[Pdns-users] LDAP vs postgres as backend

Marcel Meyer meyerm-pdns1 at fs.tum.de
Fri Jan 7 05:24:13 UTC 2011

Hi everybody,

I'd like to setup some VMs each dedicated to a specific job. SMTP, IMAP, XMPP, 
HTTP, SSH and of course DNS. To ease the administration of these, a central 
point for configuration of (virtual) users, domains etc. would be nice.

Ideally I'd use some "configuration service" on an admin VM which replicates 
to the other VMs (readonly?). So each VM has at least the needed data for its 
service available (user, password, domains, ...) and could operate even 
without this central VM. From time to time this central VM will initiate a 
sync to propagate changes of passwords or new domains etc.

Searching through the websites of the relevant software projects (postfix, 
apache, dovecot, jabberd2, "PAM/System-Auth" and of courde PowerDNS) I found 
that they all support at least LDAP and Postgresql for authentication and/or 

Now my question: which would be a better solution for powerdns? Did I 
understand Bert's last mail about PowerDNSSEC correctly that it will only work 
with the database-backends for now? Is one backend immediately ruled out when 
I want to be backup NS for other domains where I can only get the data by AXFR 
(they are using bind)? Of course I would need to setup my local configuration 
service read/write in this case... Mh, on the other hand I could create a 
second backend which is read/write and independant from the rest (wouldn't 
be so much of a problem since these domains wouldn't change that often and the 
data is not used on the other VMs).

Thank you very much for your comments,


More information about the Pdns-users mailing list