How to verify or set DNS records for Skype for Business
Skype for Business uses the domain from the user log in to perform a DNS lookup to contact the correct Skype for Business servers. To enable this process to function, four DNS records are required. If split-brain DNS is in use (where your domain name resolves to a different set of DNS servers outside your network than inside), you will have to add these DNS records in both places. In general, the records must be present anywhere a user resolves your DNS domain name.
Resolution
DNS Settings for Skype for Business should be configured as shown below:
Note: Please contact your Project Manager or Support to find out which Pool or SIP Entry your company should use.
CNAME Records for sip.[customerdomain]
Alias Name | Target Host | Pool |
sip | sip3.ct950.com | Pool 03 |
CNAME Records for lyncdiscover
Alias Name | Target Host |
lyncdiscover | lyncdiscover.ct950.com |
SRV (Service) Records
Service | Protocol | Priority | Weight | Port | Target |
_sipfederationtls | _tcp | 0 | 0 | 5061 | sip.[customerdomain] |
_sip | _tls | 0 | 0 | 443 | sip.[customerdomain] |
Note: If your DNS is hosted by a third party that provides you with a web-based portal for administering DNS records, check in advance to ensure they support SRV records as some service providers do not and they are required for Skype for Business to function.
Note: GoDaddy users web interface will present you with a Name field for the SRV records in addition to the fields listed above.set the Name for both SRV records to the @ sign.
Advanced DNS Configuration
Geo Redundant Pool Configurations may want to consider a few factors when deciding which Geo Entries to use. Depending on user disbursement and primary pool for each user. Advanced IT administrators may want to direct all traffic through a specific datacenter if the network path has less latency or any other specific requirements. Please consult with Calltower support to determine if you should use direct Geo routing for your specific needs.
Direct Geo DNS Settings:
sip | sip3stl.ct950.com | Pool 03 Atlanta (Direct Geo) |
sip | sip3slc.ct950.com | Pool 03 Salt Lake City (Direct Geo) |
# Use the following Powershell Code to perform CallTower Network Check from endpoints
"sip3stl.ct950.com","sip3slc.ct950.com" | % {
$hops = (Test-NetConnection -ComputerName $_ -TraceRoute).TraceRoute.Count
$time = (((Test-Connection -ComputerName $_ -Count 10 -Delay 5 -TTL 255 -BufferSize 256 -ThrottleLimit 32).ResponseTime) | Measure-Object -Average).Average
Write-Host "$_ is $hops hops away and has an average response time of $time(ms)" -ForegroundColor Cyan
}
How To Check DNS Settings
1. Open Command Prompt (From the Start Menu type in cmd <enter>)
2. Type in nslookup <enter>
3. Type in set type=all <enter>
4. Type in the DNS record you would like to check.
sip.domain.com <enter>
lyncdiscover.domain.com <enter>
_sipfederationtls._tcp.domain.com <enter>
_sip._tls.domain.com <enter>
5. After you have completed the entries above, if you see “Non-authoritative answer:” and it matches what shows in the DNS template above then it’s setup correctly. If you see “Non-existent domain” or something other than what is given in the template above, double check your spelling, and if that is correct, then the DNS records was created incorrectly or their DNS provider is not properly pushing out the records publicly.
How To Check DNS Settings with PowerShell
Copy the below PowerShell Script into notepad or other code editor and Save it as "Check-SRVRecords.ps1"
Then use the command .\Check-SRVRecords.ps1 -domain [yourdomain.com]
## CallTower PowerShell DNS Checker, This script checks all that you have all your DNS entries in place and displays the final route for DNS lookups. ## ## Usage .\Check-SRVRecords.ps1 -domain calltower.com ## Param($domain=(Get-WmiObject win32_computersystem).Domain) $cnameresult = Resolve-DnsName sip.$domain -Server 8.8.8.8 -ErrorAction SilentlyContinue $lyncdiscoverresult = Resolve-DnsName lyncdiscover.$domain -Server 8.8.8.8 -ErrorAction SilentlyContinue $federationresult = Resolve-DnsName _sipfederationtls._tcp.$domain -Type SRV -Server 8.8.8.8 -ErrorAction SilentlyContinue $siptlsresult = Resolve-DnsName _sip._tls.$domain -Type SRV -Server 8.8.8.8 -ErrorAction SilentlyContinue $notfound = "`tDNS Entry Not Found" Write-Host "`r`nCNAME Result" -ForegroundColor Cyan if ($cnameresult) { Write-Host "`tsip.$domain $(@(foreach ($result in $cnameresult.namehost){ '-> '+$result }))" -ForegroundColor Magenta } else { Write-Host $notfound -ForegroundColor Red } Write-Host "`r`nLyncDiscover Result" -ForegroundColor Cyan if ($lyncdiscoverresult) { Write-Host "`tlyncdiscover.$domain $(@(foreach ($result in $lyncdiscoverresult.namehost){ '-> '+$result }))" -ForegroundColor Yellow } else { Write-Host $notfound -ForegroundColor Red } Write-Host "`r`nFederation Result" -ForegroundColor Cyan if ($federationresult) { Write-Host "`t$($federationresult.NameTarget)" -ForegroundColor Green } else { Write-Host $notfound -ForegroundColor Red } Write-Host "`r`nSIP TLS Result" -ForegroundColor Cyan if ($siptlsresult) { Write-Host "`t$($siptlsresult.NameTarget)" -ForegroundColor Green } else { Write-Host $notfound -ForegroundColor Red }
You should see output similar to this with your domain: