Filter
Top Products
Deployment Guide Polycom CX700
42
When you use NetBIOS style, the phone needs to use the <domain> name to
find a domain controller. If WINS is configured for use by the phone (via
DHCP), it will use that. However if WINS is not configured, and the phone is
on another subnet than the domain controller, it needs to use DNS to find it.
The way it looks for a domain controller is using the DC locator SRV records
in DNS (_ldap._tcp.dc._msdcs.<DNS domain>). When it looks up these
records, it uses domain information received using DHCP (option 15 and
option 119). Say we have the following situation:
• The phone receives the DNS domain fabrikam.dk in DHCP option 15
(DomainName).
• The phone receives the DNS domains fabrikam.dk and dk in DHCP
option 119 (DomainSearch).
• The domain controller is located in fabrikam.dk and can be found by
locating the SRV record _ldap._tcp.dc._msdcs.fabrikam.dk .
• The user signs in with Fabrikam\Jens .
The phone will try to locate the domain controller using this sequence:
• _ldap._tcp.dc._msdcs.fabrikam—takes the NetBIOS name directly (fails)
• _ldap._tcp.dc._msdcs.fabrikam.fabrikam.dk—adds the DomainName
value (fails)
• _ldap._tcp.dc._msdcs.fabrikam.fabrikam.dk—adds first element in
DomainSearch (fails)
• _ldap._tcp.dc._msdcs.fabrikam.dk—adds second element in
DomainSearch (succeeds)
So if dk was not added to DHCP option 119, the phone would have been
unable to locate a domain controller and, therefore, the user could not sign in
and the phone would have be unable to download certificates. You need to
configure the DNS Suffix list such that the device can construct the correct
DNS domain based on the NetBIOS name used.
An alternative approach is to instruct users to sign in using UPN style, for
example, jens@fabrikam.dk, and in this way the user provides the correct
DNS domain directly at sign in.
If you have configured the NetBIOS name to be completely different to the AD
DNS domain name, for example, NetBIOS fabrikam and AD DNS domain is
contoso.net, it is not possible to use the DNS Suffix list to create the mapping.
In such a scenario the best approach is to instruct the users to use UPN style
login. Alternatively use WINS.