[Pdns-users] Status of the LDAP backend in 3.0 release
Christopher Wood
christopher_wood at pobox.com
Tue May 17 14:41:04 UTC 2011
On Sat, May 14, 2011 at 09:12:25PM +0200, bert hubert wrote:
(SNIP)
> If you make a script that sets up LDAP so that I can test, I'll see. But I'm
> not going to delve into anything, you need to get me something that after
> I've apt-get installed the ldap server it sets up a working powerdns
> environment.
>
> Ber
The attached script works for me on Debian Squeeze to set up a quick test ldap directory, without stepping on anything you already have (it will turn off your current slapd). I've confirmed that I can point a PowerDNS (pdns-3.0-rc2.20110514.2193) installation at this directory and retrieve results with dig.
This was my pdns.conf:
#----------
launch=ldap
ldap-host=ldap://localhost:389/
ldap-basedn=dc=dns
ldap-binddn=cn=Manager,dc=dns
ldap-secret=password
ldap-method=tree
webserver
#----------
-------------- next part --------------
#!/bin/bash
DIR=/opt/ldap-data
DIRDNS=$DIR/dns
SLAPD=$DIR/slapd.conf
INITLDIF=$DIR/init.ldif
apt-get -y install pdns-backend-ldap slapd
/etc/init.d/pdns stop
/etc/init.d/slapd stop
mkdir -p $DIRDNS
cat <<XX >$SLAPD
include /etc/ldap/schema/core.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/inetorgperson.schema
include /etc/ldap/schema/nis.schema
include /etc/ldap/schema/dnsdomain2.schema
modulepath /usr/lib/ldap
moduleload back_hdb.la
pidfile /opt/ldap-data/slapd.pid
database hdb
suffix "dc=dns"
rootdn "cn=Manager,dc=dns"
rootpw "password"
directory "/opt/ldap-data/dns"
index cn,objectClass eq
XX
cat <<YY >$INITLDIF
dn: dc=dns
changetype: add
objectclass: top
objectclass: domain
dc: dns
dn: dc=tld,dc=dns
changetype: add
objectclass: dnsdomain2
objectclass: domainrelatedobject
dc: tld
associateddomain: tld
dn: dc=test1,dc=tld,dc=dns
changetype: add
objectclass: dnsdomain2
objectclass: domainrelatedobject
dc: test1
associateddomain: test1.tld
SOARecord: ns.test1.tld. hostmaster.test1.tld. 2004112204 86400 7200 1209600 7200
dn: dc=test1,dc=tld,dc=dns
changetype: modify
add: NSRecord
NSRecord: ns1.test1.tld
dn: dc=test1,dc=tld,dc=dns
changetype: modify
add: NSRecord
NSRecord: ns2.test1.tld
dn: dc=test1,dc=tld,dc=dns
changetype: modify
add: MXRecord
MXRecord: 100 mail5.test1.tld
dn: dc=test1,dc=tld,dc=dns
changetype: modify
add: MXRecord
MXRecord: 200 mail6.test1.tld
dn: dc=smtp,dc=test1,dc=tld,dc=dns
changetype: add
objectclass: dnsdomain2
objectclass: domainrelatedobject
dc: smtp
associateddomain: smtp.test1.tld
ARecord: 192.168.10.182
dn: dc=smtp-backup,dc=test1,dc=tld,dc=dns
changetype: add
objectclass: dnsdomain2
objectclass: domainrelatedobject
dc: smtp-backup
associateddomain: smtp-backup.test1.tld
ARecord: 192.168.10.182
dn: dc=mail,dc=test1,dc=tld,dc=dns
changetype: add
objectclass: dnsdomain2
objectclass: domainrelatedobject
dc: mail
associateddomain: mail.test1.tld
ARecord: 192.168.10.182
dn: dc=mail,dc=test1,dc=tld,dc=dns
changetype: modify
add: MXRecord
MXRecord: 0 smtp.test1.tld
dn: dc=www,dc=test1,dc=tld,dc=dns
changetype: add
objectclass: dnsdomain2
objectclass: domainrelatedobject
dc: www
associateddomain: www.test1.tld
ARecord: 192.168.15.10
dn: dc=test1,dc=tld,dc=dns
changetype: modify
add: ARecord
ARecord: 192.168.15.10
dn: dc=home,dc=test1,dc=tld,dc=dns
changetype: add
objectclass: dnsdomain2
objectclass: domainrelatedobject
dc: home
associateddomain: home.test1.tld
dn: dc=www,dc=home,dc=test1,dc=tld,dc=dns
changetype: add
objectclass: dnsdomain2
objectclass: domainrelatedobject
dc: www
associateddomain: www.home.test1.tld
ARecord: 192.168.15.10
dn: dc=home,dc=test1,dc=tld,dc=dns
changetype: modify
add: ARecord
ARecord: 192.168.15.10
dn: dc=pop,dc=test1,dc=tld,dc=dns
changetype: add
objectclass: dnsdomain2
objectclass: domainrelatedobject
dc: pop
associateddomain: pop.test1.tld
ARecord: 192.168.10.182
dn: dc=imap,dc=test1,dc=tld,dc=dns
changetype: add
objectclass: dnsdomain2
objectclass: domainrelatedobject
dc: imap
associateddomain: imap.test1.tld
ARecord: 192.168.10.182
dn: dc=cache,dc=test1,dc=tld,dc=dns
changetype: add
objectclass: dnsdomain2
objectclass: domainrelatedobject
dc: cache
associateddomain: cache.test1.tld
ARecord: 192.168.30.11
dn: dc=news,dc=test1,dc=tld,dc=dns
changetype: add
objectclass: dnsdomain2
objectclass: domainrelatedobject
dc: news
associateddomain: news.test1.tld
CNAMERecord: news.test1.tld
dn: dc=pac,dc=test1,dc=tld,dc=dns
changetype: add
objectclass: dnsdomain2
objectclass: domainrelatedobject
dc: pac
associateddomain: pac.test1.tld
ARecord: 192.168.15.10
dn: dc=support,dc=test1,dc=tld,dc=dns
changetype: add
objectclass: dnsdomain2
objectclass: domainrelatedobject
dc: support
associateddomain: support.test1.tld
ARecord: 192.168.15.10
dn: dc=allinone,dc=support,dc=test1,dc=tld,dc=dns
changetype: add
objectclass: dnsdomain2
objectclass: domainrelatedobject
dc: allinone
associateddomain: allinone.support.test1.tld
ARecord: 192.168.15.10
YY
chown -R openldap:openldap $DIR
chmod -R go-rwx $DIR
/usr/sbin/slapd -h ldap:/// ldapi:/// -g openldap -u openldap -f $SLAPD
ldapmodify -x -D 'cn=Manager,dc=dns' -w password -c -f $INITLDIF
More information about the Pdns-users
mailing list