KB Parallels: Configuring SRV and PTR records (reverse lookup)

Configuring SRV and PTR records (reverse lookup)

0 users found this article helpful

Applies to:
Last Review: Oct 20, 2022
Related Articles:
- [Internal] Troubleshoot procedure for Single Sign-On (SSO) / Kerberos (awingu-worker-smc.service.log)
Available Translations:
Get updates Download

Symptom

Authentication issues.

Cause

Forward lookups will take the Awingu domain settings into account, for example subdomain.company.org will use the DNS settings of the domain that has company.com as its FQDN in the Awingu domain settings.
If there is no matching domain, the forward lookup will be performed using the global DNS servers.
Reverse lookups always use the
Global DNS can be configured by navigating to System Settings > Global > Connectivity.

Resolution

Verify on the DNS server if these SRV-records exist (TCP and UDP - see navigation in left pane). They need to point to the Kerberos server, which is usually the primary domain controller.

_kerberos
_kerberos-master
_kpasswd

This can be verified using Microsoft's DNS Manager.

Also check whether the PTR-records exist, so a reverse lookup of the FQDN of the Kerberos server is possible. Mind that problems may occur if there are multiple PTR-records with the same name pointing to different IP addresses.

Was this article helpful?

Tell us how we can improve it.