Nikolaos Milas wrote:
If you managed to set up this demo (Split-DNS with powerdns and LDAP-Backend) for the "Linux-Tage", could you please post this work here or a link to a page where it is available?
Basically it boils down to this ACL:
access to
dn.subtree="cn=pdns,ou=services,ou=infra-dir"
filter="(objectClass=dNSDomain2)"
by set="user/memberOf & this/seeAlso" read
by * none
Attribute 'seeAlso' contains DN(s) of group entries of service accounts of
powerdns instances.
Could not extensively test it though due to time constraints. And a nicer schema for not (ab)using attribute 'seeAlso' would be better. Ciao, Michael.
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Pdns-users mailing list [email protected] http://mailman.powerdns.com/mailman/listinfo/pdns-users
