DNS domain up transfer.

Similar Messages

• LDAP supporting multiple DNS domains

  I have an environment with multiple DNS domains, and am configuring a Directory server (DS 6.3.1) to centralize various OS configuration maps including user authentication. None of the DNS domains have unique data, so I'd like to do something like storing all the real data in one suffix, then somehow have all clients look to that primary suffix. I am aware that the Solaris Native LDAP client wants to bind to a nisDomainObject that matches its DNS domain. I'm just having a hard time believing that I really need to manage all those individual suffixes when they don't have unique data requirements.
  Take as an example the following domains to be supported: foo.example.com, bar.example.com, dev.example.com, qa.example.com, prd.example.com (no hosts are actually in "example.com", they are all in subdomains). Again, all share common configuration data, same user IDs, etc - no unique maps are required.
  I created a suffix, "dc=example, dc=com", set it up with idsconfig. All is well there.
  [A] My first thought is to bind all Solaris clients, regardless of their DNS domain, to the baseDN of "dc=example, dc=com" in order to avoid having a separate suffix for each DNS domain. I tried to do this using "-a defaultSearchPath=dc=example,dc=com" with ldapclient init, but it failed with an error indicating it wants to see the nisDomainObject of its real DNS domain.
  The second though I had, which I don't believe is possible, is to find some sort of a LDAP equivalent of a symbolic link so that I could actually have an object for each DNS domain, but it would simply point back to "dc=example,dc=com". I can't find anything in the documentation which suggests this is possible, but I'd love to be wrong!
  [C] Perhaps this could be somehow done with a rats nest of SSDs, but that really seems unwieldy, right? I plan on using a fair amount of the available objects, so it would be many SSDs per suffix. Yuck.
  Can anyone comment on my above thoughts, or provide how they would go about supporting multiple DNS domains that have common configuration data?
  Thank you,
  Chris

  Ok, I answered my own question. Turns out it's pretty easy. Just use the "-a domainName=example.com" option with `ldapclient` then make sure that the FQDN of the LDAP server is available (or use its IP address). My problem was that the ldapclient overwriting nsswotch.conf was clobbering the SSL session because I used the FQDN which couldn't resolve.
  This leaves an interesting condition of having the output of "domainname" not match the DNS domain. I'm testing now to see if this causes any unexpected issues with our environmnet, but I suspect it's not a problem.

• Multiple DNS Domain support in Single instance of Portal

  Can BEA portal support multiple DNS domains in a single instance of BEA Portal.
  For example can I setup portal to respond as bothe www.xxx.com and www.yyy.com
  and keep those urls as trhough the entire portal?

  Hi,
  thanks for your quick response. You mean we should run only one copy of the package I mentioned and seperate the plants and machines by logic implemented in the package? Well, I think this is critical in case of deploying a new version, since all machines at all sites won't have the system available at the same time. At the moment we do not have things in the system that are needed to go on with production, but we have planned to implement some things that will be indispensable and in this stage we need a clear seperation of the plants to minimize the risk of a simultaneous stand at all plants.
  Thanks for your suggestion and best regards,
  Matthias

• Jabber and Multiple DNS Domains

  have a customer that is running into some "minor" issues in getting Jabber to work well on their mobile devices.
  The issues revolves around I think a DNS issue in that their Internet domain is "mycomp.com" while inside they are "corp.mycomp.local"
  Am I correct in that this is easily fixed for the expressway-E and expressway-C is to have the following setup:
  On the External DNS server
  _collab-edge.tls.mycomp.com  =>  expresswaye.mycomp.com
  On the Internal DNS server:
  _cisco-uds._tcp.mycomp.com => cucm1.corp.mycorp.local
  _cisco-uds._tcp.corp.mycomp.local =>  cucm1.corp.mycomp.local
  If the Expressways are configured correctly, then this should work and the credentials for the users should be the same instde and out, OR am I missing something?
  Thanks

  Hi Richard,
  Please check the following links
  https://ciscocollab.wordpress.com/2014/07/23/collaboration-edge-mra-with-split-dns-domains/
  http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/jabber/Windows/9_7/CJAB_BK_C606D8A9_00_cisco-jabber-dns-configuration-guide/CJAB_BK_C606D8A9_00_cisco-jabber-dns-configuration-guide_chapter_010.html#CJAB_TK_D380F2C5_00
  HTH
  Manish

• DNS Domain name ISE 1.2

  Question:  Can the DNS domain name in ISE 1.2 be differnt from the AD domain that ISE is joined to?
  Situation:  I have an internal AD domain 'mydomain.local'.  Currently ISE is setup with mydomain.local as it's dns domain it's FQDN is isebox.mydomain.local, it is also joined to that domain.  The problem comes with the certificate for HTTPS sites (management, guest, etc...) specifically guest.  If I use a certificate for isebox.mydomain.local, guest users (that do not have our internal ca) will get a certificate error.  The certificate used for HTTPS sites in ISE has to match the hostname of ISE.  This seems to me to be an unresolvable problem.  I have to have mydomain.local as the DNS domain, so that I can join ISE to mydomain.local.  But if I use that domain then I can't issue a public cert for the ISE box, because I can't get a public cert for a .local domain.
  My idea was to define the DNS domain as a public domain (abc123.com) but still join it to my internal domain (mydomain.local).  I have found some vauge references to this not being a supported configuration, and even that it doesn't work at all.  Could someone please tell me if this works?  Or better yet, some better/easer way to solve this prolem.
  Thanks!

  Hello John
  Cisco ISE supports integration with a single Active Directory identity source. Cisco ISE uses this Active Directory identity source to join itself to an Active Directory domain. If this Active Directory source has a multidomain forest, trust relationships must exist between its domain and the other domains in order for Cisco ISE to retrieve information from all domains within the forest.
  However, you may create multiple instances for LDAP. Cisco ISE can communicate via LDAP to Active Directory servers in an untrusted domain. The only limitation you would see with LDAP being a database that it doesn't support PEAP MSCHAPv2 ( native microsoft supplicant). However it does suppport EAP-TLS.
  For more information you may go through the below listed link
  http://www.cisco.com/en/US/solutions/collateral/ns340/ns414/ns742/ns744/docs/howto_45_multiple_active_directories.pdf

• DNS record is not dynamically created in DNS Zone, when joining to DNS domain

  hi
  in my test lab i have deployed two virtual machines (both are windows server 2008 R2 enterprise).
  on vm1 i have installed just DNS role (without Active directory) and created a primary non-ADintegrated zone.
  on this DNS zone, i have enabled dynamic update set to
  non-secure & secure .
  now in my vm2 (as a DNS client) , i set the ip address of this DNS server as preferred DNS server and then in system properties, on the primary DNS suffix field, i entered the name of my DNS domain (mydomain.lab)& rebooted VM2, but the a record of this
  client (vm2) is not registered (created ) in mydomain.lab zone.
  i respect the record be created like the situations which we join a client to AD domain 

  Hi  John ,
  When registering DNS record ,client will send a SOA query to find the primary server of the zone .Then send register message to the server .
  We can use nslookup to find the problem :
  Open Command Prompt
  type nslookup
  type set type=soa
  type zone name
      1. If there is positive response ,check the name of
  primary name server and the IP address of the server .
  Its name should be vm1.mydomain.lab .If not ,edit the SOA record in the zone .
  If no IP address ,edit NS record in the zone .
      2. If there is no response ,check the SOA record in the zone .
  We can manually delete and recreate the records to ensure there are right SOA and NS records .
  Here is the guide for using nslookup :
  Nslookup :
  https://technet.microsoft.com/en-us/library/cc940085.aspx
  Best Regards,
  Leo
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]
  Hi Leo, thanks for reply.
  i did all steps you mentioned but still no result.
  i put an screenshot of my desktop here , everything is shown here:

• TREX Patch Installation ERROR - DNS Domain Name

  Dear all,
  I have been facing a problem with a TREX Installation and I would like to request your help.
  After successfully installing a portal (EP 7)  and a TREX instance (7.00), I encountered the following error
  while trying to install the TREX patch.
  The Error that pops-up is the following:
  "unknown message ID (osmod.hosts.getHostByAddress2) with parameter(s): -84.-230.-250.114".
  This error appears when the installation reaches the 'DNS Domain Name' step.
  The installation cannot procceed without resolving this issue.
  I have been trying to install patch 49, which I have successfully installed in other TREX instances so there
  should be no error with the binaries.
  Has anyone come across a similar situation?
  I would appreciate your input on the matter
  Thanks in advance,
  Kontogianni Eleni
  Edited by: Eleni Kontoyanni on May 20, 2011 2:36 PM

  Dear Eleni,
  The issues that I have encountered where unrelated, otherwise I would have mentioned them for you as a clue
  But what I was trying to say is that although sometimes prerequisites look OK there can be a bug or exception in the SAP coding that might cause this. Examples of these non-related issues are:
  -  https://service.sap.com/sap/support/notes/1114042
  and
  - when using the KM Portal Drive with a description that is "to long" connection is suddenly not possible.
  I therefore advise you to open an OSS message @ SAP Support.
  Cheers,
  Benjamin

• SAP NetWeaver DNS Domain Name System for SAP?

  Hi all,
  I need to install SAP Netweaver 7:01 SR1 ABAP Trial Version.
  I use Microsoft Windows XP.
  During the installation process asks the DNS Domain Name System for SAP.
  What should I put in this field?
  Following is the result of ipconfig:
  Ethernet adapter Local Area Connection 2:
  Connection-specific DNS Suffix....:
  IP Address.....................................: 10.10.0.10
  Subnet Mask..................................: 255.255.255.0
  Default Gateway...........................:
  The name of my machine is solaris.
  In the host file put the following:
  10.10.0.10 solaris
  I very much appreciate if someone can help me.
  Viviane

  Hi Viviane,
  Please check this thread:
  Error:Reverse lookup of address failed:(NW7.01ABAPTrailVersionInstallation)
  http://en.wikipedia.org/wiki/Domain_name_system
  Hope it helps.
  Regards,
  Arun

• DNS Domain Name for SAP System

  Hi,
  I am installing BI7.1 , it is asking for DNS Domain Name for SAP System.
  What to give i dont know please some one help
  Thanks,
  Jack

  Hi,
  Pls chk this link;
  http://en.wikipedia.org/wiki/Domain_name_system
  https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/docs/library/uuid/994a06ed-0c01-0010-878b-e796a9060209
  Regards
  CSM Reddy

• Dns domain name change

  I have just change the DNS domain name of my ISE from CLI and restarted the appliance (its a 3395 appliance)
  However,, when i log in via GUI it doesnt reflect the new dns name.
  Any ideas please?

  let's see my task as follows;
  1.change ip domain-name =xxx
  2.ISE will ask you to restart app service then answer yes
  3. i make "write memory"
  4. i reload the ise
  you choose check the dns name in forward zone and reverse zone too.
  These are what i do if i require to change ise information
  Sent from Cisco Technical Support Android App

• ACI restrict read access to certain DNS domains

  Hello all. I need help with creating an ACI. We have telephonenumber populated in our directory. We want people under our domains to allow people to read the value of telephonenumber, but not anyone outside our domain. I've created an aci that allows read and search of telephonenumber from our DNS domains, however people outside those domains still have access. I tried removing telephonenumber from the Anonymous Access list, but then even people in our domains can't read the value. So, any help on this would be greatly appreciated.
  Thanks,
  Bob Jones

  Hi Bob,
  It sounds like the new ACI you created probably wasn't working in the first place. If removing the attribute from the anonymous ACI removed everyone's view of telephonenumber - that was the ACI that was being used to access the attribute in the first place.
  Can you post a sample of the ACI you are trying to utilize to grant access to telephonenumber - that might be quickest ....

• Different DNS domain name

  We have an architecture compose of two gateways and one portal/profile server, the are all respondig under the same DNS domain name, "domainname.ca". The client is looking to installed a third gateway under a different DNS domain name "newdomainname.com", but want to use the same portal/profile server.
  Is this possible, if so how?

  Hello,
  Try to edit the unknown server. After this click "Resolve". Your IP address will appear.
  Click OK and now your server will have an associated IP address.
  Regards.
  Seb.
  Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

• Get DNS-domain with dhcp

  My system gets it ip adress via dhcp but not its DNS domain. I've configured my dhcp server to transmit the DNS domain and this works fine with linux and windows systems. My OSX DNS suffix is always .local . Is this normal?

  I was told at a training course it's a "Security" feature but I'm not so sure about that.
  Is showing the DNS server address NOT a good idea ?
  When my PC Techs look at one of my Macs, they keep on telling me the macs don't have a DNS, I tell them - run the "ipconfig getpacket en0" command - and then they are happy...
  Mitch
  I would actually like to know the REAL reason why the DNS's don't show up !

• Difference between 006 DNS Servers and 015 DNS Domain Name

  hi,
  what's difference between 006 DNS Servers and 015 DNS Domain Name?
  please guide me.

  Hi
  Option 006 DNS servers           = IP Address of your DNS Server, e.g, 10.10.10.1
  Option 015 DNS Domain Name       = test.local, your domain name.
  Hope this helps. Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

• Instructing clients on domain name transfer

  I was wondering what the easiest way is to instruct a client how to transfer their domain name from a previous host to a new one. Do you simply give them the information fom the "Whois" lookup? Do you contact the previous host yourself? What do you do?

  So that would be asked with this question:
  How do I get access to the domain registration account so that I can change the DNS pointers?
  And the answer is either of the following -
  *  Get the domain registration account login information from the client (they were given this when they registered the domain name), log in to the account, and edit the DNS pointers.
  OR
  * Have the client contact the domain registrar and ask them for the domain registration login info.  They may have to do a song and dance to get this, but they will get it.  Have them give that info to you.  Then continue with the first item above.