Active Directory Plugin requires name resolution for domain and forest names

Binding or authentication to an Active Directory domain may not succeed if there aren't DNS records to resolve the domain and forest names in the Active Directory environment.  An "error -14006" message will appear to clients if using the simple setup, or an "An invalid Domain and Forest combination was specified" alert if using the advanced setup.

This article has been archived and is no longer updated by Apple.

It is desirable to create "A records" on the DNS server so that the domain name and the forest name resolve to IPs. Use Network Utility or the dig command line utility to verify the settings.

Alternatively, update to Mac OS X 10.5.3 or later (or Mac OS X Server 10.5.3 or later). Binding will succeed even without the presence of proper DNS.

man page for dig

