Public bug reported:

We have 3 Active Directory "realms". One has 25 domain controllers/DNS
servers and the other two both have 35+. The way that AD works means
this creates DNS 'A' records for the realm name that resolves to all the
Domain Controllers/DNS servers that service it (ie a DNS name with many
A records).

If we have a fully patched/updated Ubuntu-18.04.1 system, running
"nslookup small.realm.name" returns the 25 DNS servers, and life is
good. Running "nslookup large.realm.name" works - but only returns 30
DNS servers (out of 35+). Running the same command on a CentOS-6 system
(ie no systemd) returns 35+ DNS servers. So that's a (minor) bug?

...but ping and other real applications are the real problem  - they
don't work at all in the larger realms. "ping small.realm.name" works
fine, but "ping large.realm.name" returns "Temporary failure in name
resolution". Also telnet, etc doesn't work. "ping
servername.large.realm.name" works fine - just the domain name itself
doesn't work - which makes me think it's related to the number of A
records being returned.

We are trying to add these Ubuntu laptops to our AD domains - which
requires several calls to "large.realm.name" - which is failing -  but
so far can only get it to work in small.realm.name due to this issue.  I
think this is a systemd-resolved bug? (237-3ubuntu10.3)

Thanks

Jason

** Affects: trace-summary (Ubuntu)
     Importance: Undecided
         Status: New


** Tags: systemd-resolved

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1801495

Title:
  cannot resolve Active Directory realm name with large number of A
  records

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/trace-summary/+bug/1801495/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to