02-03-2017 11:04 AM
I'm doing a lab where Windows and Infoblox are sync'd together.
Zones are sync'd as well as DHCP, I can see records created on Windows duplicated in Infoblox no problem.
I tried adding a record, and then when I query the Windows IP for the record I get a response.
When I query Infoblox IP, I get a servfail. Although I enabled recursion and queries from all addresses. I tried many things but I couldn't find what it could be. I'm guessing will be a simple option that I can point out.
Thanks a lot in advance.
02-03-2017 01:38 PM
If you are synchronizing zones from a Microsoft DNS server, by default, your Infoblox server will not be assigned to those zones so any queries to your Infoblox server would be resolved recursively.
If your MS sync is configured with read/write access, you can edit the properties for the zone through your Infoblox Grid Manager GUI and in the Name Servers tab, assign your Infoblox server(s) as a Grid Secondary. Once you save this and restart services, try testing the queries again.
Alternatively, you can also assign your Infoblox server(s) as a name server to the zone through the Microsoft DNS MMC. If your MS sync task is setup as readonly, you may need to make the change this way.
02-04-2017 02:21 AM
I already had read/write access.
But I guess It was solved when I allowed Zone Transfers inside my Windows DNS and notifies to the Grid.
I think Infoblox can edit the zone files in Windows due to the read write access, however, dns zone transfers is a different thing and is handled separately, after I enabled zone transfers, Infoblox was able to respond.
I tried also the opposite, making infoblox primary for a test zone and windows secondary, and windows wasnt able to respond until I enabled zone transfers to Windows.
My confusion was, if you have read/write access, you should be able to enable transfers automatically but I guess it isn't the case. Correct me if I'm wrong.
02-06-2017 04:29 AM
Yes the Object syncronised via MGMT license is diffrent than zone transfer.
If the privillages are correct you would be able to see the records in sync however resolution wont work until the records comes via zone transfer, I believe the secondary zone data is not kept as part of DB as well.