Customer is having slow access talking to MS AD via LDAP. WebNetwork is being run on a MAC OSX box and is using MS AD for Directory Services. The dns server is running on MS AD and the OSX box is pointing to that for its DNS information. Directory services is configured, Global Catalog is configured in webnetwork. Customer is using a .local for domain name. Also tried adding company.local , forestdnszones.local domaindnszones.local to the host file on the OSX box.
This is an issue with OSX, the following information came from : http://docs.info.apple.com/article.html?artnum=107800
Mac OS X 10.3, 10.4: How to look up ".local" hostnames via both Bonjour and
standard DNS Mac OS X 10.3 or later normally treats hostnames ending in ".local"
only as Bonjour (formerly "Rendezvous") hosts. However, some network
administrators also assign .local hostnames. This document explains how to look
up .local names using Bonjour and standard DNS.
The Multicast DNS feature of Rendezvous technology allows devices on a local
network to connect to each other by name without a separate DNS server. See
technical document 107174, "Mac OS X 10.2: About Multicast DNS" for details. By
default, any hostname ending in .local is treated as a Rendezvous host rather
than by querying the DNS server entries in Network preferences.
Though the .local domain is not defined as a valid top-level domain on the
Internet, some private networks have DNS servers that assign hostnames in the
.local domain. In its default state, Mac OS X 10.3 does not use the DNS server
to resolve these names. This may result in unexpected failures to connect to
.local hostnames defined by your server. If .local names are assigned by a DNS
server on your network, use the solution below to configure Mac OS X 10 to look
up .local names in both ways. If the host is not available via Rendezvous, the
query will be tried using unicast DNS to contact the DNS server.
Mac OS X 10.4 and later: Open the Network preference pane in System Preferences.
Select the desired network interface and click Configure. Add "local" to the
Search Domains field. If you have multiple entries in this field, be sure that
"local" is first, and separate them with commas. For example:
local, apple.com Mac OS X 10.3 - 10.3.9: To create the script, execute each of
these commands in Terminal (/Applications/Utilities/). Each command is preceded
by the dollar sign ($), which represents the Terminal prompt. You must be logged
with an administrator account to perform these steps. After the first command
(sudo), you will be prompted to enter your administrator password. After typing
each command, press Return to execute it. After entering the "cat" command, you
will not see a prompt ($) for the next four lines, though you must still press
Return after each. For the line that says "[Control-D]", you will hold down the
Control key, then press D.
The commands:
$ sudo su
$ cd /usr/sbin
$ cat > EnableUnicastDotLocal
#!/bin/tcsh
echo domain local > /etc/resolver/local.1
grep -v domain /etc/resolv.conf | grep -v search >> /etc/resolver/local.1
echo search_order 2 >> /etc/resolver/local.1
[Control-D]
$ chmod +x EnableUnicastDotLocal
$ exit
These steps create an executable shell script named "EnableUnicastDotLocal" that
will create and populate the necessary configuration files to enable dual
lookups of .local hostnames.<
To run the script, execute this command:
$ sudo /usr/sbin/EnableUnicastDotLocal
Important: The address of the DNS server configured by this script for .local
name lookups will not change automatically if your default DNS server address
changes. (Your DNS server address may change if you change network locations, if
a change is made by your DHCP server administrator, or if you change it manually
in Network preferences.) To change the DNS server used for lookups in the .local
domain, you must run this script again. To disable unicast DNS lookups entirely
after running this script, delete the file /etc/resolver/local.1.
Note: For the Active Directory plug-in to work with .local domains, you must
update to Mac OS X 10.3.3 or later.