cc/td/doc/product/iaabu/cddm/css_1196
hometocprevnextglossaryfeedbacksearchhelp
PDF

Table of Contents

Configuring the DNM Service

Configuring the DNM Service

This chapter describes tasks you must perform before authorized users can manage DNS zones with the DNM Browser. You must also perform these tasks if you plan to use the DNM service to coordinate your DNS and DHCP servers.

Configuration Task Overview

This chapter describes the following tasks:

This chapter assumes:

Starting and Stopping the DNM Service

This section describes how to use the SCM to start and stop the DNM service.

To configure the DNM server to start automatically whenever a request is received on the server's port number or to control access to the DNM server, see the Cisco Server Suite Installation and Basic Configuration Guide.

To start the DNM service:

Step 1 Start the SCM.

Step 2 Choose DNM in the Available Services box.

Step 3 Click on Start.

To stop the DNM service:

Step 1 Start the SCM.

Step 2 Choose DNM in the Available Services box.

Step 3 Click on Stop.

Specifying DNM Service Ports

The DNM service provides three TCP services, each of which runs on a unique port. Table 2-1 describes these services and their default ports.


Table 2-1: DNM Service Ports
Service Description Parameter
Zone transfer Listens for and responds to inquiries about the status of a specific zone, and transfers the data for that zone.The default TCP port is 53, which is the required port for DNS zone transfers. Nameserver-port
Domain name management Listens for domain management commands from authorized users using DNM Browsers or configuring the Cisco DHCP/BootP server. The default TCP port is 704. Port
Hostname server Listens for and responds to Hostname Server (RFC953) requests to extract an RFC952 HOSTS.TXT file. The default TCP port is 101. Hostname-server-port
Caution Changing the zone transfer port may make zone transfer unusable by clients. use the default port whenever possible.

To change the DNM service ports:

Step 1 Start the SCM.

Step 2 Choose DNM in the Available Services box.

Step 3 Click on the Startup tab.

Step 4 Click on the Parameters tab.

Step 5 To edit a port parameter, click on the checkbox next to the parameter name, and enter the port number.

For example, if you are running an authoritative DNS service on the same host as the DNM service, you must configure the DNM service to provide zone transfers on a port other than 53 (usually port 705) because the DNS service is using port 53. You must also configure the DNS service to receive zone transfers on port 704 (see the section titled "Establishing Authority" in the chapter titled "Configuring the DNS Service"). For more information about choosing ports for DNM service, see the Cisco DNS/DHCP Manager Concepts and Planning Guide.


Step 6 Choose Save Configuration in the File menu.

Changes take effect after you stop and restart NetControl.

Restricting Zone Transfers

By default, the DNM service transfers zone data to any DNS server that requests it. If you do not want your DNM server to transfer zones to DNS servers that are not authoritative for the zones, configure the DNM server to restrict zone transfers.

Note If you are running a DNS server on the same host as your DNM server, restricting zone transfers may cause problems if the DNS server is configured to receive zone transfers from 127.0.0.1 (your loopback address). If you restrict zone transfers, change references to 127.0.0.1 to your host's IP address.

To restrict zone transfers:

Step 1 Start the SCM.

Step 2 Choose DNM in the Available Services box.

Step 3 Click on the StartUp tab.

Step 4 Click on the Parameters tab.

Step 5 Check the Restrict-zone-transfers checkbox.

Step 6 Choose Save Configuration from the File menu.

Changes take effect after you stop and restart NetControl.

Managing the DNM Service User Database

The DNM service only accepts management commands from users who are registered in its user database. The CDDM installation program prompts you for names and passwords for authorized users to let you start managing zones immediately.

This section describes:

Note Authorized users can modify any zone managed by the DNM service. If you need to prevent authorized users from managing some of the zones managed by the DNM service, you must use multiple DNM servers. For details on choosing hosts as DNM servers, see the Cisco DNS/DHCP Manager Concepts and Planning Guide.

Adding New User Entries

To add a new user entry:

Step 1 Start the SCM.

Step 2 Choose DNM in the Available Services box.

Step 3 Click on the Users tab.

Step 4 Enter the name of the new user in the User Name field.

Step 5 Enter the user's password in the Password field.

Step 6 Click on Add.

Step 7 Choose Save Configuration from the File menu.

Changes take effect after you stop and then start the DNM service. To restart the DNM service, click on Stop, then click on Start in the Available Services box.

Changing User Entries

To change a user entry:

Step 1 Start the SCM.

Step 2 Choose DNM in the Available Services box.

Step 3 Click on the Users tab.

Step 4 Select the user entry you want to change in the Users box.

Step 5 Change the user's User Name or Password as desired.

Step 6 Click on Modify.

Step 7 Choose Save Configuration from the File menu.

Changes take effect the next time you restart the DNM service. To restart the DNM service, click on Stop, then click on Start in the Available Services box.

Deleting User Entries

To delete a user entry:

Step 1 Start the SCM.

Step 2 Choose DNM in the Available Services box.

Step 3 Click on the Users tab.

Step 4 Select the user you want to delete in the Users box.

Step 5 Click on Delete.

Step 6 Click on Yes in the Confirmation dialog box.

Step 7 Choose Save Configuration in the File menu.

Your changes take effect the next time you start the DNM service. To restart the DNM service, click on Stop, then click on Start in the Available Services box.

Logging Zone Changes

The DNM service modifies zones when authenticated users send domain management commands via DNM Browsers or when the Cisco DHCP/BootP service sends updated zone information. You can specify a file for logging zone changes.

To maintain a log of zone changes:

Step 1 Start the SCM.

Step 2 Choose DNM in the Available Services box.

Step 3 Click on the StartUp tab.

Step 4 Click on the Parameters tab.

Step 5 Check the Audit-file checkbox.

Step 6 Enter the pathname of the desired log file. You must specify an absolute pathname.

Step 7 Choose Save Configuration from the File menu.

Changes take effect the next time you stop and restart NetControl.

Selecting Configuration Files

By default, the DNM service reads two configuration files when it starts:


Table 2-2: DNM Service Configuration Files
This file... Contains...
uber.dat A database of all zones managed by the DNM server
uberauth.dat A database of names and passwords for users authorized to manage zones on the DNM server

You can specify a different file for either database. You must specify an absolute pathname.

Step 1 Start the SCM.

Step 2 Choose DNM in the Available Services box.

Step 3 Click on the StartUp tab.

Step 4 Click on the Parameters tab.

Step 5 To change the zone database file, make sure the Configuration-file checkbox is checked, then enter the desired configuration file's pathname in the Configuration-file field.

Step 6 To change the user database file, make sure the Auth-file checkbox is checked, then enter the desired configuration file's pathname in the Auth-file field.

Step 7 Choose Save Configuration from the File menu.

Changes take effect the next time you stop and restart NetControl.

hometocprevnextglossaryfeedbacksearchhelp
Copyright 1989-1997 © Cisco Systems Inc.