| View previous topic :: View next topic |
| Author |
Message |
neonknight
Guru
Joined: 19 Jul 2003
Posts: 357
Location: Zurich, Switzerland
|
 Posted: Mon May 01, 2006 9:44 am Post subject: Bind and LDAP |
 |
|
Hello everyone!
I have tried to configure my Bind to use an LDAP-database to store the zone configuration. Unfortunately LDAP seems to be unsupported despite the USE-flag:
| Code: | # emerge -pv bind
[ebuild R ] net-dns/bind-9.3.2 +berkdb +dlz -doc +idn -ipv6 +ldap -mysql -odbc -postgres (-selinux) +ssl +threads 0 kB |
the zone-definitions in /etc/bind/named.conf looks like this:
| Code: | zone "0.168.192.in-addr.arpa" IN {
type master;
database "ldap ldap://127.0.0.1/ou=0.168.192.in-addr.arpa,ou=reverse,ou=zone.master,ou=dns,dc=neonknight,dc=homelinux,dc=org????!bindname=uid=ldapbi
ndaccount,ou=dns,dc=neonknight,dc=homelinux,dc=org, !x-bindpw=xxxxx 172800";
allow-update { key MYDYNDNS; };
notify no;
}; |
Upon startup of bind, the syslog reports:
| Code: | unsupported database type 'ldap'
zone 0.168.192.in-addr.arpa/IN: loading zone: creating database: not found |
Well well... is the ldap-USE-flag just a placebo? Or is my database-string in /etc/bind/named.conf wrong?
I followed this howto: http://www.linux-club.de/ftopic35142.html (just needs some minor changes to suit a gentoo-system) |
|
| Back to top |
|
 |
monkeyboy
n00b
Joined: 18 Apr 2002
Posts: 29
Location: Denver
|
| Posted: Mon May 01, 2006 1:20 pm Post subject: |
|
|
The ebuild has:
| Code: | | use ldap && myconf="${myconf} --with-dlz-ldap" |
in it, so it should be compiled with ldap support. I have found using an ldap database for zone info (or dhcp for that matter) is a real pain to get working the first time. You have to have everything just right and don't always get a good error message about what's wrong. |
|
| Back to top |
|
|
neonknight
Guru
Joined: 19 Jul 2003
Posts: 357
Location: Zurich, Switzerland
|
| Posted: Wed May 03, 2006 12:57 pm Post subject: |
|
|
Thanks for your reply.
I've taken a look at the ebuild myself, and yes, the USE-flag seems to change something... But is there a way to make sure, that my Bind really supports LDAP? Or what should the database-entry look like? |
|
| Back to top |
|
|
monkeyboy
n00b
Joined: 18 Apr 2002
Posts: 29
Location: Denver
|
| Posted: Mon May 08, 2006 12:45 pm Post subject: |
|
|
Sorry for the slow reply.....
I have anonymous searches allowd from localhost - haven't tried to do it with authentication. Here's what I have in the named.conf:
| Code: | zone "example.com" {
type master;
database "ldap ldap://127.0.0.1/dc=example,dc=com,ou=DNS,o=company 1600";
};
|
Here's part of the zone:
| Code: |
dn: dc=com,ou=DNS,o=company
objectClass: domain
dc: com
dn: dc=example,dc=com,ou=DNS,o=company
objectClass: domain
objectClass: top
objectClass: dNSDomain
objectClass: domainRelatedObject
dc: example
associatedDomain: example.com
dn: relativeDomainName=www,dc=example,dc=com,ou=DNS,o=company
dNSClass: IN
objectClass: dNSZone
dNSTTL: 3600
zoneName: example.com
relativeDomainName: www
aRecord: 192.168.1.1
|
This is using bind 9.2.3 and openldap 2.0.27. Things should be similar for newer versions of each. |
|
| Back to top |
|
|
NIH
n00b
Joined: 16 Sep 2003
Posts: 31
|
| Posted: Mon May 08, 2006 2:07 pm Post subject: |
|
|
neonknight,
The ldap useflag for bind is used for building bind with this: http://bind-dlz.sourceforge.net/ldap_driver.html patch
The howto you are using is refering to this: http://www.venaas.no/ldap/bind-sdb/ patch which is not supported by gentoo as far as I know.
So follow the instructions on the first site or manually patch bind and follow the howto you refered to in you're first post.
NIH |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Networking & Security
