[Andreas B. Mundt] > As I have already all this working here it should not be too much > work to have it in our installation. Let me know if you think this > is a good idea for now. Without dns we cannot move on with kerberos.
In my view, it is best to have a DNS server that dynamically look up entries in LDAP when queries come in, instead of using periodic updates of the DNS configuration from LDAP. Because of this, I am skeptical to a solution involving ldap2zone. There seem to be several DNS related LDAP schemas, and several different patches for bind to get it to use LDAP. I suspect we can find a solution that work with the LDAP schema used by powerdns, which is cosine.schema and dnsdomain2.schema. I found <URL:http://www.venaas.no/ldap/bind-sdb/dnszone-schema.txt>, is this the schema you had in mind? I'm in the process of investigating how PowerDNS uses LDAP, and the initial look at the slapd log make me believe it only look for the attributes in need, and not for any specific object classes. This allow us to use any schema as long as attributes with names like associateddomain, soarecord and arecord are used. The DHCP server on the other hand is different, it look for specific objectclass names. Happy hacking, -- Petter Reinholdtsen -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
