- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
MS DNS Migration to Infoblox
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-17-2024 06:08 PM
Hi people!
Can anybody help me?
I have a HA par of MSDC with DNS service running. I already migrated dhcp service for infoblox nios, now I need migrate DNS service. How can I do the dns records update dinamically after use the Data import Wizard to export the records to infoblox?
nios version: 9.0.3
Solved! Go to Solution.
Re: MS DNS Migration to Infoblox
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-18-2024 07:27 AM
I'm assuming you mean Dynamic DNS?
Firstly, make sure that NIOS permits the domain controller IP addresses to update the Active Directory DNS zone (including the _ subzone). Yes, GSS-TSIG may be more secure but it also brings risks for when it goes wrong. This is done on the DNS zone configuration in NIOS. Edit the zone and go to "Updates" where you can set a list of IP's (or, even better, an ACL)
For DHCP updating client records, recommendation is to disable clients from updating DNS (this is the default with Windows but allows too much privilage). Better to configure the DHCP servers to update the DNS zones as they hand our leases.
Under UI > Data Management > DHCP >Networks > (on the right) Grid DHCP Properties you can set IPv4 DDNS.
If NIOS is both DNS and DHCP, disable "Update DNS on DHCP Lease Renewal". That setting should only be used when NIOS DHCP is updating Microsoft DNS.
Re: MS DNS Migration to Infoblox
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-21-2024 05:10 AM
Hi! Thanks for the answer.
After this configuration, will user authentication continue to work? If there is a need to put more machines in the domain, will it work by directing DNS to the Infoblox IP?
Re: MS DNS Migration to Infoblox
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-21-2024 05:44 AM
If done correctly, then yes. The endpoints authenticate directly against the Microsoft Domain Controllers. They use DNS to find the Active Directory servers using SRV record type queries as per this page: https://petri.com/active_directory_srv_records/
You may find that you have to leave the "Return minimal responses" disabled (Grid > Data Management > DNS > Members/Servers > [Edit Member ] > General > “Return minimal responses”)
Re: MS DNS Migration to Infoblox
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-21-2024 06:34 AM
Is there a step-by-step guide for this migration?
Re: MS DNS Migration to Infoblox
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-21-2024 06:49 AM
I'm not aware of one.
If you haven't done it before, I recommend a conversation with professional services. Either Infoblox's own or that of a certified partner. They can get familier with your environment, specific requirements and identify any issues that may arise.
Re: MS DNS Migration to Infoblox
[ Edited ]- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-22-2024 01:23 AM - edited 10-22-2024 09:13 PM
@SMTI wrote:Hi people!
Can anybody help me?
I have a HA par of MSDC with DNS service running. I already migrated dhcp service for infoblox nios, now I need migrate DNS service. How can I do the dns records update dinamically after use the Data import Wizard to export the records to infoblox?
nios version: 9.0.3
Hello,
To dynamically update DNS records after using the Data Import Wizard (DIW) to export records to Infoblox, you can follow these steps: instantink.hpconnected.com
Enable Zone Transfer: Ensure that zone transfer is enabled on your existing DNS server.
Create an Authoritative Zone: Set up an authoritative zone in Infoblox for the domain you're migrating.
Import the Zone: Use the DIW to import the DNS records from your existing setup to Infoblox.
Configure ACLs: Set up Access Control Lists (ACLs) to allow updates from your existing DNS servers to Infoblox.
Point DNS to Infoblox: Configure your existing DNS servers to use Infoblox as the preferred DNS server.
Update DHCP Settings: Ensure that your DHCP servers are configured to send dynamic DNS updates to Infoblox.
This should help keep your DNS records updated dynamically.
Best Regards,
Michael Gardner
Re: MS DNS Migration to Infoblox
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Monday
Hello michael569gardn
I hope you're doing well.
Could you please clarify the necessity of Step 5? (Point DNS to Infoblox: Configure your existing DNS servers to use Infoblox as the preferred DNS server.)
Wouldn't allowing the zone's transfer be sufficient?
Thank you in advance for your help!
Regards.
Re: MS DNS Migration to Infoblox
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Monday
Assuming you want to migrate away from Microsoft DNS so that Infoblox is the only DNS sever on the network.
Once you have got the DNS data into Infoblox, you need to stop the DNS services on the Microsoft DNS servers (domain controllers?) and then update the network interface settings on the domain controllers to use Infoblox as DNS and not themselves. (thus the importance of step 4. Domain controllers MUST be allowed to update the Active Directory DNS domains on Infoblox using Dynamic DNS updates. Without step 4, Active Directory will break).