Menu
▾
▴
ldapdns-users — Users of LDAPDNS
You can subscribe to this list here.
| 2003 |
Jan
|
Feb
|
Mar
|
Apr
|
May
(2) |
Jun
(8) |
Jul
(2) |
Aug
(4) |
Sep
(4) |
Oct
(1) |
Nov
(7) |
Dec
|
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2004 |
Jan
|
Feb
(4) |
Mar
|
Apr
|
May
|
Jun
(2) |
Jul
|
Aug
|
Sep
(4) |
Oct
|
Nov
(8) |
Dec
(2) |
| 2005 |
Jan
(1) |
Feb
|
Mar
(3) |
Apr
(6) |
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
(2) |
Nov
|
Dec
(3) |
| 2006 |
Jan
(6) |
Feb
(4) |
Mar
(2) |
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
(2) |
Nov
(1) |
Dec
(3) |
| 2007 |
Jan
|
Feb
|
Mar
|
Apr
(2) |
May
|
Jun
|
Jul
(1) |
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| 2008 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
(1) |
Dec
|
| 2009 |
Jan
|
Feb
|
Mar
|
Apr
|
May
(1) |
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| 2013 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
(1) |
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
|
From: James W. (S. Sysadmin) <sys...@su...> - 2005-12-21 04:15:00
|
G'day guys, I'm running OpenLDAP 2.2.23 and ldapdns 2.06 (as per Debian stable) and every few minutes syslog is telling me that a handler or two has waited too long. At this point, DNS lookups time out until ldapdns is restarted. I am supporting some reasonably intense apps with the LDAP server (mail, web vhosts, RADIUS, NSS for user/group lookups), but those are working without complaint. Following the FAQ, I tried upping $HANDLERS (to 256 from 128) but to no avail. The LDAP server is on 127.0.0.1 so I would think it's unlikely to be network latency. Can someone with a similar setup let me know what values they're using, as restarting ldapdns from a cron job every few minutes is not what I want to be doing. Cheers, -- James Wakefield Systems Administrator +61 03 5227 6888 We have now moved head office to 8-12 Pakington Street, Geelong West. |
|
From: Glen D. <do...@r-...> - 2005-12-07 23:23:20
|
I am having trouble getting referrals to work in ldapdns2. Perhaps I am missing something simple. I have domain.com and manage it's email etc... www.domain.com is hosted by otherdomain.com and randomly changes IP addresses. I want to refer requests for www.domain.com to be answered by ns1.otherdomain.com . In openLDAP I have something very similar to dc=domain objectClass=dNSDomain description="v=spf1 mx ..." aRecord="192.168.0.1" mXRecord="mail.domain.com" mXRecord="mail2.domain.com" nSRecord="ns.domain.com" nSRecord="ns2.domain.com" sOARecord="ns1.domain.com support. etc..." and dc=www objectClass=dNSDomain nSRecord="ns1.otherdomain.com" With this configuration there is no A record returned for www.domain.com. It seems it is never referred to ns1.otherdomain.com. Everything else works fine and if you directly ask ns1.otherdomain.com who www.domain.com is is responds properly. A dig +trace www.domain.com results in the following com. 172800 IN NS M.GTLD-SERVERS.NET. ;; Received 506 bytes from 128.63.2.53#53(H.ROOT-SERVERS.NET) in 42 ms domain.com. 172800 IN NS ns1.r-networks.net. domain.com. 172800 IN NS ns2.r-networks.net. ;; Received 162 bytes from 192.5.6.30#53(A.GTLD-SERVERS.NET) in 53 ms www.domain.com. 86400 IN SOA ns1.otherdomain.com. support.r-networks.net. 1133995321 10800 7200 604800 86400 www.domain.com. 86400 IN NS ns1.otherdomain.com. ;; Received 130 bytes from 66.184.238.200#53(ns1.r-networks.net) in 24 ms I'd appreciate any help you can offer. I've been over the mailing lists and FAQ and other documents again and again and can't figure it out. Thanks, -- Glen Dosey RHCE,LPIC-1,CCNA Gle...@r-... R-Networks.net |
|
From: Mrs. B. <mrs...@ni...> - 2005-10-14 02:55:12
|
I would recommend "not bothering" but using ip-address based "authorization" in your OpenLDAP configuration. Use filter rules or tcpwrappers or whatever you like to accomplish this. GSSAPI is complicated, and Ldapdns3 will have no support for it. Ldapdns2 only has the support that the OpenLDAP client libraries has. On Fri, 2005-10-14 at 03:37 +0800, John Mok wrote: > I would like to use LDAPDNS 2.06 running on FreeBSD 5.4 with the > following :- > > Heimdal 0.7.1 > OpenLDAP 2.2.26 > Cyrus SASL 2.1.21 > > I can authenticate to the OpenLDAP server using GSSAPI. Is it possible > to configure LDAPDNS to authenticate to OpenLDAP backend using GSSAPI or > similar ways, rather than putting the plain-text password in the config. > file like simple_bind or TLS? How to configure this in LDAPDNS? I have > checked the INSTALL, ADMIN and README, in which once metioned that Kerberos4 > is supported and how to make it work? > > Thanks a lot. > > John Mok > > > > ------------------------------------------------------- > This SF.Net email is sponsored by: > Power Architecture Resource Center: Free content, downloads, discussions, > and more. http://solutions.newsforge.com/ibmarch.tmpl > _______________________________________________ > Ldapdns-users mailing list > Lda...@li... > https://lists.sourceforge.net/lists/listinfo/ldapdns-users |
|
From: John M. <jm...@at...> - 2005-10-13 19:40:08
|
I would like to use LDAPDNS 2.06 running on FreeBSD 5.4 with the following :- Heimdal 0.7.1 OpenLDAP 2.2.26 Cyrus SASL 2.1.21 I can authenticate to the OpenLDAP server using GSSAPI. Is it possible to configure LDAPDNS to authenticate to OpenLDAP backend using GSSAPI or similar ways, rather than putting the plain-text password in the config. file like simple_bind or TLS? How to configure this in LDAPDNS? I have checked the INSTALL, ADMIN and README, in which once metioned that Kerberos4 is supported and how to make it work? Thanks a lot. John Mok |
|
From: Mrs. B. <mrs...@ni...> - 2005-04-02 00:22:24
|
On Thu, 2005-03-31 at 22:21 -0400, Alejandro Mery wrote: > > If you can search recursively with ldapsearch then this will work. > > ldapsearch with base='' doesn't swim through all namingContexts > available. but it does if i specify one namingContext as base. > > what am i doing wrong? Consult the LDAP server documentation. if the ldapsearch doesn't work, then there isn't anything LDAPDNS can do to help. |
|
From: Mrs. B. <mrs...@ni...> - 2005-04-02 00:21:30
|
On Thu, 2005-03-31 at 22:19 -0400, Alejandro Mery wrote: > > Don't put associatedDomains for them then. > > > > Is there a particular reason you need the BIND-think of zones? > > i just needed a name for the things that have a SOA :) > > if i don't use associatedDomains how do i set the name? you use associatedDomains to the SOA. immediate children don't need it. if you skip a level, LDAPDNS can't search everywhere. > i have entries which belong to "the thing that have a SOA" below it, and > on a totally different branch of the directory. (see the ldif on my > first mail) > > ou=Machines,dc=foo,dc=cl has lot of machines (dc=$machine) which names > are $machine.foo.0 > > foo.0 "thing that needs a SOA" is definied on > dc=Internal,ou=Services,dc=foo,dc=cl, with a nSRecord and a mXRecord. > > and below dc=Interntal,ou=Services,dc=foo,dc=cl there are lot of > services (dc=$service) which names are $service.foo.0 > > i'm highly confused > > Thanks, > Alejandro Mery > > > ------------------------------------------------------- > This SF.net email is sponsored by Demarc: > A global provider of Threat Management Solutions. > Download our HomeAdmin security software for free today! > http://www.demarc.com/info/Sentarus/hamr30 > _______________________________________________ > Ldapdns-users mailing list > Lda...@li... > https://lists.sourceforge.net/lists/listinfo/ldapdns-users |
|
From: Alejandro M. <am...@ge...> - 2005-04-01 02:20:56
|
> If you can search recursively with ldapsearch then this will work. ldapsearch with base='' doesn't swim through all namingContexts available. but it does if i specify one namingContext as base. what am i doing wrong? Thanks, Alejandro Mery |
|
From: Alejandro M. <am...@ge...> - 2005-04-01 02:18:45
|
> Don't put associatedDomains for them then. > > Is there a particular reason you need the BIND-think of zones? i just needed a name for the things that have a SOA :) if i don't use associatedDomains how do i set the name? i have entries which belong to "the thing that have a SOA" below it, and on a totally different branch of the directory. (see the ldif on my first mail) ou=Machines,dc=foo,dc=cl has lot of machines (dc=$machine) which names are $machine.foo.0 foo.0 "thing that needs a SOA" is definied on dc=Internal,ou=Services,dc=foo,dc=cl, with a nSRecord and a mXRecord. and below dc=Interntal,ou=Services,dc=foo,dc=cl there are lot of services (dc=$service) which names are $service.foo.0 i'm highly confused Thanks, Alejandro Mery |
|
From: Mrs. B. <mrs...@ni...> - 2005-04-01 01:17:05
|
On Tue, 2005-03-29 at 15:33 -0400, Alejandro Mery wrote: > me again (this time with a decent subject) > > i have defined conosur.0 zone on > dc=Internal,ou=Services,dc=conosurseguros,dc=cl > which also house services entries, www, ldap, mail, smtp, etc... > but i have the machines on ou=Machines,dc=conosurseguros,dc=cl which > belong to conosur.0 zone too. > > my problem is that Machines are considered zones instead of entries :( Don't put associatedDomains for them then. Is there a particular reason you need the BIND-think of zones? |
|
From: Mrs. B. <mrs...@ni...> - 2005-04-01 01:16:11
|
On Tue, 2005-03-29 at 14:25 -0400, Alejandro Mery wrote: > Alejandro Mery wrote: > > Hi, > > i'm using the following data to start using ldapdns/LDAPDNS-2 as > > corporate DNS but i can't get it working > > with LDAP_SUFFIX defined as one of my naming contexts dn it works, how > can i make it work for all of them? If you can search recursively with ldapsearch then this will work. |
|
From: Alejandro M. <am...@ge...> - 2005-03-29 19:32:39
|
me again (this time with a decent subject) i have defined conosur.0 zone on dc=Internal,ou=Services,dc=conosurseguros,dc=cl which also house services entries, www, ldap, mail, smtp, etc... but i have the machines on ou=Machines,dc=conosurseguros,dc=cl which belong to conosur.0 zone too. my problem is that Machines are considered zones instead of entries :( dn: dc=jaguar,ou=Machines,dc=conosurseguros,dc=cl associatedDomain: jaguar.conosur.0 dc: jaguar aRecord: 192.168.1.2 objectClass: dNSDomain objectClass: domainRelatedObject objectClass: top dn: dc=Internal,ou=Services,dc=conosurseguros,dc=cl associatedDomain: conosur.0 objectClass: top objectClass: dNSDomain objectClass: domainRelatedObject dc: Internal nSRecord: ns.conosur.0 mXRecord: 10 mail.conosur.0 dn: dc=ldap,dc=Internal,ou=Services,dc=conosurseguros,dc=cl associatedDomain: ldap.conosur.0 objectClass: top objectClass: dNSDomain objectClass: domainRelatedObject dc: ldap aRecord: 192.168.1.2 $ dnsq a jaguar.conosur.0 192.168.1.2 1 jaguar.conosur.0: 117 bytes, 1+1+1+1 records, response, authoritative, noerror query: 1 jaguar.conosur.0 answer: jaguar.conosur.0 86400 SOA ns.conosur.0 amery.geeks.cl 1112117795 10800 7200 604800 86400 authority: jaguar.conosur.0 86400 NS ns.conosur.0 additional: ns.conosur.0 86400 A 192.168.1.2 $ dnsq a ldap.conosur.0 192.168.1.2 1 ldap.conosur.0: 81 bytes, 1+1+1+1 records, response, authoritative, noerror query: 1 ldap.conosur.0 answer: ldap.conosur.0 86400 A 192.168.1.2 authority: ldap.conosur.0 86400 NS ns.conosur.0 additional: ns.conosur.0 86400 A 192.168.1.2 as i understood SCHEMA=ldapdns and SCHEMA=ldapdns-2 the are not recursive, they query a single match for associatedDomain. why is jaguar.conosur.0 a zone instead of just an entry? how can i solve this? Thanks in advance, Alejandro Mery |
|
From: Alejandro M. <am...@ge...> - 2005-03-29 18:25:27
|
Alejandro Mery wrote: > Hi, > i'm using the following data to start using ldapdns/LDAPDNS-2 as > corporate DNS but i can't get it working with LDAP_SUFFIX defined as one of my naming contexts dn it works, how can i make it work for all of them? Alejandro Mery |
|
From: Alejandro M. <am...@ge...> - 2005-03-29 16:31:40
|
Hi,
i'm using the following data to start using ldapdns/LDAPDNS-2 as
corporate DNS but i can't get it working:
exporting SCHEMA=ldapdns
i see the grant on slapd log, but:
$ dnsq soa conosur.0 192.168.1.2
6 conosur.0:
27 bytes, 1+0+0+0 records, response, authoritative, nxdomain
query: 6 conosur.0
$ dnsq a jaguar.conosur.0 192.168.1.2
1 jaguar.conosur.0:
34 bytes, 1+0+0+0 records, response, authoritative, nxdomain
query: 1 jaguar.conosur.0
the only access rules i have are:
access to attrs=userPassword,sambaLMPassword,sambaNTPassword
by self write
by anonymous auth
by * none
access to *
by * read
# grep . env/*
env/HOSTMASTER:am...@ge...
env/IP:192.168.1.2
env/LDAP_AUTH_NAME:cn=Manager, dc=conosurseguros, dc=cl
env/LDAP_HOST:127.0.0.1
env/ROOT:/etc/opt/ldapdns/ldapdns/root
env/SCHEMA:ldapdns
and env/LDAP_SUFFIX is empty
what am i doing wrong?
slapd log for dnsq ns conosur.0 192.168.5.2 attached
relevant ldif pasted on bottom
Please
Alejandro Mery
---
version: 1
# LDIF Export for: dc=Internal,ou=Services,dc=conosurseguros,dc=cl
# Generated by phpLDAPadmin ( http://phpldapadmin.sourceforge.net/ ) on
March 29, 2005 12:14 pm
# Server: CONOSUR Server (ldap://127.0.0.1)
# Search Scope: sub
# Search Filter: (objectClass=*)
# Total Entries: 3
# Entry 1: dc=Internal,ou=Services,dc=conosurseguros,dc=cl
dn: dc=Internal,ou=Services,dc=conosurseguros,dc=cl
associatedDomain: conosur.0
objectClass: top
objectClass: dNSDomain
objectClass: domainRelatedObject
dc: Internal
aRecord: 192.168.1.2
nSRecord: ns.conosur.0
mXRecord: mail.conosur.0
# Entry 2: dc=ns,dc=Internal,ou=Services,dc=conosurseguros,dc=cl
dn: dc=ns,dc=Internal,ou=Services,dc=conosurseguros,dc=cl
associatedDomain: ns.conosur.0
objectClass: top
objectClass: dNSDomain
objectClass: domainRelatedObject
dc: ns
aRecord: 192.168.1.2
# Entry 3: dc=mail,dc=Internal,ou=Services,dc=conosurseguros,dc=cl
dn: dc=mail,dc=Internal,ou=Services,dc=conosurseguros,dc=cl
associatedDomain: mail.conosur.0
objectClass: top
objectClass: dNSDomain
objectClass: domainRelatedObject
dc: mail
aRecord: 192.168.1.3
# Entry 1: ou=Machines,dc=conosurseguros,dc=cl
dn: ou=Machines,dc=conosurseguros,dc=cl
ou: Machines
objectClass: top
objectClass: organizationalUnit
# Entry 2: dc=ferrari,ou=Machines,dc=conosurseguros,dc=cl
dn: dc=ferrari,ou=Machines,dc=conosurseguros,dc=cl
associatedDomain: ferrari.conosur.0
objectClass: top
objectClass: dNSDomain
objectClass: domainRelatedObject
dc: ferrari
aRecord: 192.168.1.1
# Entry 3: dc=jaguar,ou=Machines,dc=conosurseguros,dc=cl
dn: dc=jaguar,ou=Machines,dc=conosurseguros,dc=cl
associatedDomain: jaguar.conosur.0
objectClass: top
objectClass: dNSDomain
objectClass: domainRelatedObject
dc: jaguar
aRecord: 192.168.1.2
|
|
From: Brad M. <be...@gm...> - 2005-01-28 03:38:05
|
I really just need some basic instructions. I've already setup ldap and have it working with my email client to lookup email addresses, and I've setup bind in the past. I'm using JXplorer to edit the ldap database. What records to I need to create. Just a couple sample records is all I need, which is the one thing I haven't seen anywhere. |
|
From: Mrs. B. <mrs...@ni...> - 2004-12-31 03:54:54
|
2.06 minor bugfixes to simple-search mode (thanks =?gb2312?B?
uai/qurN?=)
Oliver Tschaeche points out we're missing some SOA answers.
Steven McCoy added support for LDAP URLs.
Chris Garrigues points out LDAPDNS couldn't make DomainKeys.
This behavior has changed finally.
minor bugfix to hash algorithm. i knew there was a reason I was
getting so many collisions.
|
|
From: Mrs. B. <mrs...@ni...> - 2004-12-04 01:39:17
|
On Mon, 2004-11-15 at 02:00 +0000, Jamie Thompson wrote: > Hello, I'll start by thanking you for ldapdns, it's great, but that > aside I have a query I hope you could help with. > > I'm trying to migrate as much of my network config to a dynamic ldap > directory (OpenLDAP), and I'm doing quite well overall, but my current > stumbling block is dynamically updating my DNS from my DHCP leases, as > I used to with my previous BIND9+DHCP3 solution (which worked very > well, TBH). I'm currently using Debian sarge's ldapdns package > (2.05-5) and a custom Debian package of ISC's dhcp3-server (3.0.1) > with G. Masney's LDAP patch. I was hoping that the LDAP patch would > store the leases in the directory...but alas no such luck. I'd rather > not have to go back to BIND9 just for the dynamic updates as I now > have a surprisingly good ldapdns+dnscache configuration. > > As both programs now have ldap support I have a few further avenues of > enquiry, but I thought I'd check with the list to see I haven't missed > something silly, like ldapdns supporting BIND-style dynamic updates > somehow (though if it does I couldn't find mention of it in the source > package). As ldapdns just resolves from the directory, do you think my > best bet would be to hack away at dhcp to get it somehow storing > leases in LDAP rather than worry about adding dynamic updates to > ldapdns? Consider configuring your dhcp server to run a script with the changes in it that pull a ldapmodify/ldapadd command. |
|
From: Jamie T. <jam...@gm...> - 2004-11-15 02:00:42
|
Hello, I'll start by thanking you for ldapdns, it's great, but that aside I have a query I hope you could help with. I'm trying to migrate as much of my network config to a dynamic ldap directory (OpenLDAP), and I'm doing quite well overall, but my current stumbling block is dynamically updating my DNS from my DHCP leases, as I used to with my previous BIND9+DHCP3 solution (which worked very well, TBH). I'm currently using Debian sarge's ldapdns package (2.05-5) and a custom Debian package of ISC's dhcp3-server (3.0.1) with G. Masney's LDAP patch. I was hoping that the LDAP patch would store the leases in the directory...but alas no such luck. I'd rather not have to go back to BIND9 just for the dynamic updates as I now have a surprisingly good ldapdns+dnscache configuration. As both programs now have ldap support I have a few further avenues of enquiry, but I thought I'd check with the list to see I haven't missed something silly, like ldapdns supporting BIND-style dynamic updates somehow (though if it does I couldn't find mention of it in the source package). As ldapdns just resolves from the directory, do you think my best bet would be to hack away at dhcp to get it somehow storing leases in LDAP rather than worry about adding dynamic updates to ldapdns? All comments welcome. :) - Jamie |
|
From: Mrs. B. <mrs...@ni...> - 2004-11-07 03:53:38
|
On Fri, 2004-11-05 at 09:46 -0800, Gary Richardson wrote: > Hey, > > > > Ldapdns is essentially djbdns with some patches (last time I check..). You didn't check. LDAPDNS was initially written as using djb's dns library and much code form djbdns. LDAPDNS v2 doesn't share any djb code (sadly), and LDAPDNS v3 doesn't even share any openldap code. [[ and what the hell does this have to do with anything? ]] > The only thing you could do is run multiple instances – djbdns is > supposed to be fast, simple and secure so it doesn’t have anything > like views. Wha? BIND's views are much more complicated than DJBDNS or LDAPDNS's analog. Further, DJBDNS had the split-horizon concept first. |
|
From: Mrs. B. <mrs...@ni...> - 2004-11-07 03:49:24
|
Yes. The magic words in the documentation are "split horizon" LDAPDNSv3 does this differently (and simpler) than BIND9 or DJBDNS, but LDAPDNSv2 and LDAPDNSv3 both have a mechanism similar to DJBDNS. See the README.configure (split horizon) and the FAQ (search for $ROOT/root/switch) On Fri, 2004-11-05 at 17:51 +0100, MAGALLON Lionel wrote: > Hi, > > > > Is it possible to filter access to DNS zones ? > > For example, allow everybody to read the domain.com zone and only my > private network to read intra.domain.com. > > > > Thanks. > > |
|
From: rbs-imap-lionel <lio...@rb...> - 2004-11-06 16:47:32
|
Ok, it is what I was planning to do, but I was wondering=20 if there was other ways that I hadn't noticed. Thanks. ----- Original Message -----=20 From: Gary Richardson=20 To: 'MAGALLON Lionel' ; lda...@li...=20 Sent: Friday, November 05, 2004 6:46 PM Subject: RE: [Ldapdns-users] acl on zone Hey, =20 Ldapdns is essentially djbdns with some patches (last time I check..). = The only thing you could do is run multiple instances - djbdns is = supposed to be fast, simple and secure so it doesn't have anything like = views. =20 If you run multiple instances, you can put one the intra.domain.com = server on an internal address or firewall it from the general internet.=20 =20 Out. =20 -------------------------------------------------------------------------= ----- From: lda...@li... = [mailto:lda...@li...] On Behalf Of MAGALLON = Lionel Sent: Friday, November 05, 2004 9:06 AM To: Gary Richardson; lda...@li... Subject: RE: [Ldapdns-users] acl on zone =20 I can do it with Bind 9, and I would like to do it with ldapdns, but I = don't find howto on internet. Then I'm asking on this list. =20 Thanks. =20 -------------------------------------------------------------------------= ----- De : Gary Richardson [mailto:gar...@ma...]=20 Envoy=E9 : vendredi 5 novembre 2004 18:03 =C0 : MAGALLON Lionel; lda...@li... Objet : RE: [Ldapdns-users] acl on zone =20 I'm not too sure how this is an LDAP related question, but. =20 You can do DNS views with BIND 9: = http://sysadmin.oreilly.com/news/views_0501.html is the quickest link I = could find. =20 Out. =20 -------------------------------------------------------------------------= ----- From: lda...@li... = [mailto:lda...@li...] On Behalf Of MAGALLON = Lionel Sent: Friday, November 05, 2004 8:51 AM To: lda...@li... Subject: [Ldapdns-users] acl on zone =20 Hi, =20 Is it possible to filter access to DNS zones ? For example, allow everybody to read the domain.com zone and only my = private network to read intra.domain.com. =20 Thanks. |
|
From: Gary R. <gar...@ma...> - 2004-11-05 17:46:12
|
Hey, =20 Ldapdns is essentially djbdns with some patches (last time I check..). = The only thing you could do is run multiple instances =96 djbdns is supposed = to be fast, simple and secure so it doesn=92t have anything like views. =20 If you run multiple instances, you can put one the intra.domain.com = server on an internal address or firewall it from the general internet.=20 =20 Out. =20 _____ =20 From: lda...@li... [mailto:lda...@li...] On Behalf Of MAGALLON Lionel Sent: Friday, November 05, 2004 9:06 AM To: Gary Richardson; lda...@li... Subject: RE: [Ldapdns-users] acl on zone =20 I can do it with Bind 9, and I would like to do it with ldapdns, but I = don=92t find howto on internet. Then I=92m asking on this list. =20 Thanks. =20 _____ =20 De : Gary Richardson [mailto:gar...@ma...]=20 Envoy=E9 : vendredi 5 novembre 2004 18:03 =C0 : MAGALLON Lionel; lda...@li... Objet : RE: [Ldapdns-users] acl on zone =20 I=92m not too sure how this is an LDAP related question, but=85 =20 You can do DNS views with BIND 9: http://sysadmin.oreilly.com/news/views_0501.html is the quickest link I could find. =20 Out. =20 _____ =20 From: lda...@li... [mailto:lda...@li...] On Behalf Of MAGALLON Lionel Sent: Friday, November 05, 2004 8:51 AM To: lda...@li... Subject: [Ldapdns-users] acl on zone =20 Hi, =20 Is it possible to filter access to DNS zones ? For example, allow everybody to read the domain.com zone and only my = private network to read intra.domain.com. =20 Thanks. |
|
From: Gary R. <gar...@ma...> - 2004-11-05 17:03:14
|
I'm not too sure how this is an LDAP related question, but. You can do DNS views with BIND 9: http://sysadmin.oreilly.com/news/views_0501.html is the quickest link I could find. Out. _____ From: lda...@li... [mailto:lda...@li...] On Behalf Of MAGALLON Lionel Sent: Friday, November 05, 2004 8:51 AM To: lda...@li... Subject: [Ldapdns-users] acl on zone Hi, Is it possible to filter access to DNS zones ? For example, allow everybody to read the domain.com zone and only my private network to read intra.domain.com. Thanks. |
|
From: <kaa...@ge...> - 2004-09-16 07:35:49
|
Thanks..
can I install ldapdns and BIND together.
is it possible?
----- Forwarded message from Andreas Brenk <ab...@ae...> -----
Date: Wed, 15 Sep 2004 18:36:08 +0200 (CEST)
From: Andreas Brenk <ab...@ae...>
Reply-To: Andreas Brenk <ab...@ae...>
Subject: Re: [Ldapdns-users] local ldapdns and internet domains resolve
problem..
To: kaa...@ge...
ldapdns is an "authoritative only" nameserver. It won't do any resolving
of domains not in its directory.
If you need a recursive resolver you have to install a separate dnscache
(or bind, if you prefer).
Regards,
Andreas
On Wed, Sep 15, 2004 at 04:36:29PM +0300, kaa...@ge... wrote:
> we use ldapdns-2.05-1
>
> we have problem that :
>
> when we install DNS Server in my machine that resolves local domain names
> (test.com)
> but machines in a local network can resolve local domain names but can not
> resolve internet domains. :-(
>
> but I used BIND DNS Server. I have got same problem but I added this
> parametres
>
> forwarders { 193.192.101.121; };
>
> and then solved the problem.
>
> I dont know howto make it with ldapdns
-------------------------------------------------------
This SF.Net email is sponsored by: thawte's Crypto Challenge Vl
Crack the code and win a Sony DCRHC40 MiniDV Digital Handycam
Camcorder. More prizes in the weekly Lunch Hour Challenge.
Sign up NOW http://ad.doubleclick.net/clk;10740251;10262165;m
_______________________________________________
Ldapdns-users mailing list
Lda...@li...
https://lists.sourceforge.net/lists/listinfo/ldapdns-users
----- End forwarded message -----
|
|
From: Andreas B. <ab...@ae...> - 2004-09-15 16:36:21
|
ldapdns is an "authoritative only" nameserver. It won't do any resolving of domains not in its directory. If you need a recursive resolver you have to install a separate dnscache (or bind, if you prefer). Regards, Andreas On Wed, Sep 15, 2004 at 04:36:29PM +0300, kaa...@ge... wrote: > we use ldapdns-2.05-1 > > we have problem that : > > when we install DNS Server in my machine that resolves local domain names > (test.com) > but machines in a local network can resolve local domain names but can not > resolve internet domains. :-( > > but I used BIND DNS Server. I have got same problem but I added this > parametres > > forwarders { 193.192.101.121; }; > > and then solved the problem. > > I dont know howto make it with ldapdns |
|
From: <kaa...@ge...> - 2004-09-15 14:30:00
|
hii all.. we use ldapdns-2.05-1 we have problem that : when we install DNS Server in my machine that resolves local domain names (test.com) but machines in a local network can resolve local domain names but can not resolve internet domains. :-( but I used BIND DNS Server. I have got same problem but I added this parametres forwarders { 193.192.101.121; }; and then solved the problem. I dont know howto make it with ldapdns |
2 messages has been excluded from this view by a project administrator.
