HP StorageWorks Storage Mirroring application notes Guidelines for networking and failover (T2558-96063, February 2008)
10
• The user must have Full Control on the WMI DNS Namespace on the source’s primary DNS server.
For details, see Assigning Full Control on the WMI DNS namespace on page 10.
• The user must be a member of the domain's
DnsAdmins group where the source's primary DNS server
is located. For details, see Assigning the user to the DnsAdmins group on page 11.
4. Run
DFO.exe with the /setpassword switch to store the password of the user (created in step 3) in an
encrypted file. This allows you to run
DFO.exe with specific user credentials without having to include
an unencrypted password in your failover and failback scripts.
dfo /setpassword mydomain.com\dnsadmin mypassword
5. Create DFO.exe command lines to fail over and fail back the source server’s DNS records, and include
them in the failover and failback scripts respectively. Use the
/getpassword switch to indicate that the
password was previously stored.
6. If the DNS server is running Windows Server
®
2000, you must have the DNS Windows Management
Instrumentation (WMI) Provider installed on the source’s primary DNS server to allow the DFO to
modify DNS resource records during failover. To download the DNS WMI Provider, use the following
link:
ftp.microsoft.com/reskit/win2000/dnsprov.zip
Sample DFO commands
Following are sample failover and failback commands for the following environment:
•
Source server: thebe-1.jupiter.local
•
Source IP address: 169.254.1.21
•
Target server: callisto-1.jupiter.local
•
Target IP address: 169.254.1.31
•
DNS server: ganymede.jupiter.local
•
DNS Admin account: jupiter.local\DNSAdmin
You will need to create a failover and failback command for each IP address. For more information about
using the DFO utility, see DNS Failover Utility Command Syntax on page 21.
Sample DFO.exe failover command
“C:\Program Files\DoubleTake\dfo.exe” /dnssrvname ganymede.jupiter.local /srcname
thebe-1.jupiter.local /srcip 169.254.1.21 /tarname callisto-1.jupiter.local
/tarip 169.254.1.31 /trustee JUPITER\THEBE-1$ /username jupiter.local\DNSAdmin
/getpassword /verbose
Sample DFO.exe failback command
“C:\Program Files\DoubleTake\dfo.exe” /dnssrvname ganymede.jupiter.local /srcname
thebe-1.jupiter.local /srcip 169.254.1.21 /tarname callisto-1.jupiter.local
/tarip 169.254.1.31 /trustee JUPITER\THEBE-1$ /username jupiter.local\DNSAdmin
/getpassword /verbose /failback
Additional examples are included in the readme_dfo.htm file.
Assigning Full Control on the WMI DNS namespace
Follow these steps to assign appropriate permissions for the user for WMI control in the domain where the
DNS server resides.
1. Click
Start, Run, and type MMC. Click OK.
2. Select
File, Add/Remove Snap-in.
3. Click
Add and select WMI Control.
4. Click
Add, then click Finish.
5. Click
Close, then click OK.
6. Right-click
WMI Control and select Properties.
7. Select the
Security tab.
8. Double-click on
Root to expand the tree.
9. Select
MicrosoftDNS, then click the Security button.