2.1 Setting DNS for Server Discovery

To allow the authentication agent to discover the daemon host, perform the following steps:

  1. Click Start > Control Panel > Administrative Tools > DNS, to open the DNS manager.

  2. Add Host A or AAAA record and PTR record:

    1. In the console tree, right-click the forward lookup zone that includes your domain name and click New Host (A or AAAA).

    2. Specify a DNS name for the Advanced Authentication Server in Name.

    3. Specify the IP address for the Advanced Authentication Server in IP address. You can specify the address in IP version 4 (IPv4) format (to add a host (A) resource record) or IP version 6 (IPv6) format (to add a host (AAAA) resource record).

    4. Select Create associated pointer (PTR) record to create an additional pointer (PTR) resource record in a reverse zone for this host, based on the information that you provided in Name and IP address.

  3. Add the following SRV records:

    NOTE:Ensure that the LDAP SRV record exists at DNS server. If the record is not available, you must add it manually.

    For best load balancing, you need to perform the following actions only for Advanced Authentication web servers. You need not create the records for Global Master, DB Master, and DB servers.

    1. _oob record:

      1. In the console tree, locate Forward Lookup Zones and right-click on a node with domain name and click Other New Records.

      2. In the Select a resource record type list, click Service Location (SRV) and click Create Record.

      3. Click Service and specify _oob.

      4. Click Protocol and specify _tcp.

      5. Click Port Number and specify 443.

      6. In Host offering this service, specify the FQDN of the Advanced Authentication Server with Daemon host.

        For example, authsrv.mycompany.com.

      7. Click OK.

    2. _aav6 records:

      1. In the console tree, locate Forward Lookup Zones and right-click on a node with domain name and click Other New Records.

      2. In the Select a resource record type list, click Service Location (SRV) and click Create Record.

      3. Click Service and specify _aav6.

      4. Click Protocol and specify _tcp.

      5. Click Port Number and specify 443.

      6. In Host offering this service, specify the FQDN of the server that is added.

        For example, authsrv.mycompany.com.

      7. Click OK.

    NOTE:The Authentication Agent requires both the_oob and _aav6 records. The_aav6 to discover the Advanced Authentication server and _oob to map with the relevant Daemon Host.