The Importance of CNAME Records

  • Article

Applies To: Windows Server 2008, Windows Server 2008 R2, Windows Server 2012

What are CNAME Records?

CNAME stands for Canonical Name record. It is a type of resource record that is used in the Domain Name System. In DNS, the CNAME record is used as an alias for another record within DNS. For example, in our scenario here, we use a CNAME record named ADRMS-SQL to point to the FQDN of our SQL Server, SQL1.fabrikam.com.

Why are CNAME Records important to AD RMS?

CNAME records are important for several reasons. First, when you create a piece of content, the URL for the AD RMS server is embedded into the header of it. When a user attempts to consume this content, it is this URL that is used to obtain a use license. If you originally installed AD RMS using the FQDN of the physical AD RMS server as the URL and this were to ever change, documents with the old URL would be inaccessible.

For example, if we have an AD-RMS server with an FQDN of AD-RMS.fabrikam.com and we use a URL of https://AD-RMS.fabrikam.com, then all of our content will have https://AD-RMS.fabrikam.com embedded in the header of all rights protected content. Now say we decide to change the AD RMS servers name to AD-RMS2.fabrikam.com and our URL is now https://AD-RMS2.fabrikam.com. Now when a user attempts to consume older rights-protected content, they will look for a use license at https://AD-RMS.fabrikam.com, not our new URL of https://AD-RMS2.fabrikam.com. They will not be able to consume this content. Now suppose instead we had created a CNAME record called RMS. We can point this record at AD-RMS.fabrikam.com. This record will have an FQDN RMS.fabrikam.com. When we install AD RMS, we will specify https://RMS.fabrikam.com as the URL. So now if we decide to change the AD RMS servers name to AD-RMS2.fabrikam.com we can simply edit the CNAME record to point to AD-RMS2.fabrikam.com.

Secondly, if you decide later on down the line that you want to add Network Load Balancing because the AD RMS infrastructure has grown, it is much simpler to do this with a CNAME record.

SQL Server and CNAME Records

In order to use a CNAME record with a SQL Server, the DisableStrictNameChecking registry key must be added and the value set to 1. This allows for the SQL Server to be called something other than its proper name when a connection attempt is being made. Step 14 – Add DisableStrictNameChecking of this guide describes how to do this in detail. This is disabled by default.