[Pdns-users] Problem with aRecord matching in ldap backend
Nick Milas
nmilas at admin.noa.gr
Sat Jan 8 12:08:49 UTC 2011
Hi,
This is more of an LDAP question, but it is directly connected to
powerdns/ldap-backend, so I need some feedback:
I am trying to select particular records based on their aRecord
attribute in openldap (dns records stored in ldap backend - simple mode).
So I am trying to use - in external scripts - a search filter like:
(aRecord=10.11.12.*) but it never produces results.
I noticed that aRecord is defined in dnsDomain schema (available in
cosine.schema) and inherited in dnsDomain2.
I came to the conclusion that the problem may be caused by the fact that
aRecord (oid: 0.9.2342.19200300.100.1.26) has no substring matching rule
defined in schema:
attributetype ( 0.9.2342.19200300.100.1.26 NAME 'aRecord'
EQUALITY caseIgnoreIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
I thought of modifying it in order to allow substring matching, like:
attributetype ( 0.9.2342.19200300.100.1.26 NAME 'aRecord'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
Would this change possibly cause any problems? Should I do it or not?
Would powerdns be affected in any way?
Please advise.
Thanks in advance,
Nick
More information about the Pdns-users
mailing list