PDA

View Full Version : DNS Problems in Mac OS X Server




BryanSchmiedele
Aug 2, 2013, 01:22 PM
Just started a new job and am in charge of managing the Mac Server. I have lots of Mac experience, but very little Mac OS X Server experience.

I used my MBP to access the server (which is a headless Mac Mini) and after I did so the settings were pretty messed up. In particular the Computer Name, Host Name, and DNS name were wrong or missing. I was able pretty easily to get the first two fixed, but not DNS.

I can reach the server via the IP, but NOT the domain name. (We were able to do this before I messed things up).

When I run

cat /etc/resolv.conf | grep nameserver

I get 4.2.2.2

which is the forwarding server

I have tried turning DHCP on and off, never works.

When I run

cat /etc/resolv.conf | grep nameserver

I get

nameserver[0] : 4.2.2.2
nameserver[0] : 150.2.0.30
nameserver[0] : 4.2.2.2

The 150.2.0.30 is what I have for the DNS entery in the Network Control Panel

When I run changeip -checkhostname under sudo I get


macserver:~ bryanschmiedeler$ sudo
Password:


Primary address = 192.168.x.x


Current HostName = server.example.com


The DNS hostname is not available, please repair DNS and re-run this tool.


dirserv:success = "success"

Any help would be GREATLY Appreciated!

Bryan



chrfr
Aug 2, 2013, 01:41 PM
If the server's IP address is 192.168.x.x, that will never resolve properly using external DNS and you'll need to run your own DNS and point the server to that.

Kasalic
Aug 4, 2013, 05:49 AM
What other servers are on this network? Which of these, if any, are providing internal DNS services?

BryanSchmiedele
Aug 5, 2013, 08:53 AM
What other servers are on this network? Which of these, if any, are providing internal DNS services?

I changed the DNS to 127.0.0.1 and some things that weren't working are now working.

The major problem still is this: if I enter the IP of the server from a web browser I can authenticate and get in. If I enter the IP/profilemanger I can get to that. However, if I enter our domain or the domain folled by /profilemanager, I get nowhere.

On my MBP, I cannot access the server from the Finder, either in the sidebar or by using the Go To Server command, bugt I CAN access it if I go directly to Screen Sharing and enter the IP and my username and password.

I am thinking my reverse DNS is wrong - or is it that when I go to Go To Finder I am using a different ID and password (the one on my MBP is not the same as the one on the Server).

Any other help would also be appreciated.

The Mac server is in the DMZ, if that helps.

Bryan

alexrmc92
Aug 5, 2013, 08:58 AM
what server is your MBP setup to use for DNS?

BryanSchmiedele
Aug 5, 2013, 09:12 AM
It has 4 DNS settings, all starting with 150. or 151.

I added the IP of the Mac Server but that didn't help.

I might not have mentioned that the Mac OS X server is in the DMZ. When my MBP is getting only WiFi (and outside the network completely) then I CAN see the server in my Finder Sidebar and access it just fine. It is when I switch back to the internal network that I am having problems.

I really appreciate your help.

BryanSchmiedele
Aug 12, 2013, 08:56 AM
It has 4 DNS settings, all starting with 150. or 151.

I added the IP of the Mac Server but that didn't help.

I might not have mentioned that the Mac OS X server is in the DMZ. When my MBP is getting only WiFi (and outside the network completely) then I CAN see the server in my Finder Sidebar and access it just fine. It is when I switch back to the internal network that I am having problems.

I really appreciate your help.

My network guy made some changes and I reran the

sudo changeip -checkhostname

command and now I am all clear.

But I STILL cannot get profiles installed. I email the profiles, and when the user gets them and tries to install them they get an error saying the server can't be reached.

Consultant
Aug 12, 2013, 01:29 PM
My network guy made some changes and I reran the

sudo changeip -checkhostname

command and now I am all clear.

But I STILL cannot get profiles installed. I email the profiles, and when the user gets them and tries to install them they get an error saying the server can't be reached.

Are they off site?

Give the user the external IP (not the 192.x). Log into the server, go to whatismyip or a similar service.

alexrmc92
Aug 12, 2013, 02:39 PM
My network guy made some changes and I reran the

sudo changeip -checkhostname

command and now I am all clear.

But I STILL cannot get profiles installed. I email the profiles, and when the user gets them and tries to install them they get an error saying the server can't be reached.

Then either your DNS or firewall is not configured properly. When iPhone attempts to load the profile and connect to the server it can't find it. Your iPhone needs to be using the mac server as it's DNS server and you need proper DNS lookups for you network entered. I can't really explain or help any better than that without seeing the server myself.

BryanSchmiedele
Aug 13, 2013, 08:29 AM
Then either your DNS or firewall is not configured properly. When iPhone attempts to load the profile and connect to the server it can't find it. Your iPhone needs to be using the mac server as it's DNS server and you need proper DNS lookups for you network entered. I can't really explain or help any better than that without seeing the server myself.

This makes sense to me. Our server is in a DMZ. This morning we are going to take it out of the DMZ and test, so we can confirm that that is the issue. This should tell us if it is network issue or server issue.

DNS is not running on our server right now. I was told we don't need to run it. I wonder though, if we were running it.

alexrmc92
Aug 13, 2013, 08:43 AM
This makes sense to me. Our server is in a DMZ. This morning we are going to take it out of the DMZ and test, so we can confirm that that is the issue. This should tell us if it is network issue or server issue.

DNS is not running on our server right now. I was told we don't need to run it. I wonder though, if we were running it.

Unless you configure profile manager to use the public IP address of the server instead of its domain / host name, then you will need DNS running on the server. Either that or you need to buy a domain that matches your mac servers host name and have a third party manage the DNS.

I've kinda said this a few times already. If you would like i can explain it over the phone as well. If you want we can organize that over PM.

BryanSchmiedele
Aug 13, 2013, 11:39 AM
Unless you configure profile manager to use the public IP address of the server instead of its domain / host name, then you will need DNS running on the server. Either that or you need to buy a domain that matches your mac servers host name and have a third party manage the DNS.

I've kinda said this a few times already. If you would like i can explain it over the phone as well. If you want we can organize that over PM.

I would really appreciate your help. My email address is

bryanschmiedeler at me.com.

You can send me your phone number there and a time to call, or email me and I will send you my phone number. I am in the central time zone, and am out until 1 PM. Any time after that I am available. And I really really appreciate this!