Remove From My Forums

DNS SRV records

Question
0

Sign in to vote

The Best Practices Analyzer seems to only look for

The Service Location (SRV) record for '_sipinternaltls._tcp.ocs.tkn.tst' could not be retrieved from DNS server '147.185.68.67'. Client sign-in failures may result. Verify that the DNS server is online and that the Service Location record is present.

However we do have an SRV record for _sipinternal._tcp.ocs.tkn.tst , but the BPA did not find it.

Do you need to add looking for _sipinternal SIP SRV record to the Best Practices Analyzer?

Monday, October 15, 2007 7:43 PM

All replies

0

Sign in to vote

Did you ever get any resolution to this?

I'm trying to learn "the right way" to install OCS 2007, and all the documentation I see seems to indicate that as long as you've got an SRv record for _sipinternaltls._tcp....." then you're good, as this is the first one it asks for to find your server.

I have that record, but my auto logon doesn't work. I can get the auto-logon to work by creating a "sip.domain.com" cname or A record, but I like the idea of using the SRVs if possible.

Do I need ALL of the SRVs? I thought it would try all of the ones listed in the documentation and use what it found from any of them? Ironically, I can use a protocol analyzer, and see that with only my _sipinternaltls._tcp record, it will find that OCS server, have a TLS communication session, wait idle for one minute, then send out 3 NB Name queries for "WPAD.domain.com" and then abort, telling me that the server couldn't be found...

If more than one SRV is required, can anyone point me to documentation on what each is used for?

Also, as an aside, it seems that the first communication I see happening after the DNS resolution of the SRV is that the client does a WHOIS query on the OCS server, which the server actively refuses. This happens several times before the client gives up. What's going on there? Is there a WHOIS component that I should have running on my OCS?

-Steve

Thursday, December 13, 2007 6:24 PM

172pilot wrote:

I have that record, but my auto logon doesn't work. I can get the auto-logon to work by creating a "sip.domain.com" cname or A record, but I like the idea of using the SRVs if possible.

Steve,

You comment above tells me that something is most likely incorrect with the SRV record you configured (is the port set to TCP 5061?). When using Automatic Configuration Communicator will always attempt to locate the server first with SRV lookups, then fallback to standard DNS records. So if it works after creating sip.domain.com then you know that the SRV record lookup is failing, you are on the right track.

I've never seen the issue you're describing, but I would double-check the section entitled "Create and Verify DNS SRV and A Records for Client Automatic Client Sign-in" in the Standard Server Deployment Guide to verify the existing record.

Have you tried enabling logging in Communicator and looked at the Application event logs and tracing log files?

Friday, December 14, 2007 2:20 PM

Moderator

You're exactly right.. Sorry, I didn't have a chance to get in here and update it.. I SWEAR I did it right, but obviously I fat fingered something, because what I ended up with was not an SRV record that pointed to port 5061, but one that pointed to port 43.. (hence my trouble with the strange WHOIS requests going to the OCS server...)

What threw me was the fact that I could actually see in a network monitor trace, the server and client doing all the negotiations for the login, and then delaying 1 minute before giving up..

Anyway, thanks, and you were right - Once I got the SRV record fixed, all I needed was the one I should have needed in the first place, and it auto-logs in just fine, and quickly too!

On to bigger and harder troubles now! :-)

Thanks!

-Steve

Friday, December 14, 2007 2:53 PM

Asked by:

DNS SRV records

Question

All replies