Table of Contents
Advertisement
Alcatel-Lucent | Integration of VitalQIP® with Microsoft Windows 2003 Networking/Active Directory
Implementation Steps
1.
Review the design decisions discussed above.
2.
Install and test VitalQIP in the lab but do not connect it to the production network
yet.
3.
Decide the role of VitalQIP – which servers, networks, domains, subnets, and
reverse zones will be managed by VitalQIP and which, if any, will be unmanaged.
4.
If you have clients whose domains are managed but whose reverse zones are
not, or vice versa, be sure to have an appropriate DNS/DHCP configuration to
handle it. (Call VitalQIP Support for more details.)
5.
Use qip-dnscsv to get data from existing MS-DNS servers and create data files
for DNS servers, domains, networks, subnets, objects, and resource records.
6.
Use the Microsoft utility LDIFDE to export site and subnet information from AD.
7.
Use qip-msextract to get data from existing MS-DHCP servers and create data
files for DHCP templates, scopes, and objects.
8.
Import some or all the data files created by steps 5-7 into VitalQIP to start your
database; the exact order and procedure will depend on the details of your case.
You would use:
enterserver, enterdomain, enternetwork, entersubnet, entersimpleobj,
•
enterdnsrr, and/or enteralias to read the data files from qip-dnscsv (but you
might wish to not create objects at this time, since this will make them static IP
objects rather than External.)
qip-siteimport to read the site and subnet files from LDIFDE of step 6; and
•
qip-template, qip-scope, and/or qip-setobject to read the data from qip-
•
msextract
9.
Review and edit your data in VitalQIP to have the necessary domains (including
the underscore domains and DHCP child domains), networks, subnets, reverse
zones, and subnets in VitalQIP.
10.
Have static IP objects for the VitalQIP-managed DNS and DHCP servers, as well
as for Domain Controllers that will receive DNS Generation. Then define a static
IP address for the Enterprise server itself, if it is not already defined as a DNS or
DHCP server.
11.
Find or create in AD the Windows username and password for the "strong user"
and "proxy user" to use for the Kerberos Principal information as owners of the
RRs in MS-DNS.
12.
Create all the Server Profiles in VitalQIP. The MS-DNS servers need to have the
correct GSS-TSIG information in their Server Profile.
13.
Be sure that the Subnet Organizations are correct and correspond to the Active
Directory Sites.
14.
Check the Global Policies: Static DDNS Update should be False, have the
correct settings for Tombstone Max Life and Tombstone Purge Schedule, and
have Allow DHCP Clients to Modify Dynamic Object Resource Records set to
True.
24
Advertisement
Table of Contents
