Integrating IdM and AD - Verifying the DNS configuration

Posted on

I am reading through the documentation- https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/installing_identity_management/installing-trust-between-idm-and-ad_installing-identity-management#unique-primary-dns-domains_configuring-dns-and-realm-settings-for-a-trust

I am stuck at section 24.6.4. Verifying the DNS configuration, specifically on step #3. Steps 1 & 2 work perfectly for me. I don't understand what steps are needed to obtain a valid result for step #3

A little about my setup.
IdM Server-
hostname (FQDN):
utility.idm.nac-issa.org
IP: 172.30.50.5

Active Directory Domain Controller-
hostname (FQDN):
svr2k19.nac-issa.org
IP: 172.30.50.10

My understanding is that I need to have two SRV records in my IdM DNS for the AD server. Is that a correct understanding?

I have several questions related to this.
1. How do I do this in the web interface?
2a. Does the SRV record go in the same zone as the IdM domain?
.Picture of IdM zone with SRV records

2b. Does the SRV record go in a new zone for nac-issa.org?
Picture of NAC zone with SRV records
2c. Have I generally created the SRV records correctly? (I thinking they need to be removed from one of the zones but not sure which)

Please see my screenshots (inline)
3. What is the correct syntax to check the SRV records with dig?
I had some difficulty figuring it out based on the examples given. I have tried multiple different dig commands and all of them come back empty