I am having an issue with keeping a directory connection between my server and a client. If I run the auto-configure iCal installer inside or outside of my network I am able to auto complete addresses in iCal and use Apple's Directory Application to find users and resources. If I move my (or any user's) internally configured laptop outside the firewall, I lose directory access although the Directory Utility still shows a green light. If I issue a killall DirectoryServices at the command line while outside the firewall - lookups start working again. When I return to being inside the firewall, lookups fail again until I either restart or kill the DS again. If I configure a system outside of the firewall, directory lookups and autocomplete works fine - until I move back inside.
My server lives in a DMZ and has a different IP address internally and externally but DNS seems to be fine and everything else works. Is there a port that I am missing?
KMS 6.6.2 running on OS X Server 10.5.6.
Goochland County Public Schools
Perhaps there is a Network Address Translation (NAT) issue that is preventing the seamless movement between inside / outside your network.
It would seem logical that a particular address is being mapped (effectively "locked") for internal use on your client machine, which of course won't work externally, since you can no longer get direct access to that private IP of your KMS.
Perhaps you can do some HOST and nslookup commands (and similar such research) to see how your clients see the KMS internally, vs externally.
Kerio uses the OS X Directory Util settings for those lookups.
You can access it via Terminal, and the dscl command.
>dscl localhost <enter>
/LDAPv3 > ls
Try to see if you can access the Directory that way, but I will assume not...
[Updated on: Wed, 22 April 2009 14:42]
Consultant - Humac A/S
Apple Certified Support Professional (ACSP)
Apple Certified Technical Coordinator (ACTC)
AppleSeed/CQF member since 1998
Kerio Messaging Partner
Kerio discussion forums are intended for open communication between forum
members and may contain information and material posted by members which may
be useful in learning about Kerio products. The discussion forums are not
intended to provide technical support for any specific product. Any
information implied or expressed in the discussion forums is that of the
posting member. Kerio is in no way responsible for the information posted in
the forums, or its accuracy. Kerio employees may participate in the
discussions, but their postings do not represent an offical position of the
company on any issues raised or discussed. Kerio reserves the right to
monitor and maintain the forums to promote free and accurate exchange of