Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
8745
Views
45
Helpful
3
Comments

How to enable DNS for CUCM versions 9 through 11 after installation

pkinane
Cisco Employee
Cisco Employee

‎01-26-2016 07:58 AM - edited ‎03-12-2019 10:21 AM

 

-------------

Please rate helpful content (i.e. videos, documents, comments). Also, please select the correct answer(s) if any comment(s) answer your question otherwise the questions remains on the support forums as unanswered.

-------------

 

For CUCM you can enable DNS at installation; however, if you do not enable DNS at installation there is a way to do it later. Some people don't have a need to enable DNS at installation, but at a later date they require DNS for something (FQDN for the subject CN of a certificate, IM&P integration, etc....) and they need to use the second option of enabling DNS from the CLI. This second option is not very well documented so I created this video to help demonstrate the process.

 

 

The demonstration:

 

https://www.youtube.com/watch?v=aQ-1yh3ya-0

 

 

 

 

Summary of the process

Things to do prior to enabling DNS:


1: Check database replication

2: Perform a backup

3: Confirm there are no ITL issues. If you don't check this your phones might have issues later. 

4: Make DNS entries in your DNS server so the IP address resolves to the correct FQDN and the FQDN resolves to the correct IP address. This can be tested with nslookup from a PC that uses the same DNS server the CUCM will be using.

 

Things to be mindful of when enabling DNS


1: All of your certificates will be regenerated and any CA signed certificates will be replaced with self-signed certificates
2: IT IS EXTREMELY IMPORTANT THAT ONLY ONE SERVER AT A TIME HAS A CHANGE PERTAINING TO THE DOMAIN NAME (GOING FROM NO DOMAIN TO HAVING A DOMAIN, CHANGING AN OLD DOMAIN TO THE NEW DOMAIN, REMOVING THE DOMAIN ALL TOGETHER). THIS HAS TO DO WITH THE SECURITY BY DEFAULT FEATURE AND THE FACT THAT ENABLING DNS REGENERATES ALL OF THE SERVERS' CERTIFICATES. ENABLING DNS ON ALL SERVERS IN THE CLUSTER WILL RESULT IN THE PHONE REJECTING ALL CERTIFICATES AND SIGNED FILES THAT IT RECEIVES FROM THE CUCMs.
3: Once you are done making DNS changes on your servers, reboot all servers in the cluster (even if some didn't have DNS changes, reboot them all)

 

Things to do after DNS is enabled:

 

1: Check database replication, and confirm there are no ITL issues as was done prior to the change.
2: Change the name listed under system server (this is optional unless you have a reason to do this)

If you are wondering why my licenses didn't need to be rehosted in this demonstration: CSCul10528 and CSCuj83605

This is the document I mentioned for understanding the output for "utils dbreplication runtimestate"
https://supportforums.cisco.com/document/12710871/undertstanding-output-utils-dbreplication-runtimestate-cucm

-------------

Please rate helpful content (i.e. videos, documents, comments). Also, please select the correct answer(s) if any comment(s) answer your question otherwise the questions remains on the support forums as unanswered.

-------------

Labels:
Comments
Vivek Batra
VIP Alumni
VIP Alumni
‎01-26-2016 08:20 PM

Hi,

Thanks for sharing [+5].

- Vivek

pkinane
Cisco Employee
Cisco Employee
‎01-27-2016 06:19 AM

Thank you, Vivek.

BRUCEGRUNEWALD58863
Level 1
Level 1
‎09-23-2021 04:11 PM

The video is marked private and cannot be played.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents