Hello Ahmad, That was my initial attempt. The issue I ran into was that the dnsmasq settings on the Virtual Router seem to block the traffic that was required for the machine to join the domain. I played around with the settings a little bit and was able to get it to find the domain, so I would imagine that I could tweak it some more to not be an issue. However, any changes I make on the virtual router only last until it is restarted, so without a way to make those permanent I have to circumvent it entirely. The blog post that Murali linked for how to set up a network without DHCP and DNS seems like it was probably the correct way to do it, but as far as I can tell would require me to start my zone from scratch, so I am trying to avoid that if possible. Thanks, David Ortiz
> CC: users@cloudstack.apache.org > From: aemne...@gmail.com > Subject: Re: Using different DNS for guests than Virtual Router > Date: Tue, 23 Apr 2013 08:49:06 -0700 > To: users@cloudstack.apache.org > > Coming from someone that has no clue about active directory... If your using > a basic zone, why don't you have the AD server deployed outside of cloudstack > s control. Then point have your dns entries point to it. Have the default > security group for guests open to the ports AD works on. > > Ahmad > > On Apr 22, 2013, at 1:42 PM, David Ortiz <dpor...@outlook.com> wrote: > > > Hello, > > I am trying to setup a Windows AD server as a guest on my cloudstack > > cluster, and join my other guests to the domain it is serving using > > PowerBroker Identity Services Open. From what I am seeing, the virtual > > router will block me from being able to perform nslookup or join the domain > > using the domainjoin-cli command. If I modify /etc/resolv.conf to point > > directly at my DC as the dns server, it can join the domain without any > > issues. Unfortunately when I reboot, the dhcp setup with the virtual > > router will point it back to the virtual router as the name server. I also > > found that I could get nslookup (but not joining the domain) to work by > > playing with the dnsmasq.conf settings on the virtual router a little bit, > > which works until it is rebooted at which point they revert back to what > > they had been originally. Is there a way to get the virtual router to > > point guests at the domain controller as the DNS, or to set up the dnsmasq > > to allow the AD joins to occur (and make those settings persistent)? Or > > alternatively, would I be able to set up DHCP on the DC and just circumvent > > the virtual router entirely? > > Thanks, > > David Ortiz