[Pdns-dev] Extending the LDAP Backend

Adrian Overbury adrian at inomial.com
Thu Mar 20 15:28:01 CET 2008 

Hi,

I'm looking at extending the LDAP backend to allow a more flexible  
schema for storing domain information.  Instead of having the user  
locked into the dnsDomain2/domainRelatedObject schema, I'd like to be  
able to have a set of options in the configuration file like:

ldap-SOAattr=customSOAattr
ldap-DomainComponentattr=cn
...

And to have pdns then use these attributes for searching (so, in a  
tree-style listing, it would look for  
cn=example,cn=com,ou=whatever,dc=blah,dc=net instead of  
dc=example,dc=com,ou=whatever,dc=blah,dc=net, and would try to find  
the SOA record in customSOAattr, and so on).  After perusing the code  
(which I'm really liking, by the way.  Far better organised than I'm  
used to seeing when I have to dig into code) I can see that I can use  
the getArg and getArgAsNum methods in the ldapbackend.cc file to pull  
my new config options out of the file.  Then I should be able to push  
them onto the ldap_attrany array so that they can be searched on, and  
change LdapBackend::lookup_tree() to use ldap-DomainComponentattr  
instead of dc when it's forming the DN.  And, of course, change  
zone2ldap to fit this new way of doing things.

One thing I am wondering about, though, is this: are default values  
supported in the config file?  Can I leave an option out and just have  
a default put in its place at run-time?  This would be, to me,  
essential.  You might want to change the domain component attribute to  
something other dc, but leave the rest of the attributes with their  
default values by not putting any entries for them in the config  
file.  From my (admittedly brief) reading of the code, it seems that  
the  arguments object throws an exception if it can't find the  
specified entry.  I suppose I should put it in a try/catch block and  
put the default value in place if the exception is thrown.

I'm not sure, though.  What do you guys think?  Have I missed  
anything, or are there any tips you might have about implementing  
this?  I really do want to do this, but I don't want to step on  
anyone's toes by doing it, so if anyone's got a problem with my idea  
or my way of implementing it, please, let me know.

Regards,

Adrian

More information about the Pdns-dev mailing list