[Pdns-users] Status of the LDAP backend in 3.0 release

Christopher Wood christopher_wood at pobox.com
Tue May 17 14:41:04 UTC 2011


On Sat, May 14, 2011 at 09:12:25PM +0200, bert hubert wrote:

(SNIP)

> If you make a script that sets up LDAP so that I can test, I'll see. But I'm
> not going to delve into anything, you need to get me something that after
> I've apt-get installed the ldap server it sets up a working powerdns
> environment.
> 
> 	Ber

The attached script works for me on Debian Squeeze to set up a quick test ldap directory, without stepping on anything you already have (it will turn off your current slapd). I've confirmed that I can point a PowerDNS (pdns-3.0-rc2.20110514.2193) installation at this directory and retrieve results with dig.

This was my pdns.conf:

#----------
launch=ldap
ldap-host=ldap://localhost:389/
ldap-basedn=dc=dns
ldap-binddn=cn=Manager,dc=dns
ldap-secret=password
ldap-method=tree
webserver
#----------
-------------- next part --------------
#!/bin/bash

DIR=/opt/ldap-data
DIRDNS=$DIR/dns
SLAPD=$DIR/slapd.conf
INITLDIF=$DIR/init.ldif

apt-get -y install pdns-backend-ldap slapd

/etc/init.d/pdns stop
/etc/init.d/slapd stop

mkdir -p $DIRDNS

cat <<XX >$SLAPD
include /etc/ldap/schema/core.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/inetorgperson.schema
include /etc/ldap/schema/nis.schema
include /etc/ldap/schema/dnsdomain2.schema

modulepath      /usr/lib/ldap
moduleload      back_hdb.la

pidfile /opt/ldap-data/slapd.pid

database hdb
suffix "dc=dns"
rootdn "cn=Manager,dc=dns"
rootpw "password"
directory "/opt/ldap-data/dns"
index cn,objectClass eq
XX

cat <<YY >$INITLDIF
dn: dc=dns
changetype: add
objectclass: top
objectclass: domain
dc: dns

dn: dc=tld,dc=dns
changetype: add
objectclass: dnsdomain2
objectclass: domainrelatedobject
dc: tld
associateddomain: tld

dn: dc=test1,dc=tld,dc=dns
changetype: add
objectclass: dnsdomain2
objectclass: domainrelatedobject
dc: test1
associateddomain: test1.tld
SOARecord: ns.test1.tld. hostmaster.test1.tld. 2004112204 86400 7200 1209600 7200

dn: dc=test1,dc=tld,dc=dns
changetype: modify
add: NSRecord
NSRecord: ns1.test1.tld

dn: dc=test1,dc=tld,dc=dns
changetype: modify
add: NSRecord
NSRecord: ns2.test1.tld

dn: dc=test1,dc=tld,dc=dns
changetype: modify
add: MXRecord
MXRecord: 100 mail5.test1.tld

dn: dc=test1,dc=tld,dc=dns
changetype: modify
add: MXRecord
MXRecord: 200 mail6.test1.tld

dn: dc=smtp,dc=test1,dc=tld,dc=dns
changetype: add
objectclass: dnsdomain2
objectclass: domainrelatedobject
dc: smtp
associateddomain: smtp.test1.tld
ARecord: 192.168.10.182

dn: dc=smtp-backup,dc=test1,dc=tld,dc=dns
changetype: add
objectclass: dnsdomain2
objectclass: domainrelatedobject
dc: smtp-backup
associateddomain: smtp-backup.test1.tld
ARecord: 192.168.10.182

dn: dc=mail,dc=test1,dc=tld,dc=dns
changetype: add
objectclass: dnsdomain2
objectclass: domainrelatedobject
dc: mail
associateddomain: mail.test1.tld
ARecord: 192.168.10.182

dn: dc=mail,dc=test1,dc=tld,dc=dns
changetype: modify
add: MXRecord
MXRecord: 0 smtp.test1.tld

dn: dc=www,dc=test1,dc=tld,dc=dns
changetype: add
objectclass: dnsdomain2
objectclass: domainrelatedobject
dc: www
associateddomain: www.test1.tld
ARecord: 192.168.15.10

dn: dc=test1,dc=tld,dc=dns
changetype: modify
add: ARecord
ARecord: 192.168.15.10

dn: dc=home,dc=test1,dc=tld,dc=dns
changetype: add
objectclass: dnsdomain2
objectclass: domainrelatedobject
dc: home
associateddomain: home.test1.tld

dn: dc=www,dc=home,dc=test1,dc=tld,dc=dns
changetype: add
objectclass: dnsdomain2
objectclass: domainrelatedobject
dc: www
associateddomain: www.home.test1.tld
ARecord: 192.168.15.10

dn: dc=home,dc=test1,dc=tld,dc=dns
changetype: modify
add: ARecord
ARecord: 192.168.15.10

dn: dc=pop,dc=test1,dc=tld,dc=dns
changetype: add
objectclass: dnsdomain2
objectclass: domainrelatedobject
dc: pop
associateddomain: pop.test1.tld
ARecord: 192.168.10.182

dn: dc=imap,dc=test1,dc=tld,dc=dns
changetype: add
objectclass: dnsdomain2
objectclass: domainrelatedobject
dc: imap
associateddomain: imap.test1.tld
ARecord: 192.168.10.182

dn: dc=cache,dc=test1,dc=tld,dc=dns
changetype: add
objectclass: dnsdomain2
objectclass: domainrelatedobject
dc: cache
associateddomain: cache.test1.tld
ARecord: 192.168.30.11

dn: dc=news,dc=test1,dc=tld,dc=dns
changetype: add
objectclass: dnsdomain2
objectclass: domainrelatedobject
dc: news
associateddomain: news.test1.tld
CNAMERecord: news.test1.tld

dn: dc=pac,dc=test1,dc=tld,dc=dns
changetype: add
objectclass: dnsdomain2
objectclass: domainrelatedobject
dc: pac
associateddomain: pac.test1.tld
ARecord: 192.168.15.10

dn: dc=support,dc=test1,dc=tld,dc=dns
changetype: add
objectclass: dnsdomain2
objectclass: domainrelatedobject
dc: support
associateddomain: support.test1.tld
ARecord: 192.168.15.10

dn: dc=allinone,dc=support,dc=test1,dc=tld,dc=dns
changetype: add
objectclass: dnsdomain2
objectclass: domainrelatedobject
dc: allinone
associateddomain: allinone.support.test1.tld
ARecord: 192.168.15.10
YY


chown -R openldap:openldap $DIR
chmod -R go-rwx $DIR


/usr/sbin/slapd -h ldap:/// ldapi:/// -g openldap -u openldap -f $SLAPD

ldapmodify -x -D 'cn=Manager,dc=dns' -w password -c -f $INITLDIF


More information about the Pdns-users mailing list