08-23-2017 05:38 AM
As a redundant solution we would like to add a traditional Microsoft Windows DNS server to the Infoblox Grid, for all those zones and entries to be replicated and be able to serve different clients locally instead of sending multiple requests to the grid.
Can you please advise on the procedure involved?
Thank you in advance.
08-23-2017 05:43 AM
You have to purchase the Microsoft Managemt license and depending on your architecture add gridmember(s) to do the communication between the Infoblos Grid and MS DNS/DHCP server(s). Best is to contact your locale Infoblox rep to assist you in design.
08-23-2017 05:46 AM
Thank you for your prompt reply.
What is the Microsoft Managemt license and where can we get it from?
08-23-2017 11:31 AM
A Microsoft Management license is what enables you to connect one or more Microsoft servers to the Infoblox GUI and manage their DNS/DHCP services and AD sites and subnets.
If you are trying to test this feature out, I would suggest simply issuing the command "set temp_license" in the CLI of your Infoblox appliance and install a 60-day trial "Microsoft management license". Available permanent licenses can be downloaded from the Infoblox support website (https://support.infoblox.com), "My Products" section. For capacity planning and/or license purchase, you would want to get in touch with your Infoblox account team.
Having said the above, I would also like to point out that there is a feature named "Identity Mapping" which can pull AD user data from any/all connected Microsoft servers and map them to IPAM. This feature was introduced in NIOS version 7.2.0 and does not require a Microsoft management license to function.
For more information on Microsoft management, please refer "Managing Microsoft Windows Servers" section in the latest NIOS Administrator Guide.
08-24-2017 01:56 AM
Thank you for your reply.
I will go through the NIOS Administrator Guide and let you know whether something else is needed. Are you familiar with this process yourself?
08-28-2017 04:27 PM
Yes, I am familiar with the process.
Adding MS servers to grid and managing their data in RO/RW modes is pretty straight forward. However, you may want to verify the below.
1. The remote procedure calls made by Infoblox are destined for TCP ports # 135 and 445 and therefore you would want to ensure that these ports are open on any firewalls in between AND on the windows firewall itself (should be open by default).
2. Older versions of NIOS used SMBv1 for MS server access and if SMBv1 is specifically disabled on your windows servers due to security concerns, this feature will not work. NIOS version 8.2.0 and newer, supports the following versions of SMB(Server Message Block) protocol for Microsoft Windows servers: SMB version 1 (SMBv1), SMB version 2.x (SMBv2.x), and SMB version 3.x (SMBv3.x).
3. Based on the number of DNS zones, DHCP scopes, their data, other features being utilized such as Identity mapping/AD sites and subnets, number of MS servers being synced and any protocols already being served authoritatively by your Infoblox boxes, you would also want to do some capacity planning and calculation by contacting your Infoblox account team.