Re: [Ldapdns-users] schema, filter, ldapdns3
Brought to you by:
nimh
Menu
▾
▴
Re: [Ldapdns-users] schema, filter, ldapdns3
|
From: Mrs. B. <mrs...@ni...> - 2004-02-12 00:10:50
|
On Wed, 2004-02-11 at 08:32, Ace Suares wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > > > Mrs. Brisby, > > me again. I still can't see it clearly. I downloaded the ldapdns v3 snapshot, > read the schema but there is only info on ldapdns2 and 1. Is 3 using the 2 > schema ? Yes. With a minor change; see below. > > > service=ldapdns3,domain=example.com,[suffix] > > > It really doesn't matter if you but an "associatedDomain" attribute on > > every level and have an index for it. > > so let's say I give this 'service' some attributes, could I then put ALL > information in there (also for www, intra, ftp) ? Not without some idea of how to differentiate individual hosts. > Or should I make entries > user=www > user=ftp > user=intra entries. Although I recommend "dc" > Or can I make entries > > user=randomstring > with attribute > associatedDomain: www.example.com You can do this. > in other words, ldapdns is not looking in the dn at all, just the > associcatedDomain attribute ? That would be good... It does to find out where it needs to supply an SOA/NS records. It will attempt to attach "other" DNS portions after that. > - - is ldapdns running as root ? or under udpserver/ tcpserver als a normal > user? ldapdns runs using a dgserver module. It will drop privs on startup, and chroot. There should be no root security risk whatsoever, as only the environment variables UID and GID are read on startup. This may cause issues with FreeBSD- other issues will be cleaned up (esp. Solaris) before release. > - - is there a sample ldif file that show how you'd make it work ? Search the mailing list archives... This comes up every now and then. dn: dc=example.com,ou=zones,ou=bind,ou=System,dc=yes,dc=nu objectClass: top objectClass: domain objectClass: dNSDomain objectClass: domainRelatedObject associatedDomain: example.com aRecord: 10.0.0.1 dc: example.com mXRecord: 10 mail.example.com dn: dc=www,dc=example.com,ou=zones,ou=bind,ou=System,dc=yes,dc=nu objectClass: top objectClass: domain objectClass: dNSDomain dc: www aRecord: 10.0.0.2 |
