On 10/12/2012 11:52 AM, Артур Файзуллин wrote:
Hi, everyone!
On site of the dyndb-ldap project
https://fedorahosted.org/bind-dyndb-ldap/ is told that for any question
I should ask here.
You are on the right place, welcome!
May be it is an old question, but I didn't find anything on it.
I just want to learn how to store records for dyndb-ldap in standart
LDAP-server such as 389-ds or OpenLDAP. If I am fool and couldn't find
it, please, show me where I can learn it (google couldn'r help me).
Or may You can explain me it, and I could make documentation for it?
Unfortunately, we don't have comprehensive documentation.
If you want to give it a quick try, you can install FreeIPA. Command
$ ipa-server-install --setup-dns
will install FreeIPA server and configures DNS subtree in LDAP and configures
/etc/named.conf appropriately.
If you want to start with bind-dyndb-ldap from scratch it is a bit harder.
First of all, you need to put our DNS schema to your DNS server:
http://git.fedorahosted.org/cgit/bind-dyndb-ldap.git/tree/doc/schema
After schema set-up you can create a tree of objects.
cn=dns,dc=test
- root of DNS subtree in this example
- idnsConfig object class - contains global configuration
idnsname=zone.tld,cn=dns,dc=test
- DNS zone "zone.tld", contains all records associated with name "zone.tld"
- container for DNS names inside this zone (e.g. for a.zone.tld)
- idnsZone+idnsRecord object class
idnsname=a,idnsname=zone.tld,cn=dns,dc=test
- DNS name "a.zone.tld"
- all records for name "a.zone.tld" are attributes in this object
- idnsRecord object class
Attached file "example.ldif" contains DNS subtree exported from a lab machine.
It shows single forward and single reverse zone with some records.
I personally recommend 389 DS because it supports persistent search feature.
Persistent search allows to propagate any change in LDAP immediately to the
DNS server and eliminates caching problems.
Also, persistent search is required for SOA serial auto incrementation
feature, please see "serial_autoincrement" in README:
http://git.fedorahosted.org/cgit/bind-dyndb-ldap.git/tree/README
Let me know if you want further assistance.
--
Petr Spacek
version: 1
dn: cn=dns,dc=idm,dc=lab,dc=bos,dc=redhat,dc=com
objectClass: top
objectClass: nsContainer
objectClass: idnsConfigObject
cn: dns
idnsZoneRefresh: 30
dn: idnsname=idm.lab.bos.redhat.com,cn=dns,dc=idm,dc=lab,dc=bos,dc=redhat,dc
=com
objectClass: idnszone
objectClass: idnsrecord
objectClass: top
idnsName: idm.lab.bos.redhat.com
idnsSOAexpire: 1209600
idnsSOAminimum: 3600
idnsSOAmName: vm-124.idm.lab.bos.redhat.com.
idnsSOArefresh: 3600
idnsSOAretry: 900
idnsSOArName: hostmaster.idm.lab.bos.redhat.com.
idnsSOAserial: 1350039567
idnsZoneActive: TRUE
idnsAllowDynUpdate: TRUE
idnsAllowQuery: any;
idnsAllowTransfer: none;
idnsUpdatePolicy: grant IDM.LAB.BOS.REDHAT.COM krb5-self * A; grant IDM.LAB.
BOS.REDHAT.COM krb5-self * AAAA; grant IDM.LAB.BOS.REDHAT.COM krb5-self * S
SHFP;
nSRecord: vm-124.idm.lab.bos.redhat.com.
dn: idnsname=vm-124,idnsname=idm.lab.bos.redhat.com,cn=dns,dc=idm,dc=lab,dc=
bos,dc=redhat,dc=com
objectClass: idnsrecord
objectClass: top
idnsName: vm-124
aRecord: 10.16.78.124
dNSTTL: 1200
sSHFPRecord: 2 1 433FB4104CD1DC0E93F35F7B28BB373A251F7E1E
sSHFPRecord: 1 1 A1D053E12C3C9494FD57AC30156D94BEA0143766
dn: idnsname=78.16.10.in-addr.arpa.,cn=dns,dc=idm,dc=lab,dc=bos,dc=redhat,dc
=com
objectClass: idnszone
objectClass: idnsrecord
objectClass: top
idnsName: 78.16.10.in-addr.arpa.
idnsSOAexpire: 1209600
idnsSOAminimum: 3600
idnsSOAmName: vm-124.idm.lab.bos.redhat.com.
idnsSOArefresh: 3600
idnsSOAretry: 900
idnsSOArName: hostmaster.idm.lab.bos.redhat.com.
idnsSOAserial: 1350039556
idnsZoneActive: TRUE
idnsAllowDynUpdate: TRUE
idnsAllowQuery: any;
idnsAllowTransfer: none;
idnsUpdatePolicy: grant IDM.LAB.BOS.REDHAT.COM krb5-subdomain 78.16.10.in-ad
dr.arpa. PTR;
nSRecord: vm-124.idm.lab.bos.redhat.com.
dn: idnsname=_kerberos,idnsname=idm.lab.bos.redhat.com,cn=dns,dc=idm,dc=lab,
dc=bos,dc=redhat,dc=com
objectClass: idnsrecord
objectClass: top
idnsName: _kerberos
tXTRecord: IDM.LAB.BOS.REDHAT.COM
dn: idnsname=_ntp._udp,idnsname=idm.lab.bos.redhat.com,cn=dns,dc=idm,dc=lab,
dc=bos,dc=redhat,dc=com
objectClass: idnsrecord
objectClass: top
idnsName: _ntp._udp
sRVRecord: 0 100 123 vm-124
dn: idnsname=124,idnsname=78.16.10.in-addr.arpa.,cn=dns,dc=idm,dc=lab,dc=bos
,dc=redhat,dc=com
objectClass: idnsrecord
objectClass: top
idnsName: 124
pTRRecord: vm-124.idm.lab.bos.redhat.com.
_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
