[Freeipa-users] dyndb-ldap in standart ldap

Petr Spacek pspacek at redhat.com
Fri Oct 12 11:37:37 UTC 2012 

On 10/12/2012 11:52 AM, Артур Файзуллин wrote:
> Hi, everyone!
> On site of the dyndb-ldap project
> https://fedorahosted.org/bind-dyndb-ldap/ is told that for any question
> I should ask here.
You are on the right place, welcome!

> May be it is an old question, but I didn't find anything on it.
> I just want to learn how to store records for dyndb-ldap in standart
> LDAP-server such as 389-ds or OpenLDAP. If I am fool and couldn't find
> it, please, show me where I can learn it (google couldn'r help me).
> Or may You can explain me it, and I could make documentation for it?

Unfortunately, we don't have comprehensive documentation.

If you want to give it a quick try, you can install FreeIPA. Command
$ ipa-server-install --setup-dns
will install FreeIPA server and configures DNS subtree in LDAP and configures 
/etc/named.conf appropriately.


If you want to start with bind-dyndb-ldap from scratch it is a bit harder.

First of all, you need to put our DNS schema to your DNS server:
http://git.fedorahosted.org/cgit/bind-dyndb-ldap.git/tree/doc/schema

After schema set-up you can create a tree of objects.

cn=dns,dc=test
- root of DNS subtree in this example
- idnsConfig object class - contains global configuration

idnsname=zone.tld,cn=dns,dc=test
- DNS zone "zone.tld", contains all records associated with name "zone.tld"
- container for DNS names inside this zone (e.g. for a.zone.tld)
- idnsZone+idnsRecord object class

idnsname=a,idnsname=zone.tld,cn=dns,dc=test
- DNS name "a.zone.tld"
- all records for name "a.zone.tld" are attributes in this object
- idnsRecord object class

Attached file "example.ldif" contains DNS subtree exported from a lab machine. 
It shows single forward and single reverse zone with some records.


I personally recommend 389 DS because it supports persistent search feature. 
Persistent search allows to propagate any change in LDAP immediately to the 
DNS server and eliminates caching problems.

Also, persistent search is required for SOA serial auto incrementation 
feature, please see "serial_autoincrement" in README:
http://git.fedorahosted.org/cgit/bind-dyndb-ldap.git/tree/README

Let me know if you want further assistance.

-- 
Petr Spacek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: example.ldif
Type: text/x-ldif
Size: 2340 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20121012/3917b104/attachment.bin>

More information about the Freeipa-users mailing list