bind zones and dhcpd configuration from ldap
Yannick Majoros
majoros at inma.ucl.ac.be
Tue Nov 15 15:52:40 UTC 2005
1. I didn't want to just write the dns records in our ldap base.
Instead, these should be generated
2. I didn't want bind to just access the ldap base, because I want it to
be independent of openldap and because of 1
Instead, I wanted to just put all user workstations, servers,
switchers and routers, and let a script generate the zone and dhcpd
files. Please note that it is configurable: I use it myself to generate
the files for multiple domains/subnets from the same base. Just change a
couple of lines (I should put it in an independent config file when I'll
have time).
I wrote these scripts to suit my needs, but you should be able to
adapt them to other infrastructures without too much hassle.
A few details:
- ldap_hosts is the main script. Just adjust the settings to your
need. Some are optional; sorry for the poor doc, but the whole script is
300 lines, so just have a look. 'NAMED' stuff is optional.
- serials is a little script I wrote to update the serials of the zone
files. Adjust your zones list in the script. It needs to access a file
named 'serial' which contains your last serial (date/time format), and
will update it itself.
- I run these things in crontab, every minute. So, dns and dhcp are
automatically updated whenever I change the ldap base, and I'm notified
by mail about success/failures.
- In case of failure, it generates temp files which are only
deleted/changed when you change something. So, you won't receive a mail
every minute for the same failure.
- I use the script to generate only the parts of the zone/dhcpd files
I need. I then use "include" directives in dhcpd.conf (include
"/etc/dhcpd_ldap.conf";) and in the zone files ($INCLUDE machines.lst).
- It works for me but could need some local adjustements!
Ok, I think it's all your need. I hope it will be useful to someone
someday, feel free to modify it (just tell me, please). Please give me
your feedback.
Yannick Majoros
More information about the bind-users
mailing list