Using Infoblox DNS with Windows Server 2016 AD Integrated DNS

%3CLINGO-SUB%20id%3D%22lingo-sub-1170896%22%20slang%3D%22en-US%22%3EUsing%20Infoblox%20DNS%20with%20Windows%20Server%202016%20AD%20Integrated%20DNS%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1170896%22%20slang%3D%22en-US%22%3E%3CP%3EHi%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EOur%20company%20have%20purchased%20a%20Infoblox%20DDI%20appliance%20where%20we%20will%20move%20out%20current%20Windows%20based%20DNS%20and%20DHCP%20services%20into%20Infoblox.%20Our%20current%20Windows%20Server%202016%20running%20as%20DC%20with%20AD%20integrated%20DNS%20and%20DHCP.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EIf%20I%20just%20stop%20the%20Windows%20DNS%20service%2C%20and%20configure%20the%20Windows%20server%20primary%20DNS%20IP%20address%20point%20to%20Infoblox%20how%20will%20that%20affect%20the%20Active%20Directory%3F%20Is%20there%20any%20extra%20configuration%20need%20to%20be%20done%20in%20AD%20itself%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ERegards%3C%2FP%3E%3CP%3ESoonHin%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1222305%22%20slang%3D%22en-US%22%3ERe%3A%20Using%20Infoblox%20DNS%20with%20Windows%20Server%202016%20AD%20Integrated%20DNS%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1222305%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F555652%22%20target%3D%22_blank%22%3E%40soonhin%3C%2FA%3E%26nbsp%3Byou%20will%20likely%20break%20dynamic%20updates%20if%20you%20do%20not%20set%20this%20up%20to%20allow%20for%20authenticated%20dynamic%20updates.%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EInfoblox%20has%20lots%20of%20white%20papers%20about%20integrations%20into%20AD%2FDNS%20environments%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fwww.infoblox.com%2Fwp-content%2Fuploads%2Finfoblox-white-paper-Infoblox-and-the-relationship-between-dns-and-active-directory.pdf%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fwww.infoblox.com%2Fwp-content%2Fuploads%2Finfoblox-white-paper-Infoblox-and-the-relationship-between-dns-and-active-directory.pdf%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EDomain%20services%20use%20DNS%20as%20the%20primary%20locator%20service%20(SRV%20records)%20so%20day%201%20if%20you%20duplicated%20your%20zones%20you%20would%20have%20little%20to%20no%20issue%2C%20day%2010%20you%20will%20see%20lots%20of%20breakdowns%20as%20workstations%20will%20not%20update%20DNS%20dynamic%20records%2C%20domain%20controller%20SRV%20records%20will%20become%20stale.%20New%20DCs%20when%20added%20will%20not%20register%20correctly.%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EIf%20you%20purchased%20these%20from%20Infoblox%20I'd%20go%20back%20to%20your%20rep%20and%20request%20documentation%20on%20how%20to%20correctly%20migrate%20away%20from%20integrated%20zones.%26nbsp%3B%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E
Highlighted
Occasional Visitor

Hi,

 

Our company have purchased a Infoblox DDI appliance where we will move out current Windows based DNS and DHCP services into Infoblox. Our current Windows Server 2016 running as DC with AD integrated DNS and DHCP.

 

If I just stop the Windows DNS service, and configure the Windows server primary DNS IP address point to Infoblox how will that affect the Active Directory? Is there any extra configuration need to be done in AD itself?

 

Regards

SoonHin

1 Reply
Highlighted

@soonhin you will likely break dynamic updates if you do not set this up to allow for authenticated dynamic updates. 

 

Infoblox has lots of white papers about integrations into AD/DNS environments https://www.infoblox.com/wp-content/uploads/infoblox-white-paper-Infoblox-and-the-relationship-betwe... 

 

Domain services use DNS as the primary locator service (SRV records) so day 1 if you duplicated your zones you would have little to no issue, day 10 you will see lots of breakdowns as workstations will not update DNS dynamic records, domain controller SRV records will become stale. New DCs when added will not register correctly. 

 

If you purchased these from Infoblox I'd go back to your rep and request documentation on how to correctly migrate away from integrated zones.