Unsupported content

 

This version of the documentation is no longer supported. However, the documentation is available for your convenience. You will not be able to leave comments.

Configuring BMC Atrium Orchestrator for automatic DNS registration

BMC Network Automation 8.5.01 integrates with BMC Atrium Orchestrator Content 20.13.02.01 and BMC Cloud Lifecycle Management to provide out-of-the-box DNS registration for static IP addressing. 

You must install the following BMC Atrium Orchestrator contents by using the BMC Atrium Orchestrator content installer:

  • Adapter: Third Party Adapters > Domain Name System
  • Module: Core Modules > AutoPilot OA DNS Integration

Note

BMC Cloud Lifecycle Management supports server enrollment in DNS only if the value of the Dynamic updates field is Nonsecure. 

To configure BMC Atrium Orchestrator for DNS registration

  1. Activate the required adapter by performing the following steps:
    1. Open a web browser session and log into to the BMC Atrium Orchestrator Grid Manager using the following format:

      http://<BAO_SERVER>:<WEB_PORT>/baocdp
    2. Add the required adapters to the grid:
      1. Select Application > Grid Manager.
      2. Select Manage > Adapters.
      3. Select the bmc-adapter-dns-actor adapter from the table on the left, and click Add to Grid:
    3. Configure the adapters on the grid:
      1. Select Manage > Adapters.
      2. Open the bmc-adapter-dns-actor adapter to be configured.
      3. Click the name of the adapter or click Configure if you are configuring for the first time.
      4. Enter the adapter name and description in the appropriate fields.
      5. Under Properties, enter the values for the following required configuration elements, and then click OK:
        • DNS Zone
        • DNS Server
        • Reverse DNS Zone
        • Reverse DNS Server
    4. Enable the adapters on the grid:
      1. Select Manage > Peers, and select the peer from the list.
      2. Click the Edit selected Peer icon, and click Enable.
      3. Select bmc-adapter-dns-actor from the list and click OK.
      4. Click OK to save the changes.
  2. Activate the required DNS modules by performing the following steps:
    1. Select Manage > Modules.
    2. Select the following DNS modules from the table on the left:
      • AO_AD_DNS_Integration: Includes the Registration With DNS and De-Registration From DNS processes, which are called by BMC Network Automation for DNS registration and de-registration respectively
      • AutoPilot-OA-DNS_Integration: Configure the TSIGSKeyMapping file in this module to use the appropriate TSIGS key or key location, which is required for DNS server authentication. The TSIGSKeyMapping configuration can include multiple <dns-server> tags for multiple forward DNS server entries and multiple <reverse-dns-server> tags for multiple Reverse DNS server entries. 

         

        Notes

        Even if the primary and reverse DNS servers are the same, you must add separate entries for <dns-server> and <reverse-dns-server> in the TSIGSKeyMapping file.

        If no authentication is required for the DNS server, for example, if the DNS server is configured on Windows 2008, you do not need to add an entry for that server in the TSIGSKeyMapping file.

         
    3. Click Activate.
  3. Configure the AutoPilot-OA-DNS_Integration module by performing the following steps:
    1. Select Manage > Modules.
    2. Click the AutoPilot-OA-DNS_Integration module link in the table on the right.
    3. Navigate to Configuration > Adapters.
    4. Provide the following details:
      1. CLIAdapterName: DNS adapter name, for example, bmc-adapter-dns-actor.
      2. TSIGKeyMapping:

        The following code block shows a sample TSIGSKeyMapping XML file, which is used to configure the TSIGS key or key location:

        <mapping>
          <entry>  
            <dns-server>10.129.54.94</dns-server>  
            <tsig-key-file-path />  
            <tsig-key-name>ddns-update</tsig-key-name>   
            <tsig-key-secret>Kf6wMyO1Uo6F1mWnBlZuMAa8B+UAOHXd3DYE+lif16x2l
            +2vBoESOz3fbWlvHDVN5Xvw3EOisCTTxyQdHf90Zg==</tsig-key-secret> 
          </entry> 
          <entry>   
            <dns-server>10.122.4.14</dns-server>   
            <tsig-key-file-path />   
            <tsig-key-name>ddns-update</tsig-key-name>   
            <tsig-key-secret>Kf6wMyG1Uo6F1mWnBlZuMAa8B+UAOHXd3DYE+lif16x2l
            +2vBoESOz3fbWlvHDVN5Xvw3EOisCTTxyQdHf90Zg==</tsig-key-secret> 
          </entry>
          <entry>   
            <reverse-dns-server>10.128.251.3</reverse-dns-server>   
            <tsig-key-name>infoblox</tsig-key-name>   
            <tsig-key-secret>07cU31anRMJW7BiwkF76eEQk+48TmW2E7mIJ7w37u
            7V99EzsdeR1mLzjDHF8+kODjchZnW6FCSleYISUooakiA==</tsig-key-secret> 
          </entry> 
        </mapping>
    5. Click OK.

Back to top

Enabling Bind9 on the BMC Atrium Orchestrator server

Perform the following tasks on the BMC Atrium Orchestrator server to use bind9 APIs for DNS registration and de-registration:

Steps to be performed before installing Bind9

  1. Navigate to Start > Administrative Tools > Computer Management.
  2. In the Computer Management console, under Local Users and Groups, right-click Users.
  3. Select New User.
  4. In the New User dialog box, perform the following subtasks:
    1. Enter the following information to create a new user: 
      • User name: named
      • Description: BIND DNS Account
      • Password: %password%
      • Confirm Password: %password%
    2. Clear the User must change password at next logon option.
    3. Select the User cannot change password option.
    4. Select the Password never expires option.
  5. Click Create.

Back to top

Installing Bind9

  1. Download the Bind9 installer based on the appropriate OS of the BMC Atrium Orchestrator server from https://www.isc.org/downloads/.
  2. Unzip the download, and then click BindInstall.exe to start the installation.
  3. In the Bind 9 Installer dialog box, enter the following information:
    • Target Directory: Specify a directory where you want to install Bind9, for example, C:\Windows\system32\dns.
    • Service Account Name: Specify the account you created earlier, for example, named.
    • Service Account Password: Specify the password you created earlier, for example, %password%.
    • Confirm Service Account Password: Confirm the password.
  4. Click Install.

  5. (Optional) In the BINDInstall dialog box, which displays Chosen account has too many privileges. Do you wish to use a different account name? click No to continue.

     

    Note

    You can reduce the accounts privileges, but for an average user, there is low risk for the profile to be attacked.
  6. Click OK, and then click Exit in the Bind 9 Installer dialog box.
  7. Assign full read/write rights to named, the user account that you created to access dns, the BIND 9 installation directory.

Back to top

Verifying the Bind 9 installation

  1. In System Properties > Environment Variables, find the pathvariable and append one of the following strings:
    1. (Windows 64-bit) %SYSTEMROOT%\SysWOW64\dns\bin
    2. (Windows 32-bit) %SYSTEMROOT%\system32\dns\bin
  2. Go to Start > Run > cmd.
  3. Run the nsupdate command.

    C:\Users\Administrator>nsupdate
    is the output.
  4. Run the quit command.

    Note

    The error message, 'nsupdate' is not recognized as an internal or external command, operable program or batch file implies that the path is not configured correctly.


Back to top

Related topic

 Defining a DNS server in BMC Network Automation

This version of the documentation is no longer supported. However, the documentation is available for your convenience. You will not be able to leave comments.

Comments