We suddenly had difficulties again logging in to our F5 equipment yesterday. This time it happened on all our F5 equipment located in our DMZs. It turns out, for some unknown reason, that the /etc/resolv.conf file on all our F5 equipment had the following directive:
search localhost.com
We did not add this intentionally, so I don't know how/when this was added. But
localhost.com is a valid internet domain and apparently whoever hosts this domain is having trouble with their DNS servers - nslookup on localhost.com varies between timeouts, a valid address, and an address in the 10.x.x.x/8 private address space. By performing network traces, I could see that the F5 equipment was appending
localhost.com to its attempts to resolve our Active Directory domain name in DNS. But since the
localhost.com DNS server was having trouble, our login attempts were timing out.
By commenting out the
search directive in /etc/resolv.conf and restarting httpd, our logins recovered. Our internal F5 units were not affected because they can not resolve Internet names.
Wow, we were lucky to figure this one out. This is another good thing to check if you are having AD auth problems.