DOCSLIB.ORG

Interdomain Federation Guide for IM and Presence Service on Cisco Unified Communications Manager, Release 11.5(1)SU2 First Published: 2017-01-10

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Interdomain Federation Guide for IM and Presence Service on Cisco Unified Communications Manager, Release 11.5(1)SU2 First Published: 2017-01-10 Interdomain Federation Guide for IM and Presence Service on Cisco Unified Communications Manager, Release 11.5(1)SU2 First Published: 2017-01-10 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 © 2017 Cisco Systems, Inc. All rights reserved. CONTENTS CHAPTER 1 Overview of this Integration 1 Basic Federated Network 1 SIP Federation with AOL 4 Limitation with AOL Federation 4 Intercluster and Multinode Deployments 5 SIP Federation Deployments 5 XMPP Federation Deployments 5 High Availability and Federation 6 High Availability for SIP Federation 6 High Availability for XMPP Federation 7 Cisco Adaptive Security Appliance Deployment Options 9 Presence Subscriptions and Blocking Levels 10 Availability State Mappings 12 Availability State Mappings for Microsoft OCS 12 Availability State Mappings for Microsoft Lync 14 Availability State Mappings for AOL Instant Messenger 15 Availability State Mappings for XMPP Federation 16 Instant Messaging 18 Instant Message Flow for SIP Federation 18 Availability and Instant Message Flow for XMPP Federation 20 Federation in Deployments with Multiple Domains 21 Federation and Subdomains 21 CHAPTER 2 Preparations for this Integration 23 Supported Interdomain Federation Integrations 23 Presence Web Service API Support 24 Hardware Requirements 24 Software Requirements 25 Interdomain Federation Guide for IM and Presence Service on Cisco Unified Communications Manager, Release 11.5(1)SU2 iii Contents Integration Preparation 26 Routing Configuration 26 Public IP Address 26 Public FQDN 27 AOL SIP Access Gateway 27 Redundancy/High Availability 28 DNS Configuration 28 Certificate Authority Server 30 Prerequisite Configuration Tasks for this Integration 31 Configure the IM and Presence Service for Integration 31 Configure the Cisco Adaptive Security Appliance for Integration 31 CHAPTER 3 Configuration Workflows for Interdomain Federation 33 Configuration Workflow for SIP Federation with Skype for Business 33 Configuration Workflow for SIP Federation with Microsoft Lync 34 Configuration Workflow for SIP Federation with Microsoft OCS 35 Configuration Workflow for SIP Federation with Microsoft Lync — with ASA Firewall 36 Configuration Workflow for SIP Federation with Microsoft OCS — with ASA Firewall 37 Configuration Workflow for Cisco Adaptive Security Appliance for SIP Federation 38 Configuration Workflow for SIP Federation with AOL 38 Configuration Workflow for XMPP Federation 39 CHAPTER 4 IM and Presence Service Configuration for SIP Federation 41 Add a SIP Federated Domain 41 Routing Configuration on IM and Presence Service 42 DNS Configuration for SIP Federation 42 Configure Static Routes Using TLS 44 Configure Federation Routing Parameters 45 Configuration of Security Settings on IM and Presence Service 46 Create a New TLS Peer Subject 46 Add TLS Peer to Selected TLS Peer Subjects List 47 Routing Information Configuration for AOL Federation 47 Route SIP Requests for SIP Federation with AOL 47 Change the Default Federation Routing Domain for SIP Federation with AOL 48 Turn On the SIP Federation Service 49 Interdomain Federation Guide for IM and Presence Service on Cisco Unified Communications Manager, Release 11.5(1)SU2 iv Contents CHAPTER 5 SIP Federation Security Certificate Configuration with Cisco Adaptive Security Appliance 51 Security Certificate Exchange Between IM and Presence Service and Cisco Adaptive Security Appliance 51 Generate Key Pair and Trustpoints on the Cisco Adaptive Security Appliance 51 Generate Self-Signed Certificate on the Cisco Adaptive Security Appliance 52 Import Self-Signed Certificate onto the IM and Presence Service 53 Generate a New Certificate on the IM and Presence Service 54 Import an IM and Presence Service Certificate into the Cisco Adaptive Security Appliance 54 Security Certificate Exchange Between Cisco Adaptive Security Appliance and Microsoft Access Edge (External Interface) with Microsoft CA 55 CA Trustpoints 56 Configure a Certificate on the Cisco Adaptive Security Appliance Using SCEP 56 Configure a Certificate on the Cisco Adaptive Security Appliance Using Manual Enrollment 58 Certificate Configuration for the External Access Edge Interface 59 Download CA Certification Chain 59 Install a CA Certification Chain 59 Request Certificate from CA Server 60 Download Certificate from CA Server 61 Upload a Certificate onto Access Edge 62 Create Custom Certificate for Access Edge Using Enterprise Certificate Authority 62 Create and Issue a Custom Certificate Template 63 Request Site Server Signing Certificate 64 Security Certificate Configuration on Lync Edge Server for TLS Federation 64 Security Certificate Exchange Between Cisco Adaptive Security Appliance and the AOL SIP Access Gateway 65 CHAPTER 6 Cisco Adaptive Security Appliance Configuration for SIP Federation 67 Cisco Adaptive Security Appliance Unified Communication Wizard 67 External and Internal Interface Configuration 68 Configure Static IP Routes 68 Port Address Translation (PAT) 69 Port Address Translation for This Integration 69 PAT for Private to Public Requests 71 Interdomain Federation Guide for IM and Presence Service on Cisco Unified Communications Manager, Release 11.5(1)SU2 v Contents Static PAT for New Requests 72 NAT Rules in ASDM 73 Sample Static PAT Commands 74 PAT Configuration for Routing the IM and Presence Service Node 74 PAT Configuration for Intercluster or Intracluster IM and Presence Service Nodes 75 Cisco Adaptive Security Appliance Upgrade Options for Existing Deployments 77 CHAPTER 7 TLS Proxy Configuration on the Cisco Adaptive Security Appliance 79 TLS Proxy 79 Access List Configuration Requirements 80 Configure TLS Proxy Instances 82 Associate Access List with TLS Proxy Instance Using Class Maps 83 Enable TLS Proxy 84 Configure Cisco Adaptive Security Appliance for an Intercluster Deployment 84 CHAPTER 8 Interdomain Federation with Skype for Business 87 Skype for Business Interdomain Federation 87 Skype for Business Interdomain Federation Task Flow 87 Assign DNS SRV for IM and Presence 88 Add Federated Domain to IM and Presence 89 Restart Cisco XCP Router 89 Configure Static Route on IM and Presence 90 Add Expressway as a TLS Peer 90 Add Expressway to Access Control List 91 Configure Expressway for Federation with Skype for Business 91 Configure User Trust Settings 92 Configure Global Federation Access Settings 92 Add IM and Presence as Allowed Domain 93 Add Expressway as SIP Federated Provider for IM and Presence 93 Exchange Certificates 94 CHAPTER 9 Interdomain Federation to Microsoft Lync 97 Interdomain Federation to Microsoft Lync within an Enterprise 97 Configuration Task Flow for Microsoft Lync Federation 98 Add a Microsoft Lync Domain Within Enterprise 99 Interdomain Federation Guide for IM and Presence Service on Cisco Unified Communications Manager, Release 11.5(1)SU2 vi Contents Configure Static Routes from IM and Presence to Lync 99 Configure Expressway Gateway for Microsoft Lync Federation 100 Configure Static Route from Lync to Expressway Gateway 100 Configure a Static Route from Lync to IM and Presence 102 Configure Trusted Applications on Lync Server 104 Publish Topology 106 Set up Certificates on IM and Presence for Federation with Lync 106 CHAPTER 10 Interdomain Federation to Microsoft OCS 109 Interdomain Federation to Microsoft OCS within an Enterprise 109 Configuration Task Flow for Microsoft OCS Federation 110 Add a Microsoft OCS Domain Within Enterprise 111 Configure Static Route on IM and Presence Service for Microsoft Servers 112 Configure Static Routes on OCS to Point to the IM and Presence Service 112 Verify Peer Authentication Listener 113 Adding a Host Authorization Entry for the IM and Presence Service Node on OCS 114 Configure Certificates on OCS for Interdomain Federation 115 Enable Port 5060/5061 on the OCS Server 115 Configure OCS to use FIPS 116 Set Up Certificates on the IM and Presence Service Node for Federation with Microsoft Server over TLS 117 CHAPTER 11 External Server Component Configuration for SIP Federation 119 Microsoft Component Configuration for SIP Federation 119 Requirements for SIP Federation with AOL 122 License Requirements for AOL Federation 122 AOL Routing Information Requirements 123 AOL Provisioning Information Requirements 123 CHAPTER 12 Load Balancer Configuration for Redundancy for SIP Federation 125 About the Load Balancer 125 IM and Presence Service Node Updates 125 Cisco Adaptive Security Appliance Updates 126 Static PAT Message Updates 127 Access List Updates 128 Interdomain Federation Guide for IM and Presence Service on Cisco Unified Communications Manager, Release 11.5(1)SU2 vii Contents TLS Proxy Instance Updates 130 CA-Signed Security Certificate Updates 130 Security Certificate Configuration Between the Load Balancer and Cisco Adaptive Security Appliance 131 Security Certificate Configuration Between the Load Balancer and IM and Presence Service Node 131 Microsoft Component Updates 132 AOL Component Updates 132 CHAPTER 13 IM and Presence Service Configuration for XMPP Federation 133 External XMPP Federation through Cisco Expressway 133 Configure General Settings for XMPP Federation 135 XMPP Federation Overview 135 Important Notes about Restarting Services for XMPP Federation 136 Turn On XMPP Federation on a Node 136 Configure Security Settings for XMPP Federation 136 DNS Configuration for XMPP Federation 138 DNS SRV Records for XMPP Federation 138 DNS SRV Records for Chat Feature for XMPP
Load more

Recommended publications
  • Dnsservicediscovery Mach-Based API
    DNSServiceDiscovery Mach-Based API February 1, 2004 REPRESENTATION, EITHER EXPRESS OR IMPLIED, WITH RESPECT TO THIS MANUAL, Apple Computer, Inc. ITS QUALITY, ACCURACY, © 2001, 2004 Apple Computer, Inc. MERCHANTABILITY, OR FITNESS FOR A PARTICULAR PURPOSE. AS A RESULT, THIS All rights reserved. MANUAL IS SOLD ªAS IS,º AND YOU, THE PURCHASER, ARE ASSUMING THE ENTIRE No part of this publication may be RISK AS TO ITS QUALITY AND ACCURACY. reproduced, stored in a retrieval system, or IN NO EVENT WILL APPLE BE LIABLE FOR DIRECT, INDIRECT, SPECIAL, INCIDENTAL, transmitted, in any form or by any means, OR CONSEQUENTIAL DAMAGES mechanical, electronic, photocopying, RESULTING FROM ANY DEFECT OR INACCURACY IN THIS MANUAL, even if recording, or otherwise, without prior advised of the possibility of such damages. written permission of Apple Computer, Inc., THE WARRANTY AND REMEDIES SET with the following exceptions: Any person FORTH ABOVE ARE EXCLUSIVE AND IN is hereby authorized to store documentation LIEU OF ALL OTHERS, ORAL OR WRITTEN, EXPRESS OR IMPLIED. No Apple dealer, agent, on a single computer for personal use only or employee is authorized to make any and to print copies of documentation for modification, extension, or addition to this warranty. personal use provided that the Some states do not allow the exclusion or documentation contains Apple’s copyright limitation of implied warranties or liability for notice. incidental or consequential damages, so the above limitation or exclusion may not apply to The Apple logo is a trademark of Apple you. This warranty gives you specific legal Computer, Inc. rights, and you may also have other rights which vary from state to state.
    [Show full text]
  • Polycom UC Software 5.4.3 Administrator Guide
    ADMINISTRATOR GUIDE UC Software 5.4.3 | March 2016 | 3725-49104-010A Polycom® UC Software 5.4.3 Copyright© 2016, Polycom, Inc. All rights reserved. No part of this document may be reproduced, translated into another language or format, or transmitted in any form or by any means, electronic or mechanical, for any purpose, without the express written permission of Polycom, Inc. 6001 America Center Drive San Jose, CA 95002 USA Trademarks Polycom®, the Polycom logo and the names and marks associated with Polycom products are trademarks and/or service marks of Polycom, Inc. and are registered and/or common law marks in the United States and various other countries. All other trademarks are property of their respective owners. No portion hereof may be reproduced or transmitted in any form or by any means, for any purpose other than the recipient's personal use, without the express written permission of Polycom. Disclaimer While Polycom uses reasonable efforts to include accurate and up-to-date information in this document, Polycom makes no warranties or representations as to its accuracy. Polycom assumes no liability or responsibility for any typographical or other errors or omissions in the content of this document. Limitation of Liability Polycom and/or its respective suppliers make no representations about the suitability of the information contained in this document for any purpose. Information is provided "as is" without warranty of any kind and is subject to change without notice. The entire risk arising out of its use remains with the recipient. In no event shall Polycom and/or its respective suppliers be liable for any direct, consequential, incidental, special, punitive or other damages whatsoever (including without limitation, damages for loss of business profits, business interruption, or loss of business information), even if Polycom has been advised of the possibility of such damages.
    [Show full text]
  • Page 1 of 65 Chapter 6
    Chapter 6 - Windows 2000 DNS Page 1 of 65 Windows 2000 Server Chapter 6 - Windows 2000 DNS Microsoft® Windows® 2000 DNS is compliant with the standard Domain Name System (DNS) as described in the Request for Comments (RFC) documents of the Internet Engineering Task Force (IETF). DNS is the de facto naming system for Internet Protocol (IP)–based networks and the naming service that is used to locate computers on the Internet. Because Windows 2000 DNS is RFC- compliant, it interoperates with most of the other DNS server implementations, such as those DNS servers that use the Berkeley Internet Name Domain (BIND) software. This chapter describes the new features and enhancements of Windows 2000 DNS and explains how to set up and configure some of the features. For more information about DNS-related RFC standards that are supported by Windows 2000, see "Introduction to DNS" in this book. In This Chapter Introduction to the Windows 2000 Implementation of DNS Naming Hosts and Domains Windows 2000 Resolver Setting Up DNS for Active Directory Active Directory Integration and Multimaster Replication Dynamic Update and Secure Dynamic Update Aging and Scavenging of Stale Records Integration with WINS Interoperability with Other DNS Servers Internet Access Considerations Troubleshooting Related Information in the Resource Kit l For more information about TCP/IP, see "Introduction to TCP/IP" in this book. l For more information about the Windows Internet Name Service, see "Windows Internet Name Service" in this book. l For information about Domain Name System concepts, see "Introduction to DNS" in this book. l For more information about Active Directory, see "Active Directory Logical Structure" in Microsoft® Windows® 2000 Server Resource Kit Distributed Systems Guide.
    [Show full text]
  • Networks: Access Management Windows 2000 Server Class Notes # 18 Domain Name Server (Part I) February 12, 2004
    Networks: Access Management Windows 2000 Server Class Notes # 18 Domain Name Server (Part I) February 12, 2004 Computers connected to a network require distinct IP addresses in order to communicate using the TCP/IP protocol. The IP addresses provide a distinct location for the sending and receiving of information. The IP addresses consist of a complicated set of numbers (4 octet address) that is not easy to remember. Therefore, DNS is used to provide a mapping between a name and its IP address. DNS is made up of many elements to provide name resolution for clients on a TCP/IP network, including name servers, domains, zones, zone files, and records. For any computer on the Internet, you can find the address of any other computer using the DNS hierarchy or namespace. This information is acquired within seconds. There is no one person or organization keeping track of the DNS machine name to IP address database. The responsibility for keeping track of the name to IP address relationship is maintained locally. For example, if your DNS server tries to figure out the IP address of www.google.com then your DNS server is soon going to be talking to the google DNS server to resolve that name. The DNS names are arranged in pieces separated by a period. For example, teacher.wqsb.qc.ca has four pieces where each piece can’t exceed 63 characters in length and the entire name can’t exceed 255 characters in total. The left most piece is the computer name, the remaining pieces to the right of the computer name is the DNS domain or DNS suffix.
    [Show full text]
  • Active Directory DNS Integration.Book
    Active Directory DNS Integration White Paper Abstract This paper describes how Active Directory uses the Domain Name System (DNS) in conjunction with the Windows Domain Locator service for distributed computing environments. It discusses how the Adonis Server integrates into existing or new Active Directory deployments. DNS replication mechanisms are discussed including their pros and cons. Active Directory records and DNS labeling conventions are described in detail to give the reader a deeper understanding how the locator service works. USE OF THIS DOCUMENT Publisher Information All rights reserved worldwide. No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any human or computer language in any form or by any means without the express written permission of: BlueCat Networks, Inc. 9050 Yonge Street, Suite 401 Richmond Hill, Ontario Canada L4C 9S6 Attention: General Manager Telephone: 905-882-5691 Fax: 905-882-5057 E-mail: [email protected] Web Site: www.bluecatnetworks.com This publication is provided as is without warranty of any kind, express or implied, including, but not limited to, the implied warranties of merchantability, fitness for a particular purpose, or non-infringement. All terms mentioned in this publication that are known to be trademarks or service marks are appropriately capitalized. BlueCat Networks cannot attest to the accuracy of this information. Use of a term in this publication should not be regarded as affecting the validity of any trademark or service mark. The trademarks, service marks and logos (the "Trademarks") displayed are registered and unregistered Trademarks of BlueCat Networks, Inc. and others.
    [Show full text]
  • Kerio-Connect-Adminguide.Pdf
    ADMINISTRATOR GUIDE Find out how to install and configure Kerio Connect in different environments and how to set up advanced features. The information and content in this document is provided for informational purposes only and is provided "as is" with no warranties of any kind, either express or implied, including without limitation any warranties of merchantability, fitness for a particular purpose, and non-infringement. GFI Software disclaims and in no event shall be liable for any losses or damages of any kind, including any consequential or incidental damages in connection with the furnishing, performance or use of this document. The information is obtained from publicly available sources. Though reasonable effort has been made to ensure the accuracy of the data provided, GFI makes no warranty, promise or guarantee about the completeness, accuracy, recency or adequacy of information contained in this document and is not responsible for misprints, out-of-date information, or errors. GFI reserves the right to revise or update its products, software or documentation without notice. You must take full responsibility for your use and application of any GFI product or service. No part of this documentation may be reproduced in any form by any means without prior written authorization of GFI Software. If you believe there are any factual errors in this document, please contact us and we will review your concerns as soon as practical. GFI and Kerio Connect are trademarks or registered trademarks of GFI Software or its affiliates in the US and other countries. Any other trademarks contained herein are the property of their respective owners.
    [Show full text]
  • Icewarp Server GUI Reference
    IceWarp Unified Communications IceWarp Server GUI Reference Version 11.4 Published on 5/3/2016 Contents Reference Manual ..................................................................................... 5 Administrative Console ................................................................................................................... 6 Main Menu ........................................................................................................................ 7 Remote Server Administration ........................................................................................ 10 Remote Console as an Installer ........................................................................... 10 Bookmarks – Bookmarks Manager ...................................................................... 11 Configuration Backup and Restore .................................................................................. 14 Toolbar ............................................................................................................................. 15 How to Import Users from Windows or AD Servers ........................................................ 16 How to Import Users from LDAP / Active Directory ......................................................... 17 Import/Export Users from/to File .................................................................................... 18 Licenses ............................................................................................................................ 20 WebAdmin ......................................................................................................................
    [Show full text]
  • Professional Manual
    Professional Manual 1 Table of Contents 1. Table of Contents 1-8 2. Introduction 9 2.1. Introduction 9 2.2. Prerequisites 9-10 2.3. How Internet Email Works 10-11 2.4. What's New in Version 10 11-12 3. Overview 13 3.1. Overview 13 3.2. Structure of MailEnable 13-14 3.3. Administration 14-15 3.4. Email Delivery Flow 15-16 4. Installation 17 4.1. Installation Overview 17 4.2. Installation process 17-25 4.3. Upgrading 25 4.3.1. Upgrading Overview 25 4.3.2. Upgrading an existing web mail installation 25-26 4.3.3. Configuration repository location 26 4.3.4. Replace configuration files 26-27 4.4. Post-installation configuration 27 4.4.1. MailEnable Diagnostic Utility 27-29 4.4.2. Check and configure DNS settings 29 4.4.3. To set up PTR records under Microsoft's DNS Server 29-30 4.4.4. Check mail services 30 5. Administration 31 5.1. Administration Overview 31 5.2. Messaging Manager 31 5.2.1. Messaging Manager Overview 31-32 5.2.2. Messaging Manager - General 32 5.2.3. Messaging Manager - Administration 32-33 5.2.4. Messaging Manager - Security 33-34 1 ©2018 MailEnable Pty Ltd. All Rights Reserved. Professional Manual 5.2.5. Messaging Manager - Footers 34 5.3. Post office configuration 34 5.3.1. Post office configuration Overview 34-35 5.3.2. How to create a Post Office 35 5.3.3. Post office - General 35-36 5.3.4.
    [Show full text]
  • Certificate Discovery for Direct Project Implementation Guide V4.1
    Certificate Discovery for Direct Project Implementation Guide Version 4.1, 20 August 2015 Revision History Date Document Version Document Revision Description Revision Owner 2011-10-19 1.1 Revisions from F2F meeting Ken Pool 2011-10-24 2.0 Revisions from Bob Dieterle Bob Dieterle 2011-11-09 3.0 Revisions from Ken Pool Ken Pool 2011-12-14 4.0 First revision following comments Ken Pool 2015-08-20 4.1 Revision addressing corrections and clarifications identified by the Direct Certificate Discovery Tool (DCDT) team. Original Authors Workgroup Lead Ken Pool, OZ Systems Workgroup Lead Sri Koka, Techsant Technologies Participating Author Peter Bachman, Cequs Inc. Participating Author Bob Dieterle, EnableCare Participating Author Ernest Grove, SHAPE HITECH, LLC Participating Author Lester Keepper, SHAPE HITECH, LLC 1. Introduction The Provider Directories Initiative focuses on identifying the requirements, core data set, and standards to support two specific use cases: Discovery of Digital Certificates for the Direct Project; and Discovery of Electronic Service Information (including electronic address and any required security information) in order to support the electronic exchange of health information. The health care industry has utilized provider directories for years. The content of individual directories has varied substantially based upon intended use and audience. The Provider Directories Initiative created within the S&I Framework is not intended to replace existing directories - its primary goal is to support the electronic exchange of health information in a secure fashion. This Implementation Guide addresses the use case for discovery of digital certificates for the Direct Project using a hybrid approach based on DNS and LDAP.
    [Show full text]
  • (IETF) C. Daboo Request for Comments: 6764 Apple Inc. Updates: 4791, 6352 February 2013 Category: Standards Track ISSN: 2070-1721
    Internet Engineering Task Force (IETF) C. Daboo Request for Comments: 6764 Apple Inc. Updates: 4791, 6352 February 2013 Category: Standards Track ISSN: 2070-1721 Locating Services for Calendaring Extensions to WebDAV (CalDAV) and vCard Extensions to WebDAV (CardDAV) Abstract This specification describes how DNS SRV records, DNS TXT records, and well-known URIs can be used together or separately to locate CalDAV (Calendaring Extensions to Web Distributed Authoring and Versioning (WebDAV)) or CardDAV (vCard Extensions to WebDAV) services. Status of This Memo This is an Internet Standards Track document. This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Further information on Internet Standards is available in Section 2 of RFC 5741. Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at http://www.rfc-editor.org/info/rfc6764. Copyright Notice Copyright (c) 2013 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.
    [Show full text]
  • DNS Servers Are Used to Resolve FQDN Hostnames Into IP Addresses and Vice Versa
    >What is the main purpose of a DNS server? DNS servers are used to resolve FQDN hostnames into IP addresses and vice versa. >What is the port no of dns ? 53. >What is a Forward Lookup? Resolving Host Names to IP Addresses. >What is Reverse Lookup? It?s a file contains host names to IP mapping information. >What is a Resource Record? It is a record provides the information about the resources available in the N/W infrastructure. >What are the diff. DNS Roles? Standard Primary, Standard Secondary, & AD Integrated. >What is a Zone? Zone is a sub tree of DNS database. >Secure services in your network require reverse name resolution to make it more difficult to launch successful attacks against the services. To set this up, you configure a reverse lookup zone and proceed to add records. Which record types do you need to create? PTR Records >SOA records must be included in every zone. What are they used for ? SOA records contain a TTL value, used by default in all resource records in the zone. SOA records contain the e-mail address of the person who is responsible for maintaining the zone. SOA records contain the current serial number of the zone, which is used in zone transfers. >By default, if the name is not found in the cache or local hosts file, what is the first step the client takes to resolve the FQDN name into an IP address ? Performs a recursive search through the primary DNS server based on the network interface configuration . > What is primary, Secondary, stub & AD Integrated Zone? Primary Zone: - zone which is saved as normal text file with filename (.dns) in DBS folder.
    [Show full text]
  • [MS-OXDISCO]: Autodiscover HTTP Service Protocol Specification
    [MS-OXDISCO]: Autodiscover HTTP Service Protocol Specification Intellectual Property Rights Notice for Protocol Documentation Copyrights. This protocol documentation is covered by Microsoft copyrights. Regardless of any other terms that are contained in the terms of use for the Microsoft website that hosts this documentation, you may make copies of it in order to develop implementations of the protocols, and may distribute portions of it in your implementations of the protocols or your documentation as necessary to properly document the implementation. This permission also applies to any documents that are referenced in the protocol documentation. No Trade Secrets. Microsoft does not claim any trade secret rights in this documentation. Patents. Microsoft has patents that may cover your implementations of the protocols. Neither this notice nor Microsoft's delivery of the documentation grants any licenses under those or any other Microsoft patents. However, the protocols may be covered by Microsoft’s Open Specification Promise (available here: http://www.microsoft.com/interop/osp). If you would prefer a written license, or if the protocols are not covered by the OSP, patent licenses are available by contacting [email protected]. Trademarks. The names of companies and products contained in this documentation may be covered by trademarks or similar intellectual property rights. This notice does not grant any licenses under those rights. Reservation of Rights. All other rights are reserved, and this notice does not grant any rights other than specifically described above, whether by implication, estoppel, or otherwise. Tools. This protocol documentation is intended for use in conjunction with publicly available standard specifications and network programming art, and assumes that the reader either is familiar with the aforementioned material or has immediate access to it.
    [Show full text]