How Novell eDirectory Works with DNS
D
no
vd
ocx
(e
n)
6 Ap
ril 20
07
609
D
How Novell eDirectory Works with
DNS
If a client asks a server to resolve a fully qualified name (for example, admin.novell.novell_inc) that
does not exist in the Novell
®
eDirectory
TM
tree, or if you use a standalone application such as Novell
iManager for Linux and UNIX or the eDirectory install application to resolve a name in the tree and
you don't have a server to talk to yet, eDirectory uses service discovery protocols to resolve the
name. Service discovery protocols are a class of network applications that allow distributed
components to find and use needed services within a network.
eDirectory has traditionally used SAP and SLP to search for and advertise network services. DNS
was added as a discovery protocol in eDirectory 8.7.1. This added functionality means that if you
ask for a tree name that eDirectory doesn't understand (either because you are talking to a server that
doesn't hold a copy of the tree or you are using a stand-alone application), the machine trying to do
the discovery—whether it's a machine running a stand-alone application, a JClient application such
as Novell iManager or ConsoleOne
®
, or a server—uses eDirectory's discovery protocols, in the
following order:
1. Domain Name System (DNS)
2. Service Location Protocol (SLP)
3. Service Advertising Protocol (SAP)
When using the DNS protocol, eDirectory takes the name as it was passed (for example, a server
name such as prod_server4.provo.novell.novell_inc), and tries to resolve the entire name just as it is.
eDirectory then appends each name in the discovery machine's DNS search list, and asks the
machine's DNS sever if it has an address for that name. For example, if the discovery machine's
DNS search list included dev.novell.com and test.novell.com, eDirectory would search for
prod_server4.provo.novell.novell_inc.dev.novell.com and
prod_server4.provo.novell.novell_inc.test.novell.com.
Then eDirectory takes components off the name that was passed to it. For example, if trying to
resolve prod_server4.provo.novell.novell_inc, eDirectory tries provo.novell.novell_inc, then
novell.novell_inc, then novell_inc. eDirectory does that for each of the different search contexts
until eventually it tries the single component that is the tree root. The client will attempt each of the
addresses until it successfully makes a connection. It does the attempts using the ordering of records
returned from the DNS server. It doesn’t matter what code revision the servers in the replica ring are
running as long as the machine trying to do the discovery is running eDirectory 8.7.1 or later.
We recommend putting your eDirectory tree name in DNS using an A, AAAA, or Service (SRV)
resource record under the DNS domain the clients are going to use to resolve names. If you use A or
AAAA records, the eDirectory servers must be running on the default 524 port. If the servers are
using any other port, use an SRV record.
In the following sample resource records, novell_inc is the tree name and provo.novell.com is the
DNS search context:
Record
Example
A
novell_inc.provo.novell.com. IN A 192.168.1.2
Summary of Contents for EDIRECTORY 8.8 SP2
Page 4: ...novdocx en 6 April 2007...
Page 116: ...116 Novell eDirectory 8 8 Administration Guide novdocx en 6 April 2007...
Page 128: ...128 Novell eDirectory 8 8 Administration Guide novdocx en 6 April 2007...
Page 255: ...256 Novell eDirectory 8 8 Administration Guide novdocx en 6 April 2007...
Page 406: ...408 Novell eDirectory 8 8 Administration Guide novdocx en 6 April 2007...
Page 563: ...566 Novell eDirectory 8 8 Administration Guide novdocx en 6 April 2007...
Page 573: ...576 Novell eDirectory 8 8 Administration Guide novdocx en 6 April 2007...
Page 601: ...604 Novell eDirectory 8 8 Administration Guide novdocx en 6 April 2007...