DNS ISSUES AND DOMAIN CONNECTION

Olfeo relies on DNS; if DNS response times are high, the proxy will experience these delays, resulting in slow browsing. You can test the latency of your DNS servers using tools such as “dnsbench” and “nslookup” (Windows) or “host,” “squidclient,” and “dnslookup” (Linux).

Be sure to clear your DNS zones before performing an integration—for example, LDAP Kerberos resource records and the global catalog—otherwise Olfeo will attempt to use these records.

A list of DNS performance tests is available in this article: https://support.olfeo.com/kb/article/2441

To join an Olfeo server to a Microsoft Active Directory domain, certain ports must be opened if the proxy is separated from the domain infrastructure by a firewall: https://support.microsoft.com/fr-fr/kb/179442

If the connection to the Microsoft AD domain does not establish properly via the web administration interface, it is recommended that you use the command line:

Connect to the domain using the FQDN: net ads join -S %servername% -U %

Connect to the domain via IP: net ads join -I %serverIP% -U %

Displays information about remote AD servers: net ads info

Verify the machine's account: net ads testjoin

Retrieves information from the AD server: net ads lookup

Remove the computer from the domain: net ads leave

Check that communication between Olfeo and the AD is working properly: wbinfo –t Test NTLM authentication: wbinfo –a %

Testing Kerberos authentication: wbinfo –K %