/
Active Directory DNS Migration to BloxOne DNS
Document toolboxDocument toolbox

Active Directory DNS Migration to BloxOne DNS

Owned by Sri Raghu
Last updated: Sept 06, 2024
2 min read

The following diagram illustrates the migration of Microsoft Active Directory DNS to BloxOne DNS:

User authentication with Active Directory Integrated DNS begins when a client device boots and requests a DHCP address. The DHCP server updates DNS on behalf of the client. The client then queries AD DNS for A and SRV records to locate a Domain Controller, and the user logs in and is authenticated by the Domain Controller. For migrating DNS data to BloxOne DDI, a multi-stage process is followed with Infoblox Professional Services, including testing and remediation planning. DNS is removed in AD.

Pre-migration

User Authentication with Active Directory Integrated DNS:

  • Client device boots and requests a DHCP address.

  • DHCP server updates DNS on behalf of the client.

  • Client queries AD DNS for A and SRV records to find a Domain Controller.

  • User logs in to device and is authenticated by the Domain Controller.

DNS Data Migrated to Universal DDI:

  • Multi-stage migration process with Infoblox Professional Services.

  • Includes testing and remediation planning.

  • DNS is no longer in Active Directory (removed/disabled).

Post-migration

User Authentication with BloxOne DNS and Active Directory:

  • Client device boots and request a DHCP address.

  • DHCP server updates DNS on behalf of the client.

  • Client queries BloxOne DNS for A and SRV records to find a Domain Controller.

  • User logs in to device and is authenticated by the Domain Controller.

 

Benefits of Active Directory integration with BloxOne DNS:

  • With Active Directory integrated DNS:

    • Domain Controllers update DNS A and SRV records.

    • Updates are sent directly to itself or another AD DNS server.

    • Updates are sent secure (GSS-TSIG).

  • With BloxOne DNS:

    • Domain Controllers update DNS A and SRV records.

    • Updates are sent directly to BloxOne DNS.

    • Updates are sent securely using GSS-TSIG.