You are here: Troubleshooting > Disjointed Namespaces

Disjointed Namespaces

A disjointed namespace occurs when the primary Domain Name System (DNS) suffix of a computer does not match the DNS domain of which it is a member. Defining a network environment with disjointed namespaces (intentionally or accidentally) can cause many different types of communication and authentication failures.

For Intel AMT, these failures can be related to:

Solution:

If integration with Active Directory (AD) is enabled, during configuration Intel SCS sends a request to create an AD object for the Intel AMT device. Some of the entries in this object define parameters used in Kerberos tickets. For example, the DNS Host Name and the Service Principal Names (SPNs). If these entries in the AD object are configured using the correct DNS name, problems with disjointed namespaces can be avoided. For example, “Object 2” in this diagram was created by Intel SCS using an FQDN in the Intel AMT device (System1.DDC.com) that matches the DNS name.

To implement this solution:

  1. Check in the DNS to find the correct name that can be resolved using DNS resolution. This name needs to be inserted into the FQDN of the Intel AMT device.
  2. Use Intel SCS to configure/reconfigure the Intel AMT device with the required FQDN. Intel SCS includes several options for the source it can use when inserting the FQDN into the Intel AMT device (see Defining IP and FQDN Settings).