Page Comparison

...

Note

title

Note

vDiscovery can be performed only on VNets virtual networks in Azure public cloud and Azure Government cloud. Other Azure environments (see below) may not be supported.

...

Infoblox vDiscovery supports the resource manager model in the Azure Portal. However, you must first register the new vDiscovery application with Microsoft Entra ID (formerly, Azure Active Directory) through the Azure classic portal.

Note

title

Note

Discovered virtual networks in Microsoft Cloud
is
are mapped to network containers in NIOS.
Updates done by Microsoft to the root CAs of Azure services can cause vDiscovery to fail. If vDiscovery fails with ERROR: PycURL error: (60, 'SSL certificate problem: unable to get local issuer certificate'):
1. Download
the
1. the DigiCert Global Root G2 Certificate
from
1. from DigiCert Root Certificates.
2. Upload the certificate to NIOS as described
in the
1. in the Uploading CA Certificates
section in
1. section in the Infoblox NIOS Documentation.

To perform a vDiscovery job for on a VNetAzure virtual network, complete the following tasks:

Configure DNS resolver in NIOS, as described in the Configuring DNS Resolver section.
Register an application with

...

the Microsoft Entra ID through the Azure classic

...

portal, as described in

...

Integrating vDiscovery with Microsoft Entra ID.
Perform vDiscovery for service instances and subnets in selected

...

virtual networks. For detailed information, refer to Configuring vDiscovery Jobs in the Infoblox NIOS Documentation.
When configuring the endpoint for the vDiscovery job, ensure that you

...

perform the following:

...

- Server Type: Select Azure.

...

- Client ID: Use the CLIENT ID you obtained for the application you created in Azure.

...

- Client Secret: Enter the key value of the application to authenticate the user account.

...

- Service Endpoint: Use the token endpoint URL you selected for the new application.
After performing a vDiscovery job on your

...

virtual networks, you can view and manage discovered data in NIOS. For detailed information, refer to the Infoblox NIOS Documentation. You can also create DNS records for discovered IP addresses. For information, see Creating DNS Records for Discovered IP Addresses.

The vDiscovery job of Azure Government cloud uses different service endpoints than that of Azure public cloud. The following table illustrates the use case of different endpoints that Infoblox supports:

Cloud	Service Endpoint Pattern	API Endpoint	Service Management Endpoint
Azure public cloud	https://login.microsoftonline.com/*	https://management.azure.com/	https://management.core.windows.net/
Azure Government	https://login.microsoftonline.us/*	https://management.usgovcloudapi.net/	https://management.core.usgovcloudapi.net/

The following service endpoints are currently not supported by Infoblox:

Cloud	Service Endpoint Pattern
Azure AD Germany	https://login.microsoftonline.de
Azure AD China operated by 21Vianet	https://login.chinacloudapi.cn

Configuring DNS Resolver

To perform vDiscovery for all resources in your Microsoft VNetsvirtual networks, you must enable DNS resolvers in NIOS. To configure DNS resolver for the Grid, complete the following steps in the NIOS GUI, Grid Manager:

On the Grid tab -> Grid Manager tab -> Members tab, expand the Toolbar, and then click Grid Properties.
In the Grid Properties editor, complete the following:
- On the DNS Resolver tab, select the Enable DNS Resolver checkbox if it is not already selected.
- In the Name Servers list, click Add to add the IP address of the upstream DNS server to the list.
- Enter the IP address and press Enter.
Save the configuration. The changes may take a brief period of time to become active.

Versions Compared

Old Version 11

New Version Current

Key

Configuring DNS Resolver