DDI Guru - DNS Zone Editor UI
All authentication is handled by the Infoblox Grid. The DNS Zone Editor accepts the user's Infoblox Credentials via a login form. These credentials are transmitted to the Infoblox Grid securely using HTTPS where the grid then performs its own authentication schemes on the credentials of the user (local, AD, LDAP, and/or RADIUS). Once the user is authenticated a user session is created. Essentially, the web server that hosts the DNS Zone Editor UI acts as a reverse proxy to the Infoblox Grid.
Once the user has been authenticated and the user session established, a list of zone(s) is returned to the user. All user access and permissions are controlled via the Infoblox Grid Administration facilities.
- Define Infoblox Users
- Define Infoblox User Groups
- Set User/Group permissions on specific DNS Authoritative Zone(s)
- Set User/Group permissions on specific DNS Resource Record Type(s)
NOTE: All permissions are established in the Infoblox Grid Manager UI.
From the list of Authoritative DNS Zones, the permissioned user, can edit the zone, and will be presented with a list of all the editable DNS records in that zone. The UI excludes all Infoblox system-generated or readonly records from the tool. Here the user can do any of the following:
- Add a new DNS record to the zone
- Delete an existing DNS record
- Modify an existing DNS record
All changes made in the DNS Zone Editor UI are subject to the Infoblox Grid data validation rules, and permissioning. The tool can only perform new additions, deletions, or updates that are valid to the Infoblox Grid. Any updates that are NOT valid will have the Infoblox warning returned to the user, and the update will be rejected
The DNS Zone Editor supports the following DNS resource record type(s):
- A records
- AAAA records
- CNAME records
- MX records
- PTR records
- SRV records
- TXT records
NOTE: the tool only allows PTRs in IPv4 and/or IPv6 reverse zone(s).
When adding a new record, the user has the option of including a value to an Infoblox Extensible Attribute called work_ticket. There is data entry validation performed on the name and rdata value(s) of the DNS record in the modal dialog that pops up. The interface also supports the ability to adjust the TTL or Time To Live value of the record which is important when users are performing server moves and application migrations. Additionally, the DNS Zone Editor supports the ability to create staged DNS resource records through the use of the disabled property.
All changes made through the DDI Guru DNS Zone Editor are done in real-time. Once the UI accepts the entry, the entry is added, deleted, or updated directly in the Infoblox Grid and available in the DNS. The DNS Zone Editor has no business logic. It is simply a UI that passes through all requests to the Infoblox Grid via the WAPI RESTful API. This makes the DNS Zone Editor very light-weight and VERY FAST! The DNS Zone Editor can be deployed on a web server, using Apache or Nginx with minimal configuration, making it quite suitable for deploying as a containerized application in Docker or even using as a micro service using NodeJS.
For more information about the DNS Zone Editor please contact the DDI Guru.