On 4/3/2015 8:17 μμ, Michael Ströder wrote:
This sounds a bit like a special case for split horizon DNS.
Precisely.
I promised to configure a demo using powerdns with LDAP backend for this based on OpenLDAP ACLs and several powerdns instances using different LDAP identities. Feel free to come here and ask whether I managed to get it working in time: https://chemnitzer.linux-tage.de/2015/en/programm/beitrag/134
I am sure it can be done, however it might take significant work; I know you can do it. (I would like to play with it as well, yet I would have to invest time which I cannot afford now...)
Although I will not be able to attend the event, it would be nice to make this demo in a way that it is streamlined enough to be (relatively) easily reproduced by others. I guess that the most important part of this effort is ACL authoring in order to isolate entries / attributes.
Please post your work and scripts here (or notify us on where you have posted it). I would surely like to use this work (esp. if it is handy enough).
Despite the fact that PowerDNS with LDAP backend seems underutilized and LDAP backend development has been neglected for years (due to lack of interest and private investment), I see much potential in it, as you, and it would be worth trying to revive it.
Unfortunately, Grégory Oestreicher's fork (http://repo.or.cz/w/pdns-ldap-backend.git) of the LDAP backend (which is the most updated source code) has not had any progress for two years now.
All the best, Nick _______________________________________________ Pdns-users mailing list [email protected] http://mailman.powerdns.com/mailman/listinfo/pdns-users
