000037311 - Inconsistent or failed DNS name resolution by RSA SecurID Access Identity Router

Document created by RSA Customer Support Employee on Apr 10, 2019
Version 1Show Document
  • View in full screen mode

Article Content

Article Number000037311
Applies ToRSA Product Set: SecurID Access Cloud Authentication Service
  • Name resolution by Identity Router is failing inconsistently. 
  • Running nslookup fails when not specifying nameserver, but may succeed if a particular nameserver is specified.
  • If the Identity Router is configured to communicate with Authentication Manager there may be errors in the symplified.log similar to:

Unable to resolve the Host:<AM_FULLY_QUALIFIED_HOSTNAME>, ignoring it

Note: An IDR to Authentication Manager test may also fail under these conditions.
CauseThe Identity Router is configured to utilize multiple DNS nameservers and at least one nameserver cannot resolve a required hostname (for example, Authentication Manager).
ResolutionEither remove any DNS namerserver(s) that cannot resolve required hostnames OR ensure that required hostnames are added to all configured DNS nameservers.