Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

BIND does not work with LDAP
 View unanswered posts
View posts from last 24 hours

rackathon
 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
leuenberger
Tux's lil' helper
Tux's lil' helper


Joined: 13 Jul 2003
Posts: 142
Location: Zurich, ZH, Schweiz
PostPosted: Sun Nov 19, 2006 7:52 am    Post subject: BIND does not work with LDAP Reply with quote
I try to setup a BIND server which gets its information from a OpenLDAP server.

Code:
emerge -vp bind

[ebuild   R   ] net-dns/bind-9.3.2-r4  USE="dlz doc idn ipv6 ldap ssl -berkdb -mysql -odbc -postgres (-selinux) -threads" 0 kB


I thought when I run emerge with the ldap flag it should run but if i start the BIND daemon I get the following error message in /var/log/message:

Code:
Nov 19 13:40:47 triggerfish named[4092]: starting BIND 9.3.2-P1 -u named -n 1
Nov 19 13:40:47 triggerfish named[4092]: loading configuration from '/etc/bind/named.conf'
Nov 19 13:40:47 triggerfish named[4092]: listening on IPv4 interface eth0, 192.168.1.10#53
Nov 19 13:40:47 triggerfish named[4092]: listening on IPv4 interface lo, 127.0.0.1#53
Nov 19 13:40:47 triggerfish named[4092]: command channel listening on 127.0.0.1#953
Nov 19 13:40:47 triggerfish named[4092]: command channel listening on ::1#953
Nov 19 13:40:47 triggerfish named[4092]: zone 127.in-addr.arpa/IN: loaded serial 2006062502
Nov 19 13:40:47 triggerfish named[4092]: zone 1.168.192.in-addr.arpa/IN: loaded serial 2006062504
Nov 19 13:40:47 triggerfish named[4092]: zone localhost/IN: loaded serial 2006062502
Nov 19 13:40:47 triggerfish named[4092]: unsupported database type 'ldap'
Nov 19 13:40:47 triggerfish named[4092]: zone unix.sea/IN: loading zone: creating database: not found
Nov 19 13:40:47 triggerfish named[4092]: running


My named.conf has the following entries:

Code:
options {
   directory "/var/bind";

   forward only;
   forwarders { 192.168.1.1; };

   listen-on { 127.0.0.1; 192.168.1.10; };
   listen-on-v6 { none; };

   allow-transfer { "none"; };

   allow-query { localhost; 192.168.1.0/24; };

   version "not available";

   pid-file "/var/run/named/named.pid";
};

...

zone "unix.sea" IN {
   type master;
   database "ldap ldap://127.0.0.1/ou=hosts,dc=unix,dc=sea 86400";
};


Does somebody know where there problem is?

Thanks,
Reto
Back to top
View user's profile Send private message
leuenberger
Tux's lil' helper
Tux's lil' helper


Joined: 13 Jul 2003
Posts: 142
Location: Zurich, ZH, Schweiz
PostPosted: Tue Nov 21, 2006 2:07 am    Post subject: Reply with quote
Nobody? :(
Back to top
View user's profile Send private message
Dr.med.Zoidberg
n00b
n00b


Joined: 14 Aug 2003
Posts: 2
Location: munich
PostPosted: Fri Dec 01, 2006 8:35 am    Post subject: Reply with quote
Look at the last entry in this posting http://forums.gentoo.org/viewtopic-t-458648-highlight-bind+dlz+ldap.html
Back to top
View user's profile Send private message
meka
Tux's lil' helper
Tux's lil' helper


Joined: 15 Dec 2003
Posts: 83
Location: Novi Sad / Vojvodina
PostPosted: Wed Oct 22, 2008 7:33 am    Post subject: Reply with quote
The answer to this question is USE="sdb-ldap" which probably didn't exist at the time. Now, having that, I get new problem.
Code:
Oct 22 12:27:18 zra2 named[23823]: LDAP sdb zone ldapdb_bind(): ldap_simple_bind_s(ldp, '(null)', '<secret>') failed
Oct 22 12:27:18 zra2 named[23823]: LDAP sdb zone 'my-domain.com': bind failed
Oct 22 12:27:18 zra2 named[23823]: zone my-domain.com/IN: could not find NS and/or SOA records
Oct 22 12:27:18 zra2 named[23823]: zone my-domain.com/IN: has 0 SOA records
Oct 22 12:27:18 zra2 named[23823]: zone my-domain.com/IN: has no NS records


This is my relevant named.conf part.
Code:
zone "my-domain.com" {
        type master;
        notify no;
        database "ldap ldap://localhost/dc=my-domain,dc=com 172800";
};



This is output from ldapsearch -x -b dc=com.
Code:
dn: dc=com
objectClass: dcObject
objectClass: organization
o: com
dc: com

dn: dc=my-domain,dc=com
objectClass: dcObject
objectClass: organization
o: my-domain
dc: my-domain

dn: relativeDomainName=@,dc=my-domain,dc=com
objectClass: dNSZone
relativeDomainName: @
zoneName: my-domain.com
dNSTTL: 3600
dNSClass: IN
sOARecord: ns.my-domain.com. hostmaster.my-domain.com. 2001030201 3600 1800 60
 4800 86400
nSRecord: ns.my-domain.com.
nSRecord: ns.other-domain.com.
mXRecord: 10 mail.my-domain.com.
mXRecord: 20 mail.other-domain.com.

dn: relativeDomainName=my-hosta,dc=my-domain,dc=com
objectClass: dNSZone
relativeDomainName: my-hosta
zoneName: my-domain.com
dNSTTL: 86400
dNSClass: IN
aRecord: 10.10.10.10
mXRecord: 10 mail.my-domain.com.
mXRecord: 20 mail.other-domain.com.



What am I doing wrong?
Back to top
View user's profile Send private message
meka
Tux's lil' helper
Tux's lil' helper


Joined: 15 Dec 2003
Posts: 83
Location: Novi Sad / Vojvodina
PostPosted: Wed Oct 29, 2008 5:39 am    Post subject: Reply with quote
OK, I'm an idiot. DON'T USE HOSTNAME IN DNS SERVER CONFIGURATION!!! :D In other words, named.conf line should be ldap://127.0.0.1/.... not ldap://localhost/... :D
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT - 5 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2006 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. Powered by phpBB 2.0.22-gentoo-p6 © 2001, 2002 phpBB Group