Submit a ticketCall us

Looking to compare latest NPM features with previous versions of NPM?
The NPM new feature summary offers a comparison of new features and improvements offered with this release.

 

Home > Success Center > Failover Engine (FoE) > How to Configure DNS with SolarWinds Orion Failover Engine in a WAN Environment

How to Configure DNS with SolarWinds Orion Failover Engine in a WAN Environment

Created by Erin Stenzel, last modified by MindTouch on Jun 23, 2016

Views: 13 Votes: 0 Revisions: 5

Overview

Orion Failover Engine is designed to integrate with DNS technology where the DNS is itself integrated with the Active Directory. SolarWinds recommends that Orion Failover Engine is installed in an Active Directory Integrated DNS environment. For more information about Orion Failover Engine and DNS integration, please refer to the Related Information below. Domain Name System (DNS) provides efficient name resolution and interoperability with standards-based technologies. Deploying DNS in your client/server infrastructure enables resources on a TCP/IP network to locate other resources on the network by using host name-to-IP address resolution and IP address-to-host name resolution. The Active Directory service requires DNS for locating network resources.

Environment

  • Orion Failover Engine (FoE) any version

Resolution

Active Directory Integrated Environments

SolarWinds recommends that Orion Failover Engine be installed in an Active Directory Integrated DNS environment.

 

In a standard DNS zone, there can be one primary and multiple secondary DNS servers. The primary will be the Start of Authority (SOA) server for that zone and the other servers will be secondary. When adding a new host record (e.g. new server is added into the zone) the record will be inserted only in the primary DNS server. The information will be available on the secondary servers during the replication process between the primary and secondary servers.

 

In an Active Directory (AD) Integrated DNS environment, all servers are updated within the AD through multi-master replication (a change on any one server will be replicated to all other Active Directory databases).

For instructions on how to convert to an Active Directory Integrated DNS environment, please see the Related Information below.

 

When installing Orion Failover Engine in a WAN configuration, Orion Failover Engine automatically creates and configures the tasks needed to run DNSUpdate.exe. SolarWinds Orion Failover Engine Setup gathers the required information during the installation process and uses that information to configure the DNSUpdate task.

 

If Orion Failover Engine was initially installed in a LAN configuration and then later changed to a WAN configuration or problems are encountered with the operation of DNSUpdate.exe, please refer to SWREFID-1939 'How to Correct Problems when DNSUpdate Encounters secondary DNS Servers with Orion Failover Engine’ for information about how to configure the DNSUpdate task.

Non-Active Directory Integrated Environments

 

Recommendation:

SolarWinds recommends that if the current environment is not Active Directory integrated, that migration to Active Directory integrated be performed prior to installing any Orion Failover Engine solution. Please see 'Related Information' below for Microsoft Knowledge Base articles for procedures on how to migrate to an Active Directory integrated environment.

 

Workaround:

In the event that Active Directory integration is not possible or not desired, the DNSUpdate utility can be configured to update specific DNS servers when identified by IP address.

 

To update DNS servers using the DNSUpdate utility in a non-Active Directory integrated environment, follow the steps below:

  1. Launch the SolarWinds Orion Failover Manager.
  2. Select the Applications: Tasks tab.
  3. Click on the User Accounts button.
  4. Click the Add button.
  5. Enter the credentials for an account with rights to update the DNS (a member of the Administrators or Server Operators group on the target server).
  6. Click OK, and then Close.
  7. Click the Add button to add a new task.
  8. Provide a descriptive name for the 'Task' (i.e. DNSUpdate).
  9. Select Network Configuration for Task type.
  10. Select either primary or secondary for the server the task should run on as appropriate.
  11. In the Command field, enter the "DNSUpdate" with appropriate flags as shown below in the example.
  12. In the 'Run As' field select the user appropriate user account from the drop down and then click OK.

 

Example: 

 

DNSUpdate.exe -ns 10.0.0.1 -r 172.16.0.1 -a 172.17.0.1 -name thehost -domain bla

 

 

PARAMETER DESCRIPTION IN EXAMPLE
-ns Update this Domain Name Server 10.0.0.1
-r Remove this ipaddress 172.16.0.1
-a Add this ipaddress

172.16.0.2

-name

Name of the server

thehost
-domain Domain Name bla


In some cases, when updating standalone Windows-based DNS Server and due to non-AD membership of servers, account used to update DNS was throwing access denied error. You can see the error when running DNSUpdate in debug mode (add -d option in command line):

Command failed:  ERROR_ACCESS_DENIED     5  (00000005)

To work on that you will have to use following command on the FoE server

 

dnscmd.exe /Config /RpcAuthLevel 0

 

 

Last modified
19:28, 22 Jun 2016

Tags

Classifications

Public