Navigation
GuidesUpdated July 3, 2026

DNS Request Procedures

guidednsnetworkinginfobloxnavapiservicenowautomationazurevm-management

DNS Requests

Automation

DNS records for VMs in Azure is managed by Infoblox with requests to the NavAPI-DNS endpoints. There is an Ansible role meant for this purpose, however the authentication is not fully setup and cannot be immediately used.

In the meantime, a request to Tom Hudak, Manuel Palacios, or Patrick O'Shea is required to complete this effort using their scripts.

  1. Create a post in the Epic on Azure -> Network channel
  2. Provide the fully qualified domain name (ex. servername.ms.ds.uhc.com)
  3. Provide the IP that should be set
  4. Tag one of the above people if they are available, otherwise the Office Hours call is a good time to request this

Manual Change

The NavAPI-DNS endpoints may not satisfy all needs, so there are ways to request direct help from the IPAM team responsible. This requires a Change Request in ServiceNow and can be done by following the steps below. You must have an account in ServiceNow and be assigned to an assignment group to complete this, otherwise not all fields in a Change Request are available to you to edit.

  1. Open a Change Request in ServiceNow

  2. What Type of Change: Standard

  3. Assignment Group: (Your Assignment Group)

  4. Assigned To: (Yourself)

  5. Short Description: Provide something descriptive (ex. Add Manual A Record: server.ms.ds.uhc.com)

  6. Click Submit

  7. Under Risk Assessment, fill out the form. Below are typical answers but correct them if needed for your specific case.

    1. Service Impact: No
    2. Fully Tested: Yes
    3. Fully Backed Out: Yes
  8. Planning tab, these are all examples so please modify them for your change:

    1. Pre-implementation test plan:

      Verify there is no current DNS resolution for this hostname:
      
      $ host server.ms.ds.uhc.com
      Host server.ms.ds.uhc.com not found: 3(NXDOMAIN)
      
    2. Implementation test plan:

      Host: server.ms.ds.uhc.com
      TTL: 300 seconds
      A Records:
      10.150.255.255
      
    3. Validation plan:

      Verify the host is correctly entered:
      
      $ host server.ms.ds.uhc.com
      
    4. Backout plan:

      If the record cannot be created, there is nothing to back out. If the record can only be partially created, the record should be removed to prevent issues testing the application.
      
  9. Security Analysis tab, typically all answers are No as DNS changes should not impact security, controls, or other items but review should ne performed to be certain.

  10. Affected CIs related list:

    1. For internal changes (i.e. ms.ds.uhc.com, msnonprod.dsnonprod.uhc.com), choose NS0-1
    2. For external changes (i.e. public facing optum.com), choose NS13-1
    3. For combined changes, choose both
  11. Change Tasks related list:

    1. Create a new Change Task
    2. Short Description: You can copy the Short Description of the change or provided something specific
    3. Description: Copy the Implementation Plan details from the change
    4. Assignment Group: ISO - IPAM
  12. Submit for Approval

  13. Once approved:

    1. You should receive an email from the DNS team lead notifying you of approval
    2. Schedule a Teams Meeting with the technician in the Assigned To field of the Change Task for the time of the change
    3. You or a team member must be available and on this call for the change to take place
  14. Once completed and verified, mark the change closed