HP Storage Mirroring V5 Software User Manual

116 Using the DNS Failover (DFO) Utility

Options

(continued)

•

/failback

—Denotes a failback procedure, performed after a failed source is recovered or

restored (required for modify on failback)

•

fbswitch

(optional)—By default, the DFO utility will only failback records in the

dfo_failback_config.dat

file.

fbswitch

allows you to enter a search criteria to identify

the records to change back, even if they are not in the configuration file.

fbswitch

is also used

if the

dfo_failback_config.dat

file is missing

•

/lock

—Allows Active Directory locking for the A type record of the source specified without

modifying the record

•

/unlock

—Allows Active Directory unlocking for the A type record of the source specified

without modifying the record

•

trusteename

—The domain account for the source server machine (

domain\machine$

). DFO

attempts to deny write permissions to the DNS A record on failover for the account identified as

the trustee. “Deny write permissions” is then removed from the DNS A record on failback. This

keeps the source server from reclaiming its DNS A record if it comes back online prior to

failback. You can enter multiple /trustee switches (for example, /trustee administrator /trustee

user).

•

/verbose

—Logging and display level set to maximum detail (optional)

•

/FLUSHDNS /machine [machine_FQDN])—

Run the

ipconfig /flushdns

command to

flush the DNS cache on the specified machine (remote or local (.))

•

/TTL

—Update the TTL value of all modified records

•

seconds

—The number update interval for the TTL (in seconds)

•

/addomain

(optional)—The name of the Active Directory domain where the source

A Type record’s object is stored. This is used if the Active Directory Domain location of the DNS

record object is different than the DNS domain name location for that object. The DFO utility

will attempt to locate the Active Directory record object for locking (see the “

trusteename

” for

more information), but if the DFO utility is unable to determine the location of the Active

Directory object, it will use the ADFQDN location if specified.

•

/test

—Test mode. Modifications are not

actually

made, just listed (optional)

•

/debug

—Forces DFO to write the DNS resource record as-is to the

dfolog.log

file prior to

any DFO modify or list activity

•

/?

—Displays the syntax of the DNS Failover utility

•

/help

—Displays the syntax of the DNS Failover utility

Password

Encryption

•

/setpassword

—

NOTE:

This function must be run separate from a modify or list activity.

/setpassword

is designed to allow the user to store a username/password pairing in an

encrypted file for later use. (optional, but required if

/getpassword

will be used)

•

/getpassword

—Once a username/password pair has been encrypted and stored using

/setpassword

, this command can be used at the command line to retrieve the password

associated with a specific username. It is designed to avoid storing passwords in clear text.

(optional)