Comment 60 for bug 94940

ShineOn (shineon1) wrote :

Regarding Microsoft suggesting in their documentation to use .local as the tld for an Active Directory domain, that's just an example, not really a suggestion, as in "you might want to use a name such as "mycompany.local". This was back before the major problems with the .local TLD and Bonjour/Rendezvous/zeroconf hit the fan, and the link Aaron C. de Bruyn gave in 2007 is to one document, from 2003, that had that unfortunate example.

More recently, since 2004 actually, Microsoft has acknowledged the proposed reservation of .local as the TLD for mDNS search, and strongly recommend against using .local for your AD domain TLD. Further, they now recommend against using any other "illegal" TLD, because, as with .local, you never know when that TLD will suddenly become legit, causing you all sorts of havoc, like those Microsoft victims, er, users that were unfortunate enough to take the earlier example as gospel.

Microsoft now recommends that you use a "private" subdomain of your company's registered domain, like "" or "" or whatever, where the TLD/registered domain is or, respectively. Again, those are examples, and not gospel...

As to this issue with avahi, it's still an issue if you are in that group that still uses .local as your AD TLD. What I did to work around it was to put "dns" in front of "mdns4_minimal" in the hosts: line of nsswitch.conf. There's still a lag, but it at least resolves by fqdn now, letting me join the Linux box to the AD domain, without removing avahi.