bind-dyndb-ldap integration

Hika van den Hoven hikavdh at gmail.com
Wed Mar 22 17:56:55 UTC 2017 

Hoi All,

If have been using bind (and openldap) for a few years. When I first
set-up bind I looked at possibilities for ldap integration and tried
sdb-ldap, but found its response time bad. So instead I have since
used the ldap2zone tool to daily update my zone-files.
Recently I have been looking again and came upon bind-dyndb-ldap. It
looks good, although it does not jet have the complete configuration
set dhcp-ldap has for ics-dhcp.
The last two weeks I have been reading everything I could find.

I have so far:
 - added the bind-dyndb-ldap schema to ldap. (marked out the
   'dNSdefaultTTL' attribute as it reuses the OID for 'zoneName' in
   the dnszone schema which I for now still need)
 - converted my old zone-data into a new tree.
 - compiled bind-dyndb-ldap-11.1. I run Gentoo, but found an overlay
   for 11.0 and changed it for 11.1.
 - Updated to bind 9.11.0-p3
 - Added:
         dyndb DNS-ldap "/usr/lib64/bind/ldap.so" {
                uri "ldap://localhost:389";
                base "cn=DNSdyndb, dc=home";
                auth_method "simple";
                bind_dn "cn=Admin, dc=home";
                password "my-secret";
                directory "dyn";
                verbose_checks yes;
        };

and got stuck.
I tried the uri with and without the portnumber, as it says her, as an
IP-number...
For now I use my rootdn, but once working I'll create a dedicated user
with local full rights, as I have with dhcp.
I have looked through configure for bind if I have to enable
something, have tried removing dlz from bind, but time and again it
won't work.

Running named with `-d 10 -g -u named` from the command line got me
some more info but I still do not understand what goes wrong. Let
alone what I have to do.

The above gives me with the leading datetime removed:
`
 ...
 loading DynDB instance 'DNS-ldap'driver '/usr/lib64bind/ldap.so'
 bind-dyndb-ldap version 11.1 compiled at 21:34:13 Mar 20 2017,
     compiler 4.9.4
 registered dynamic ldap driver for DNS-ldap.
 adding task 0x7fd80df75010 to syncrepl list; 1 task in list
 configuration for dyndb instance 'DNS-ldap' (starting in file
     /etc/bind/named.conf on line 44):
 auth_method "simple";
 base "cn=DNSdyndb, dc=home";
 bind_dn "cn=Admin, dc=home";
 directory "dyn";
 password "????????";
 uri "ldap://localhost:389";
 verbose_checks yes;

 cannot parse settings for 'named.conf for database DNS-ldap': not
     found
 LDAP instance 'DNS-ldap' destroyed
 ...
`

And bind is shut-down???

-- 
Tot Mails,
 bind userlist                          mailto:hikavdh at gmail.com

"Zonder hoop kun je niet leven
Zonder leven is er geen hoop
Het eeuwige dilemma
Zeker als je hoop moet vernietigen om te kunnen overleven!"

De lerende Mens

More information about the bind-users mailing list