Bind and OpenLDAP
Pedro Espinoza
raindoctor at gmail.com
Wed May 7 02:17:18 UTC 2008
On Tue, May 6, 2008 at 7:34 PM, Arjan Hulshoff
<arjan.m.hulshoff at zonnet.nl> wrote:
> Thanks for your reply.
> I understand how to build an ldap string, however I don't understand the
> last part of this string. I think it is something specific for Bind. I
> am not sure though.
> When I look at the following part of the string
> o=DNS,dc=example,dc=com,dc=no 10800. Actually I already know what 'dc=no
> 10800' means, it is the $TTL part of a zone file. 'o=DNS' would mean to
> me, from ldap point of view, the organization. Probably it means
> something different. What puzzles me the most is the
> 'dc=example,dc=com' part. I think it is the ldap representation of the
> domain name, however I am not sure of that. What I don't know either, is
> the way I defined the 56.168.192.in-addr.arpa zone in the correct way
> (o=DNS,dc=56,dc=168,dc=192,dc=in-addr,dc=arpa,dc=no 10800).
> So is the syntax in my named.conf correct and are my assumptions
> regarding the meaning of the ldap string correct.
Whether the syntax is correct or not depends on the ldap schema that
you used to store the data in the ldap backend.
>
> TIA,
> Arjan.
>
>
>
>
> Kevin Darcy wrote:
> > What part are you having trouble with?
> >
> > The representation of DNS FQDNs as "dc=" components in LDAP
> > distinguished names? RFC 2247.
> >
> > The composition/format of an "ldap://" URL? RFC 4516.
> >
> > The only part I truly don't understand is the "dc=no 10800", but then
> > I've never tried to integrate BIND with OpenLDAP...
> >
> >
> > - Kevin
> >
> > Arjan Hulshoff wrote:
> >
> >> Hi all,
> >> I need some explanation and someone who can check if my named.conf is
> >> correct.
> >> What needs to be explained is the database line, of course. The part
> >> after ldap://localhost/ou=DNS,ou=Computers,dc=example,dc=com is a bit
> >> strange to me. As far as I know this isn't standard LDAP, so what does
> >> it mean and is what I have created correct?
> >>
> >> TIA,
> >> Arjan.
> >>
> >>
> >> options {
> >> directory "/usr/local/var/state/bind";
> >> pid-file "/usr/local/var/run/named.pid";
> >> check-names master fail;
> >> check-names slave warn;
> >> check-names response ignore;
> >> };
> >>
> >> zone "example.com" in {
> >> type master;
> >> database "ldap
> >> ldap://localhost/ou=DNS,ou=Computers,dc=example,dc=com,o=DNS,dc=example,dc=com,dc=no
> >> 10800";
> >> };
> >>
> >> zone "56.168.192.in-addr.arpa" in {
> >> type master;
> >> database "ldap
> >> ldap://localhost/ou=DNS,ou=Computers,dc=example,dc=com,o=DNS,dc=56,dc=168,dc=192,dc=in-addr,dc=arpa,dc=no
> >> 10800";
> >> };
> >>
> >> zone "0.0.127.in-addr.arpa" in {
> >> type master;
> >> database "ldap
> >> ldap://localhost/ou=DNS,ou=Computers,dc=example,dc=com,o=DNS,dc=0,dc=0,dc=127,dc=in-addr,dc=arpa,dc=no
> >> 10800";
> >> };
> >>
> >> zone "." in {
> >> type hint;
> >> database "ldap
> >> ldap://localhost/ou=DNS,ou=Computers,dc=example,dc=com,o=DNS,dc=no 10800";
> >> };
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >
> >
> >
> >
>
>
>
>
>
More information about the bind-users
mailing list