2524 - Creating authoritative subzones in NIOS

Scenario

The sales department within your organization needs to manage its own namespace, sales.techblue.net. As the administrator, you want to allow operators to manage entries in this space for you. Please set up the necessary configurations on the NIOS Grid.

Estimate Completion Time

• 15 to 20 minutes

Credentials

Requirements

• Administrative DNS access to the Grid

Course References

• 2006: Configuring NIOS Administrator Accounts and Permissions

• 2009: Configuring NIOS DNS Services

• 2023: Configuring NIOS DNS Zones

Lab Initiation

Access jump-desktop

Once the lab is deployed, you can access the virtual machines required to complete this lab activity. To initiate the lab, click on the jump-desktop tile and login to the Linux UI:

Username: training

Password: infoblox

Initiate lab

To initiate the lab, double-click the Launch Lab icon on the Desktop.

Choose the lab number from the list and click OK.

After clicking OK, you will see a pop-up message with a brief description of the lab task. If the description looks correct, click Yes to continue lab initiation.

Lab initiation will take a couple of minutes to finish.

Once complete, you will see another pop-up message with the login credentials and the URL for the Grid Manager’s User Interface. Note that the credentials may differ from those from prior labs.

Tasks

1. Creating an authoritative subzone.

2. Configuring the subzone permissions to be read-write by a specific group.

Task 1: Creating an authoritative subzone

Create the authoritative subzone sales.techblue.net. The sales department is not using its own DNS server(s). Please re-use the same name servers as the parent zone, techblue.net.

Task 2: Configuring subzone permissions

Allow the group operators to have read-write access to the subzone sales.techblue.net.

 

Solutions

Task 1 Solution: Creating an authoritative subzone

1. Navigate to Data Management → DNS → Zones

2. Click the Add dropdown menu and select Authoritative Zone

3. Leave the radio button set to Add an authoritative forward-mapping zone

4. Click Next

5. For Name, enter sales.techblue.net

6. Leave the remaining settings unchanged and click Next

7. Select the radio button for Use this set of name servers

8. Click the Add dropdown menu and select Grid Primary

9. In the Add Grid Primary section, click Select to display the Member Selector

10. In the Member Selector window click the entry for ibns1.techblue.net

11. The selected device ibns1.techblue.net appears in the Add Grid Primary section

12. Click the Add button to add ibns1.techblue.net as primary server

13. Add a Grid Secondary device by clicking Add → Grid Secondary

14. In the section for Add Grid Secondary, click Select to open the Member Selector window

15. Click on ibns2.techblue.net

16. The device ibns2.techblue.net appears as the selected Grid Secondary

17. Click the Add button to add ibns2.techblue.net as a Grid Secondary server

18. The table shows ibns1 as Grid Primary and ibns2 as Grid Secondary

19. Click Save & Close

The subzones tab under techblue.net now contains a new entry for the sales.techblue.net authoritative zone

Task 2 Solution: Configuring subzone permissions

The easiest way to edit the subzone's permissions is to edit the zone settings:

1. Inside techblue.net, go to Subzones and edit sales.techblue.net

2. Navigate to the Permissions tab

3. Click + and select the operators group

   

4. Once the operators group name populates, edit the Permissions field using the drop-down box, set the permissions to ‘Read/Write’.

5. Click Save and Close

6. Now, users in the operators group will be allowed read-write access to manipulate the sales.techblue.net subzone configurations and records.