conf

Authentication Service ,   Mac & PC Management Service ,  

12 April,16 at 10:57 AM


Why & how does adclient depend on /etc/resolv.conf?


The /etc/resolv.conf file is the resolver configuration file. It is used to configure client side access to the Internet Domain Name System (DNS). This file defines which name servers to use. The resolver is a set of routines in the C library that provide access to the Internet Domain Name System (DNS). The resolver configuration file contains information that is read by the resolver routines the first time they are invoked by a process. The file is designed to be human readable and contains a list of keywords with values that provide various types of resolver information

Centrify depends on the domain name servers configured in /etc/resolv.conf to locate/discover the domain controllers for the Active Directory forest by making SRV queries against these name servers. If you do not have a resolv.conf with any namservers in them, the adjoin will not succeed.

If /etc/resolv.conf cannot be used on a machine, you can manually specify one or more domain controllers in the Centrify DirectControl configuration file.

To manually specify a domain controller, add the following entry to the Centrify DirectControl configuration file, /etc/centrifydc/centrifydc.conf:

dns.dc.domain_name: server_name [server_name ...]
dns.gc.domain_name: server_name [server_name ...]

For example, if you want to use Centrify DirectControl in a domain called mylab.test and the domain controller for this domain is dc1.mylab.test, you would add the following line to the /etc/centrifydc/centrifydc.conf file: dns.dc.mylab.test: dc1.mylab.test

You must specify the name of the domain controller, not its IP address. In addition, the domain controller name must be resolvable using either DNS or in the local /etc/hosts file. If there is no /etc/resolv.conf then you must add entries to the local /etc/hosts for each domain controller you want to use.