Configuring DNS Name Resolution

In order to install and configure Anyware Manager or Connector on the RHEL or Rocky Linux machine, it's important to ensure that there is a solid connection between the machine and the Active Directory Domain Controller. You need to ensure that you can route from this machine to the Domain Controller and that there is nothing to prevent port 443 (https) and port 636 (LDAPS) connecting between the two systems.

The following steps are to ensure DNS settings are configured properly on the machine for Anyware Manager or Connector to operate. The sample IP of the Domain Controller is 10.162.0.42 for example-domain.com:

  1. Disable auto-configuration of DNS settings in order to prevent setting being overwritten on reboot. In this example the device name is eth0:

    nmcli device modify eth0 ipv4.ignore-auto-dns yes
    

    You may also need to disable this on the connection level in some cases. In this example the connection name is eth0:

    nmcli connection modify eth0 ipv4.ignore-auto-dns yes
    

  2. Edit the Network Configuration scripts. Add the DNS1 for the IP address for Active Directory's DNS server (typically the Domain Controller itself) and optionally DNS2 for the fallback DNS server. You can optionally add DOMAIN for a DNS suffix (typically the Domain name):

    sudo vi /etc/sysconfig/network-scripts/ifcfg-eth0
    TYPE=Ethernet
    PROXY_METHOD=none
    BROWSER_ONLY=no
    BOOTPROTO=dhcp
    DEFROUTE=yes
    IPV4_FAILURE_FATAL=no
    IPV6INIT=yes
    IPV6_AUTOCONF=yes
    IPV6_DEFROUTE=yes
    IPV6_FAILURE_FATAL=no
    NAME=ens192
    UUID=dfe16427-21f1-429c-99cb-a1e9b42be181
    DEVICE=ens192
    ONBOOT=yes
    DNS1=10.162.0.42
    DOMAIN=example-domain.com
    PEERDNS=no
    
    3. Run the following command to restart the Network Manager:

    sudo systemctl restart NetworkManager
    
    4. Check the /etc/resolv.conf file to make sure that the desired DNS servers and search suffixes are there. It is important the the nameservers are the AD DNS or else the machine will fail to connect to the Domain Controller(s):

    cat /etc/resolv.conf
    # Generated by NetworkManager
    search example-domain.com
    nameserver 10.162.0.42
    
    5. Test DNS by pinging the domain, in this example example-domain.com is the domain name:
    ping example-domain.com
    
    6. If the response is successful, you should receive a message similar to the example below:
    PING example-domain.com (10.162.0.42): 56 data bytes
    64 bytes from 10.162.0.42: icmp_seq=0 ttl=118 time=16.622 ms
    64 bytes from 10.162.0.42: icmp_seq=1 ttl=118 time=50.675 ms
    64 bytes from 10.162.0.42: icmp_seq=2 ttl=118 time=27.682 ms
    64 bytes from 10.162.0.42: icmp_seq=3 ttl=118 time=19.886 ms
    ^C
    --- example-domain.com ping statistics ---
    4 packets transmitted, 4 packets received, 0.0% packet loss
    
    7. Reboot the machine and check that the DNS settings in /etc/resolv.conf persist and that you can still ping the domain as done in steps 4-6.

Applying Host Machines DNS settings to K3S

The host machine's DNS settings are copied from /etc/resolv.conf and applied to the Anyware Manager and/or CAS Connector when the CAS K3S service starts. Because of this it is important that settings are correct on boot. You will need to either reboot the machine or restart the K3S service to apply the DNS settings to the Anyware Manager or CAS Connector if changes are made post installation or configuration.

It is best to ensure DNS settings are correct before installing and CAS software on the machine.