2.1 Setting DNS for Server Discovery

  1. Open a DNS Manager. To open the DNS Manager, click Start, point to Administrative Tools, and click DNS.

  2. Add Host A or AAAA record and PTR record:

    1. In the console tree, right-click the forward lookup zone that includes your domain name and click New Host (A or AAAA).

    2. Specify a DNS name for the Advanced Authentication Server in Name.

    3. Specify the IP address for the Advanced Authentication Server in IP address. You can specify the address in IP version 4 (IPv4) format (to add a host (A) resource record) or IP version 6 (IPv6) format (to add a host (AAAA) resource record).

    4. Select Create associated pointer (PTR) record to create an additional pointer (PTR) resource record in a reverse zone for this host, based on the information that you provided in Name and IP address.

  3. Add an SRV record:

    NOTE:Ensure that the LDAP SRV record exists at DNS server. If the record is not available, you must add it manually.

    For best load balancing, you need to perform the following actions only for Advanced Authentication web servers.You need not create the records for Global Master, DB Master, and DB servers.

    1. For Advanced Authentication servers from a primary Advanced Authentication site (a site with Global Master server):

      1. In the console tree, locate Forward Lookup Zones and right-click on a node with domain name and click Other New Records.

      2. In the Select a resource record type list, click Service Location (SRV) and then click Create Record.

      3. Click Service and then specify _aav6.

      4. Click Protocol and then specify _tcp.

      5. Click Port Number and then specify 443.

      6. In Host offering this service, specify the FQDN of the server that is added. For example, authsrv.mycompany.com.

      7. Click OK.

    2. For Advanced Authentication servers from other Advanced Authentication sites:

      1. In the console tree, locate Forward Lookup Zones, switch to a node with domain name then to _sites node, right-click on an appropriate site name and click Other New Records.

      2. In the Select a resource record type list, click Service Location (SRV) and then click Create Record.

      3. Click Service and then specify _aav6.

      4. Click Protocol and then specify _tcp.

      5. Click Port Number and then specify 443.

      6. In Host offering this service, specify the FQDN of the server that is added. For example, authsrv.mycompany.com.

      7. Click OK.

Repeat Step 2 to Step 3 for all the authentication servers. The Priority and Weight values for different servers may vary. For best load balancing, you need to have records only for Advanced Authentication web servers and you do not need to have the records for Global Master, DB Master, and DB servers.

DNS server contains SRV entries _service._proto.name TTL class SRV priority weight port target. The following descriptions define the elements present in the DNS server:

  • Service: symbolic name of an applicable service.

  • Proto: transport protocol of an applicable service. Mostly, TCP or UDP.

  • Name: domain name for which this record is valid. It ends with a dot.

  • TTL: standard DNS time to live field.

  • Class: standard DNS class field (this is always IN).

  • Priority: priority of the target host. Lower value indicates that it is more preferable.

  • Weight: a relative weight for records with the same priority. Higher value indicates that it is more preferable.

  • Port: TCP or UDP port on which the service is located.

  • Target: host name of the machine providing the service. It ends with a dot.