Push DNS search suffix to Macs via ARD

Question

Our clients use the domain handed out by our DHCP server ourcompany.com as their default search suffix. I would like to add a second domain for them to search. /etc/resolv.conf looks like it will be overwritten on startup by some other process. I'm assuming I will need to run a defaults write com.apple.blahblahblah command or script.

Has anyone done this?

Thanks, Tom

score 2 · Accepted Answer · answered Nov 02 '10 at 14:36

Provided that the ARD client is installed on the workstations, you would use the "networksetup" command to set this property. On 10.5 and greater, I believe that the client is automatically installed and on 10.2-10.4 you may neet to install it to get the full functionality.

networksetup also has two paths, depending on whether the client came with the OS or had to be installed: /usr/sbin/networksetup /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Support/networksetup

The flag you want is "-setsearchdomains" with two arguments--the network device to be set, followed by the search domains.

So, a script that would basically work in all cases for you would be:

#!/bin/sh
/System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Support/networksetup -setsearchdomains AirPort ourcompany.com example.com
/System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Support/networksetup -setsearchdomains "Built-in Ethernet" ourcompany.com example.com
/System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Support/networksetup -setsearchdomains Ethernet ourcompany.com example.com
/usr/sbin/networksetupnetworksetup -setsearchdomains AirPort ourcompany.com example.com
/usr/sbin/networksetupnetworksetup -setsearchdomains "Built-in Ethernet" ourcompany.com example.com
/usr/sbin/networksetupnetworksetup -setsearchdomains Ethernet ourcompany.com example.com
exit 0

You can push these command one-by-one via ARD or create a no-payload package via packagemaker or iceberg to push it out as a package via ARD (I would do the latter). The script should change all network devices on any OS X machine to have your preferred search path BUT it will only be set for the current network profile. To change other network profiles, you will have to make another profile active first.

Does that help?

Yes that's exactly what I was looking for, thanks. – SpacemanSpiff Nov 02 '10 at 15:03 — SpacemanSpiff, Nov 02 '10 at 15:03

score 0 · Answer 2 · answered Nov 02 '10 at 14:05

0

Have you tried simply setting two domains on the DHCP server? ISC DHCPd supports this:

   option domain-search domain-list;

     The domain-search option specifies a 'search list' of Domain Names to
     be  used  by  the  client to locate not-fully-qualified domain names.
     The difference between this option and historic use  of  the  domain-
     name  option  for  the  same  ends  is that this option is encoded in
     RFC1035 compressed labels on the wire.  For example:

       option domain-search "example.com", "sales.example.com",
                            "eng.example.com";

answered Nov 02 '10 at 14:05

Alnitak

20,901
3
48
81

Is this DHCP option support on Microsoft? – SpacemanSpiff Nov 02 '10 at 14:14
I've no idea. Any decent DHCP server will allow you to specify "unusual" options that aren't built-in. – Alnitak Nov 02 '10 at 14:14
Well have to experiment, hopefully the Mac will recognize this code. – SpacemanSpiff Nov 02 '10 at 14:19

Push DNS search suffix to Macs via ARD

2 Answers2