Reply

MS DNS Migration to Infoblox

New Member
Posts: 3
1569     0

Hi people!

 

Can anybody help me?

 

I have a HA par of MSDC with DNS service running. I already migrated dhcp service for infoblox nios, now I need migrate DNS service. How can I do the dns records update dinamically after use the Data import Wizard to export the records to infoblox?

 

nios version: 9.0.3

 

 

Re: MS DNS Migration to Infoblox

Adviser
Posts: 60
1570     0

I'm assuming you mean Dynamic DNS?

Firstly, make sure that NIOS permits the domain controller IP addresses to update the Active Directory DNS zone (including the _ subzone). Yes, GSS-TSIG may be more secure but it also brings risks for when it goes wrong. This is done on the DNS zone configuration in NIOS. Edit the zone and go to "Updates" where you can set a list of IP's (or, even better, an ACL)

For DHCP updating client records, recommendation is to disable clients from updating DNS (this is the default with Windows but allows too much privilage). Better to configure the DHCP servers to update the DNS zones as they hand our leases.

Under UI > Data Management > DHCP >Networks > (on the right) Grid DHCP Properties you can set IPv4 DDNS.

If NIOS is both DNS and DHCP, disable "Update DNS on DHCP Lease Renewal". That setting should only be used when NIOS DHCP is updating Microsoft DNS.

Re: MS DNS Migration to Infoblox

New Member
Posts: 3
1570     0

Hi! Thanks for the answer.

 

After this configuration, will user authentication continue to work? If there is a need to put more machines in the domain, will it work by directing DNS to the Infoblox IP?

Re: MS DNS Migration to Infoblox

Adviser
Posts: 60
1570     0

If done correctly, then yes. The endpoints authenticate directly against the Microsoft Domain Controllers. They use DNS to find the Active Directory servers using SRV record type queries as per this page: https://petri.com/active_directory_srv_records/

 

You may find that you have to leave the "Return minimal responses" disabled (Grid > Data Management > DNS > Members/Servers > [Edit Member ] > General > “Return minimal responses”)

Re: MS DNS Migration to Infoblox

New Member
Posts: 3
1570     0

Is there a step-by-step guide for this migration?

Re: MS DNS Migration to Infoblox

Adviser
Posts: 60
1570     0

I'm not aware of one.

 

If you haven't done it before, I recommend a conversation with professional services. Either Infoblox's own or that of a certified partner. They can get familier with your environment, specific requirements and identify any issues that may arise.

 

Re: MS DNS Migration to Infoblox

[ Edited ]
New Member
Posts: 2
1570     0

@SMTI wrote:

Hi people!

 

Can anybody help me?

 

I have a HA par of MSDC with DNS service running. I already migrated dhcp service for infoblox nios, now I need migrate DNS service. How can I do the dns records update dinamically after use the Data import Wizard to export the records to infoblox?

 

nios version: 9.0.3

 

 


Hello,
To dynamically update DNS records after using the Data Import Wizard (DIW) to export records to Infoblox, you can follow these steps: instantink.hpconnected.com

  1. Enable Zone Transfer: Ensure that zone transfer is enabled on your existing DNS server.

  2. Create an Authoritative Zone: Set up an authoritative zone in Infoblox for the domain you're migrating.

  3. Import the Zone: Use the DIW to import the DNS records from your existing setup to Infoblox.

  4. Configure ACLs: Set up Access Control Lists (ACLs) to allow updates from your existing DNS servers to Infoblox.

  5. Point DNS to Infoblox: Configure your existing DNS servers to use Infoblox as the preferred DNS server.

  6. Update DHCP Settings: Ensure that your DHCP servers are configured to send dynamic DNS updates to Infoblox.

This should help keep your DNS records updated dynamically. 

Best Regards,
Michael Gardner

Re: MS DNS Migration to Infoblox

New Member
Posts: 2
1570     0

Hello michael569gardn

 

I hope you're doing well.

 

Could you please clarify the necessity of Step 5? (Point DNS to Infoblox: Configure your existing DNS servers to use Infoblox as the preferred DNS server.)

 

Wouldn't allowing the zone's transfer be sufficient?

 

Thank you in advance for your help!

 

Regards.

Re: MS DNS Migration to Infoblox

Adviser
Posts: 60
1570     0

Assuming you want to migrate away from Microsoft DNS so that Infoblox is the only DNS sever on the network.

 

Once you have got the DNS data into Infoblox, you need to stop the DNS services on the Microsoft DNS servers (domain controllers?) and then update the network interface settings on the domain controllers to use Infoblox as DNS and not themselves. (thus the importance of step 4. Domain controllers MUST be allowed to update the Active Directory DNS domains on Infoblox using Dynamic DNS updates. Without step 4, Active Directory will break).

Showing results for 
Search instead for 
Did you mean: 

Recommended for You