Using DNS to Enable Agent Auto Configuration

When the Agent software is deployed to the target machines, it must be configured with the name or IP address of the machine that provides the ObserveIT Application Server services, and the correct port that is used by the application.

You can configure the Agents with this information by using one of the following methods:

  • Manual configuration

  • Scripted configuration

  • DNS configuration

This topic describes how to configure the Agents using DNS configuration.

When using DNS configuration to configure the Agent, the Agent uses DNS to query and locate the machine that provides the ObserveIT Application Server services. It does this by searching for an SRV Record called _oit._tcp.domain-name.suffix. When SSL encryption (https) is used for secure communication with the Application Server, the SRV Record Agent must have the _oits prefix. The information from DNS is inserted into the Agent configuration, and when properly configured, it allows the Agent to communicate with the correct server by using the correct TCP port.

Prerequisites

For DNS auto configuration to work, the following prerequisites must be met:

  • An Active Directory infrastructure must be in place, where properly configured DNS server(s) can be accessed and queried by all the machines that are members of that AD domain.

  • All target machines must be members of this AD domain, and properly configured to use the DNS server(s). If not, all target machines must be configured so that they are able to query DNS server(s) that have the relevant _oit record (or _oits record in the case of https). If several AD domains are involved, each DNS zone must be configured in the same way to allow for _oit record resolution.

  • The ObserveIT server-side components and the ObserveIT Agents must all be running version 5.3 or higher.

It is beyond the scope of this topic to describe all possible options of using DNS. For further details, refer to the Microsoft help documentation.

To install an ObserveIT Agent using DNS configuration

  1. Open the DNS Management console, and expand your server name > Forward Lookup Zones. Click on the zone that is used by the Active Directory domain. For example, if your domain name is oit-demo.local, in the DNS Management console expand the oit-demo.local zone.

  2. Right-click the zone and select Other New Records.

  3. In the Resource Record Type window, scroll down and select Service Location (SRV).

  4. In the New Resource Record window, enter the following information based on these settings:

    • Domain: Your domain name (cannot be changed)

    • Service: _oit or _oits (make sure that you add an underscore)

    • Protocol: _tcp (make sure that you add an underscore)

    • Priority: 0 (no need to change, unless more than one ObserveIT Application Server will be used)

    • Weight: 0 (no need to change, unless more than one will be used)

    • Port Number: 4884 in the case of http or 443 in the case of https (unless changed on the ObserveIT Application Server website)

    • Host Offering this Service: FQDN of the ObserveIT Application Server (for example, win2003-oitsrv.oit-demo.local)

    For the host record line you may NOT use an IP address. If the ObserveIT Application Server cannot be resolved, you MUST add a regular "A Record" to the DNS server pointing to the ObserveIT Application Server.

  5. Click OK.

  6. Expand the zone and expand the _tcp node. Check to see that an _oit (or _oits) SRV record appears in the _tcp node, and that it points to the correct ObserveIT Application Server using the correct TCP port.

  7. Carefully examine the DNS records that were added to the DNS used by your computers. You may use NSLOOKUP from one of the target computers to make sure it can properly resolve these records.

    For example, to find out the SRV Record for the ObserveIT Application Server for a domain named oit-demo.local, enter the following commands in a Command Prompt window:

    nslookup

    set q=srv

    _oit._tcp.oit-demo.local

    A sample result of a properly configured SRV Record should look like this:

    _oit._tcp.oit-demo.local SRV service location:

    priority = 0

    weight= 0

    port = 4884

    svr hostname = win2003-oitsrv.oit-demo.local

    win2003-oitsrv.oit-demo.local internet address = 192.168.100.2