View this PageEdit this PageUploads to this PageHistory of this PageHomeRecent ChangesSearchHelp Guide

SGD Special Needs

SGD and DNS troubles

The dns record "ad.gatech.edu" is a pointer to several records. When SGD performs a DNS lookup for ad, this is the query it runs:

nslookup -query=any _gc._tcp.ad.gatech.edu


That query is asking for Global Catalogs for ad.gatech.edu. It returns the following:
_gc._tcp.ad.gatech.edu  service = 0 100 3268 gtrc2003.gtrc.ad.gatech.edu.
_gc._tcp.ad.gatech.edu  service = 0 100 3268 athena.edi.ad.gatech.edu.
_gc._tcp.ad.gatech.edu  service = 0 100 3268 adrichdc02.ad.gatech.edu.
_gc._tcp.ad.gatech.edu  service = 0 100 3268 ohr-ariadne.ohr.ad.gatech.edu.
_gc._tcp.ad.gatech.edu  service = 0 100 3268 adrichdc03.ad.gatech.edu.
_gc._tcp.ad.gatech.edu  service = 0 100 3268 gtrcserv.gtrc.ad.gatech.edu.
_gc._tcp.ad.gatech.edu  service = 0 100 3268 gts-temp01.ad.gatech.edu.
_gc._tcp.ad.gatech.edu  service = 0 100 3268 surge.coa.ad.gatech.edu.
_gc._tcp.ad.gatech.edu  service = 0 100 3268 adrichdc06.ad.gatech.edu.
_gc._tcp.ad.gatech.edu  service = 0 100 3268 ebb.coa.ad.gatech.edu.
_gc._tcp.ad.gatech.edu  service = 0 100 3268 flow.coa.ad.gatech.edu.

SGD then attempts to connect to the Global Catalog on the servers one by one until it gets a hit. The problem is this list contains AD servers we do not want to use, both because they aren't OIT's campus AD servers, and because SGD requires an AD running a global catalog server. Not all of these servers do that, and in turn, SGD returns a warning:

Sun Secure Global Desktop Software (4.4) WARNING:

Active Directory service discovery partially failed: 128.61.209.30:3268 Looking up Global Catalog DNS name: _gc._tcp.ad.gatech.edu. - HIT Looking for GC on server: Active Directory:gts-temp01.ad.gatech.edu:/128.61.209.30:3268:Up - ERROR

We would like to use just the adrichdc0x servers. But, placing a direct entry for a server into SGD fails, because a Global Catalog DNS entry for an individual node doesn't seem to exist:

nslookup -query=any _gc._tcp.adrichdc04.ad.gatech.edu
Server: 130.207.165.170
Address: 130.207.165.170#53

Error: this should not happen server can't find _gc._tcp.adrichdc04.ad.gatech.edu: NXDOMAIN

Since SGD cannot determine the IP address, it fails.

Link to this Page

  • SGD last edited on 15 May 2008 at 12:56 pm by fairlane-win.cc.gatech.edu