swefredde
Mission Specialist
Mission Specialist
  • 733 Views

DNS setup for fresh IdM with DNS

Jump to solution

Hi,

Let's say you are in charge of the DNS server handling the domains "domain.tld" and "168.192.in-addr.arpa".

Now you want to install the IdM with DNS covering the sub1.domain.tld and, say, 5.168.192.in-addr.arpa.

To install IdM you need to have DNS resolution work but what is the recommended way to solve this situation without getting errors like "Domain 5.168.192.in-addr.arpa is already handled by <Parent-DNS>"? It's kind of a Catch22 isn't it. What's the trick?

1 Solution

Accepted Solutions
writertech
Mission Specialist
Mission Specialist
  • 570 Views

you'd have to have 5.168.192.in-addr.arpa delegated to you, just like sub1.domain.tld would have to be delegated to you.. your IdM IP space should be separate from the rest of the domain (domain.tld) space (in a perfect world). it becomes a huge mess when you have overlaps with domain.tld, ad.domain.tld, idm.domain.tld, unless they all have their own IP space

View solution in original post

8 Replies
writertech
Mission Specialist
Mission Specialist
  • 571 Views

you'd have to have 5.168.192.in-addr.arpa delegated to you, just like sub1.domain.tld would have to be delegated to you.. your IdM IP space should be separate from the rest of the domain (domain.tld) space (in a perfect world). it becomes a huge mess when you have overlaps with domain.tld, ad.domain.tld, idm.domain.tld, unless they all have their own IP space

swefredde
Mission Specialist
Mission Specialist
  • 527 Views

Hi, and thanks for the answer. I agree to what you write.

The question was more "who is answering your DNS requests for the idm servername/ip-number if the parent is forwarding/delegating your questions to the server itself and the server hasn't been setup  to handle dns yet".

0 Kudos
writertech
Mission Specialist
Mission Specialist
  • 481 Views
Basically, you need stub records in place for the new domain (standard practice) which would always need to be in place for the new domain to be utilized (found/forwarded to - which DNS handles automatically if the stub records are there). Specifically, in domain.tld you have NS entries for sub1.domain.tld for your first server, ex; (sub1 NS idm1.sub1.domain.tld.), and a stub A record so it can find it, ex again in domain.tld; (idm1.sub1 A ip.ad.dr.ess). This has to get adjusted any time you add or remove additional IdM servers/replicas, the stubs and NS records have to match after you add new ones, and removed before you decommission any.
0 Kudos
Juan17
Cadet
Cadet
  • 399 Views
Pagos filas
Tags (1)
0 Kudos
Juan17
Cadet
Cadet
  • 399 Views
Pagos filas
0 Kudos
Juan17
Cadet
Cadet
  • 399 Views
Pagos filas Juan 17
0 Kudos
  • 204 Views

Hello,

 

Am trying to setup IDM with integrated DNS and AD DNS to resolve the IDM host.

AD domain = training.com

IDM domain = nix.training.com

IDM Host = rhel-idm-s-01.nix.training.com

Now when i try to create a stub zone in AD for IDM domain, its giving error while validating the IDM domain as IDM domain (DNS) not yet created, due to which creation of A record is also not possible.

Am i missing somthing. Can help to make me understand on this?

 

--------------------------------------------

AND one more thing, is it a hard requirement to have IDM hostname should be part IDM domain?

IDM domain = nix.training.com

IDM Host =rhel-idm-s-01.nix.training.com

 

( or ) can we have like below.

 

IDM server hostname (part of AD domain) = rhel-idm-s-01.training.com

IDM domain = nix.training.com

0 Kudos
writertech
Mission Specialist
Mission Specialist
  • 185 Views

does my previous post answer your question?

0 Kudos
Join the discussion
You must log in to join this conversation.