[Pdns-users] Status of the LDAP backend in 3.0 release

Nick Milas nmilas at admin.noa.gr
Sun May 1 08:19:12 UTC 2011 

On 1/5/2011 12:58 πμ, Alejandro wrote:

> HI Nick, The powerdns plugin for GOsa is finished, but the lack of 
> DNSSEC and the chance of drop this feature in future versions of 
> powerdns force the debian-edu project to choose bind in place of 
> powerdns for the next version of debian-edu.
>
> ...
>
> I really like to see a update of the powerdns-ldap plugin because also 
> I think that ldap is a really good backend to manage DNS.
>
>
Hi Alejandro,

I do hope and *I believe* that the PowerDNS development team will change 
their mind and decide to - at least minimally for the time being - 
support the LDAP backend. IMHO it's one of the hidden powers of 
PowerDNS, and I have striven to demonstrate my case for the benefit of 
the PowerDNS project. If the LDAP backend is moved to unmaintained 
status, I believe that the whole PowerDNS project may be harmed in terms 
of propagation, fame and reliability.

One dimension of the problem, perhaps not always considered, might be 
that to include a new backend would perhaps be far easier than keeping 
up with the currently existing ones: dropping or reducing support for 
one of them will tend to reduce the "reliability index" (as perceived by 
the "world") for the whole project, because, once a backend is released 
and officially included in a release, there will be a community (known 
or unknown) of users for that backend, even if that community is not in 
a position to directly provide some kind of compensation (funds or 
development resources) to the project. One could assert that even the 
adoption of the PowerDNS software IS a kind of compensation, which will 
provide mid-term/long-term benefit(s) of all types (e.g. publicity, 
propagation, etc.).

Note that while the PowerDNS LDAP backend in Authoritative Server v3.0 
will surely not support DNSSEC, one could very well use Phreebird for an 
easy and efficient DNSSEC deployment, until DNSSEC is included in the 
backend itself (which I believe it will).

I find the lack of "Notify" ("Master") ability in the LDAP backend even 
more important at this stage (although one can use workarounds, as I 
have mentioned in this mailing list).

All the best,
Nick

More information about the Pdns-users mailing list