Local windows servers and clients DNS/DHCP configurations are out of sync and unmanaged across over 1300 geographical located service centers. To add it is unknown how out of sync they are and a Business critical application deployment is dependent on consistency and requires specific DNS/DHCP changes across the various locations.
Two BigFix Analysis was created to determine configurations across the various locations. These Analysis showed how bad the issue really was and provided vital configuration information to the application teams. Most if not all of the DHCP/ DNS configurations where not in sync with the corporate standard, several hundred “fat finger” mistakes and less than 10% of the required configuration changes had been applied appropriately in preparation for the critical application deployment.
Two task where created to remediate the issues, make the required DNS/DHCP configuration changes and standardize across the various locations and remediate if changed in the future.
Task one was used for DHCP configuration management. This task allowed for admin level support staff to change the DHCP configuration on all DHCP server across various locations. The changes required little to know user input and where based on user input (parameters) or automatic remediation based on relevance.
Task two was used for DNS configuration management. This task allowed for admin level support staff to change the DNS configuration on all DHCP severs and static DNS configuration . The changes required little to know user input and where based on user input (parameters) or automatic remediation based on relevance.
Time to Complete:
Based on the initial analysis (pre BigFix Analysis) it would have taken the support teams months to discover and even more time to remediate the deficiencies; manually or via scripts. The BigFix approach took less than two days for the creation of the analysis and task. It took approximately three days to remediate the deficiencies across over 1300 locations and approximately 12,500 endpoint (DHCP servers and DNS clients) Another critical advantage to the BigFix approach is the “closed loop validation”; this gives the validation that the executed remediation was truly remediated and is consistent across the environment. A policy action has been created to remediate DHCP/DNS changes to comply to the established configuration; for new systems or missconfiguration.
Several scheduled webreports were created to show the leadership remediation progress/status and ongoing reporting on deviations from the established configuration.
Future Use Case:
Additional DHCP/DNS configuration features; add new scopes, DHCP ranges, etc… Work also has begun (slowly) on a dashboard for over all local DNS/DHCP configuration and management.