Issues with .local Domain Name Resolution

Discussion in 'OS X Yosemite (10.10)' started by kennethson, Oct 20, 2014.

  1. kennethson macrumors newbie

    Oct 10, 2014
    The (fairly large) institution where I work is mostly a Windows shop, and therefore uses Active Directory. Our AD domain uses .local TLD, so many servers are addresses using our internal DNS with only .local hostnames.

    Since upgrading to Yosemite, myself and others in IT who are Mac users have found that Yosemite's behavior with these domain names is odd, to say the least.

    With most applications (e.g. browsers, Finder Connect to Server, ping from Terminal) using an FQDN like host.example.local will fail with a DNS timeout, however using just the hostname (host) with the domain (example.local) in the search domains works like a champ.

    This is almost certainly because Yosemite is being more strict about following RFC 6762, which generally prohibits the use of the .local TLD for non-Multicast DNS (Bonjour) purposes.

    So far, we are at a loss for how to mitigate this issue. While the "correct" course of action is probably to move the AD domain to something like example.private, that is a non-started for an organization supporting 30k+ users with only a small number of Macs in play.

    Has anyone else run into an issue like this, and if so, have you found any solutions?
  2. blenderman17 macrumors newbie


    Jan 16, 2009
    Baton Rouge
    I'm having this exact issue, but I'm not even sure where to start with a solution. Our servers are all Windows based and our IT department is solely a Windows operation, so I'm on my own trying to figure it out. I tried various ways of reconfiguring the SMB connection, but none have worked.
  3. mrdrlove macrumors newbie

    Oct 20, 2014
    Hi kennethson,

    thanks for the details. I did not know about the reserved word local.

    Yes, we have exactly the same issue.
    Also thanks for your hint with using not the FQDN.

    But, I also did not found a solution. I have searched many hours with google and Co. but no success.

    Thanks god we are planning a redesign of our AD-Infrastructure, so I can try to talk to the colleagues to using something different.

    If I get any further information that might help, I will be back here.

  4. KlytusLord macrumors regular

    Apr 11, 2011
    I have not been able to get any of our Yosemite machines to join our domain/active directory, and I am guessing it is because of the .local issues mentioned here.

    I have not figured out how to access our local websites via Safari on Yosemite either. For example, we use the following pattern:


    replacing the domain with the host ( has not helped, so I don't know what else to try just to get this work.
  5. macrumors newbie

    Jan 6, 2012
    I found that it suddenly worked when I added our domain "uv.local" in Network Preferences -> Advanced -> DNS -> Search Domains.
    (This can also be configured on your DHCP server.)

    Then I could browse to server01.uv.local :)
  6. kennethson thread starter macrumors newbie

    Oct 10, 2014
    Can you get there using the FQDN (i.e. server01.uv.local) or by using just the hostname (i.e. server01)?

    We all have our local domain in our search domains, and using only the hostname is the only way we can access these servers.
  7. kennethson thread starter macrumors newbie

    Oct 10, 2014
    Hopefully it will help if I use some better examples here. Say you have the following servers:


    If you add myprivatedomain.local to your search domains (see's post above), you should be able to access those servers by simply using:


    At least, that's the behavior we're seeing here.
  8. macrumors newbie

    Jan 6, 2012
    Yup. See my attachment. Your DNS server will of course need a record for the server you're trying to reach.
    itc-mac-ernst:Desktop admin$ nslookup uvprint02.uv.local
    Non-authoritative answer:
    Name:	uvprint02.uv.local

    Attached Files:

  9. kennethson thread starter macrumors newbie

    Oct 10, 2014
    Our DNS server have the records (as we've used them with no problems until Yosemite).

    I wonder what you get when you run

    sudo discoveryutil mdnsactivedirectory
    in the terminal. We were seeing

    Not Doing Active Directory
    but after running

    sudo discoveryutil mdnsactivedirectory yes
    and having the output change to

    Doing Active Directory
    we're able to use our FQDNs again!
  10. macrumors newbie

    Jan 6, 2012
    We're getting
    Doing Active Directory
    But we haven't done any sort of special configuration for this nor enabled it with the "yes" command.
  11. kennethson thread starter macrumors newbie

    Oct 10, 2014
    Are your machines bound to the AD domain (assuming that you are, in fact, using one)? The machines we were having issues with were not, and we did get some (questionable) reports of other groups in the institution not seeing the issues, but they almost certainly have their machines bound to the domain.
  12. h4ck macrumors regular

    May 26, 2006
    we're having issues resolving .local domains since updating to Yosemite too.

    have made no other changes, just upgraded to 10.10.1.

Share This Page