Product Documentation

DNS Services

Jun 05, 2015
CloudPortal Services Manager DNS Services provide Domain Name Service (DNS) hosting from the cloud. DNS Services require no installation and use a WMI connection to the DNS server. DNS Services support Windows (WMI) and BIND (UNIX) DNS.

Prerequisites

  • Firewalls: Open DNS port (53) and RPC ports (various) bi-directionally between the DNS server(s) and both the CortexWeb and Provisioning servers.

    RPC uses random ports above port 1056, therefore non-stateful inspection firewalls might require open ports above 1056.

  • DNS service account used for provisioning: Add to the local administrators group.
  • DNS environment:
    • Computer name must have a DNS suffix.

      If the DNS server is outside of the CloudPortal domain, the DNS suffix for the CloudPortal domain must be on the DNS server.

    • DNS application must have a zone for the DNS suffix.
    • DNS zone must have an "A" DNS record.

      If the DNS server is outside of the CloudPortal domain, the DNS "A" record must be in the format dnsServerName.CloudPortalDomain.

      Example: Suppose an external DNS (DNS01) is in a workgroup and the CloudPortal Services Manager is in the domain cloudportal.com. In that case, a DNS record DNS01.cloudportal.com must be on the external DNS.

    • User Access Control (UAC) must be removed from each DNS server.

To configure DNS Services

  1. Enable the service (top level): From the main menu, choose Configuration > System Manager > Service Deployment, expand DNS, and click Save.
  2. Enable the service (location level): Under Service Filter, select Active Directory Location Services, choose a Location Filter if applicable, expand DNS, and click Save.
  3. Add the credentials for the DNS service account: From the main menu, choose Configuration > System Manager > Credentials and create the account, using the fully-qualified domain name.
  4. Enable the server:
    1. From the main menu, choose Configuration > System Manager > Servers.
    2. If the DNS server is not listed, click Refresh Server List.
    3. Expand the entry for the server and verify that Server Enabled is selected.
  5. Assign server roles to each DNS server:
    1. From the main menu, choose Configuration > System Manager > Server Roles, choose a Location Filter if applicable, and then expand the entry for a server that will host the DNS zones.
    2. Under Server Roles, select DNS, and then click Save. The DNS role is used for both Windows DNS and BIND DNS.
  6. Update service settings as needed: From the main menu, choose Configuration > System Manager > Service Deployment, select Active Directory Location Services, choose a Location Filter if applicable, expand DNS, and then click Service Settings. Required settings:
    DNS Credentials
    Required credentials that have read and write access to the DNS server.
    Is Server 2008 Provisioning
    Select the check box if you use Microsoft Server 2008 for provisioning.
    Primary DNS Server
    Choose the server that hosts the DNS service.
    (Optional) Secondary DNS Server
    Select the check box for each secondary DNS server to be used. All secondary servers regularly perform zone transfers from the primary server to provide redundancy and load balancing.
    SOA Responsible Person
    Enter the email address of the person responsible for administering the domain's Start of Authority (SOA) record.
    Update Method
    Choose WMI (Windows) or UNIX (BIND).
    Zone Credentials
    Choose the credentials for managing DNS zones.
  7. To verify the configuration: Provision the DNS service to a customer and then go to Services > DNS > DNS Records to create test records. The service is working correctly if no errors occur during record creation.