Archived - Active Directory Plugin requires name resolution for domain and forest names

This article has been archived and is no longer updated by Apple.


Binding or authentication to an Active Directory domain may not succeed if there aren't DNS records to resolve the domain and forest names in the Active Directory environment.  An "error -14006" message will appear to clients if using the simple setup, or an "An invalid Domain and Forest combination was specified" alert if using the advanced setup.


It is desirable to create "A records" on the DNS server so that the domain name and the forest name resolve to IPs. Use Network Utility or the dig command line utility to verify the settings.

Alternatively, update to Mac OS X 10.5.3 or later (or Mac OS X Server 10.5.3 or later). Binding will succeed even without the presence of proper DNS.

Additional Information

Last Modified: Jul 13, 2012
  • Last Modified: Jul 13, 2012
  • Article: TS1206
  • Views:

  • Rating:
    • 20.0

    (1 Responses)

Additional Product Support Information

Start a Discussion
in Apple Support Communities
See all questions on this article See all questions I have asked