In Yosemite, Xsan MDCs store SAN configuration information in an LDAP directory that's protected by Transport-Level Security (TLS). For TLS to work, each Xsan MDC must have a fully-resolvable hostname. Your domain name servers (DNS) must contain the following records for each MDC:
- A single Address (A) record for the MDC's hostname that resolves to the MDC's primary IP address
- A single Pointer (PTR) record for the MDC's primary IP address that resolves to the MDC's hostname
These DNS records should be resolvable on all MDCs and client systems in the SAN. You might need to coordinate with your network administrator to set this up properly.
Configure your DNS records before activating your SAN. If your host name entries aren't set up correctly when you enable Xsan on an MDC, you might see one of the following:
- Server app displays the message, "This computer's host name is invalid. The host name does not resolve to any configured address of this computer. Please ensure the host name is correct."
- The system.log contains the message, "Unable to determine host name for certificate assessment."
In versions of OS X Yosemite earlier than 10.10.3, Xsan also required DNS records for private metadata network addresses and hostnames. This was because the metadata network could sometimes be used for configuration updates. As of OS X 10.10.3, Xsan systems only use the primary network for SAN configuration updates. Update MDCs to OS X 10.10.3 before activating your SAN.