SSSD fails to perform dynamic DNS Update: Could not resolve address for this machine, error: Timeout while contacting DNS servers

Solution Verified - Updated -

Issue

  • RHEL host joined to AD domain fails to perform dynamic DNS update.

  • SSSD debug log returns Timeout while contacting DNS servers indicates that DNS server is unreachable:

    (2025-08-06 10:54:46): [be[ad.example.com]] [ad_dyndns_update_send] (0x0400): Performing update

<...>

(2025-08-06 10:54:46): [be[ad.example.com]] [resolv_is_unix] (0x4000): [rhel.ad.example.com] does not look like a unix domain socket
(2025-08-06 10:54:46): [be[ad.example.com]] [resolv_is_address] (0x4000): [rhel.ad.example.com] does not look like an IP address
(2025-08-06 10:54:46): [be[ad.example.com]] [resolv_gethostbyname_step] (0x2000): Querying DNS
(2025-08-06 10:54:46): [be[ad.example.com]] [resolv_gethostbyname_dns_query] (0x0100): Trying to resolve A record of 'rhel.ad.example.com' in DNS

<...>

(2025-08-06 10:54:47): [be[ad.example.com]] [resolv_gethostbyname_done] (0x0040): querying hosts database failed [5]: Input/output error
(2025-08-06 10:54:47): [be[ad.example.com]] [nsupdate_get_addrs_done] (0x0040): Could not resolve address for this machine, error [5]: Input/output error, resolver returned: [12]: Timeout while contacting DNS servers
(2025-08-06 10:54:47): [be[ad.example.com]] [nsupdate_get_addrs_done] (0x0040): nsupdate_get_addrs_done failed: [5]: [Input/output error]
(2025-08-06 10:54:47): [be[ad.example.com]] [sdap_dyndns_dns_addrs_done] (0x0040): Could not receive list of current addresses [5]: Input/output error
(2025-08-06 10:54:47): [be[ad.example.com]] [ad_dyndns_sdap_update_done] (0x0040): Dynamic DNS update failed [5]: Input/output error
(2025-08-06 10:54:47): [be[ad.example.com]] [sdap_id_op_destroy] (0x4000): releasing operation connection
(2025-08-06 10:54:47): [be[ad.example.com]] [sdap_id_conn_data_idle] (0x4000): Marking connection as idle
(2025-08-06 10:54:47): [be[ad.example.com]] [be_ptask_done] (0x0040): Task [Dyndns update]: failed with [5]: Input/output error

  • The hostname needs to be set in DNS server is rhel.ad.example.com.

  • System hostname is set to a short hostname:

    # hostname
rhel

  • Fully qualified domain name (FQDN) is set in sssd.conf

    # cat /etc/sssd/sssd.conf | grep hostname
ad_hostname = rhel.ad.example.com

  • The hostname is set in /etc/hosts

    # cat /etc/hosts
127.0.0.1      localhost localhost.localdomain localhost4 localhost4.localdomain4
::1            localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.1.200  rhel.ad.example.com rhel

  • In addition, dig shows the DNS server is reachable, and the hostname is resolved.

    # dig rhel.ad.example.com

<...>

;; ANSWER SECTION:
rhel.ad.example.com.    3600    IN  A   192.168.1.200

;; Query time: 1 msec
;; SERVER: 192.168.1.100#53(192.168.1.100) (UDP)
;; WHEN: Wed Aug 06 11:03:12 AEST 2025
;; MSG SIZE  rcvd: 66

Environment

  • Red Hat Enterprise Linux 8
  • Red Hat Enterprise Linux 9
  • Red Hat Enterprise Linux 10
  • Active Directory (AD)
  • System Security Services Daemon (SSSD)

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content