[Pdns-users] Configure private subdomain
Michael Ströder
michael at stroeder.com
Sat Mar 28 16:39:26 UTC 2015
Nikolaos Milas wrote:
> If you managed to set up this demo (Split-DNS with powerdns and LDAP-Backend)
> for the "Linux-Tage", could you please post this work here or a link to a page
> where it is available?
Basically it boils down to this ACL:
access to
dn.subtree="cn=pdns,ou=services,ou=infra-dir"
filter="(objectClass=dNSDomain2)"
by set="user/memberOf & this/seeAlso" read
by * none
Attribute 'seeAlso' contains DN(s) of group entries of service accounts of
powerdns instances.
Could not extensively test it though due to time constraints.
And a nicer schema for not (ab)using attribute 'seeAlso' would be better.
Ciao, Michael.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4272 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20150328/0551212b/attachment-0001.bin>
More information about the Pdns-users
mailing list