[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
bind-dyndb-ldap
- To: "openldap-technical@openldap.org" <openldap-technical@openldap.org>
- Subject: bind-dyndb-ldap
- From: Brendan Kearney <bpk678@gmail.com>
- Date: Tue, 15 Oct 2013 19:34:42 -0400
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:subject:from:to:date:content-type:mime-version :content-transfer-encoding; bh=lBhXc72STcwyt0Yu2dJh0HFCGvBEGwF+M3fIB92UOLc=; b=NTKgwPX8Who7uUeK7/URP7qHAEUZulnakNpeQGNSWyk/iO1uSi1CPabkX4cMtj2qAX wVG72b0bZr47mxWqNjHSIZ0tcvDcpD1jpWDSAJmgRwPL3eOeQOJnVWqV66pVPDsaL2It sexXqQF49xu+DG7Rl/GydhZW58NHOsLt2iSxCjc6oeq7pSxP/GTBNcJy2MdRW2PkH+ww +zRgY3MBzAuX0/vVbppIOpRbc3pw81JwOq9mQf6/HHI3boGRBXwHKCF5dWV7PSJPJTDj 8R2nYcT0ZOLfKAM3pBB604Kv5dyxhkkx2LK/ojub83SYV1myEp5efiqCbzZqW+KUnEL3 F1pg==
i am trying to setup BIND to use LDAP as the zone data repository, using
bind-dyndb-ldap and continue to run into issues. i am not sure what
this error message means, but it seems to be part of the problem.
i see that the bind attempt succeeds and that a search is attempted.
but, when the search is attempted, a critical piece of the puzzle is
missing and an extension is not recognized. indexing will be done once
i get the rest of this working...
2013-10-15T19:10:16.980653-04:00 test slapd[12675]: conn=1057 fd=11
ACCEPT from IP=127.0.0.1:57849 (IP=0.0.0.0:389)
2013-10-15T19:10:16.980675-04:00 test slapd[12675]: conn=1057 op=0 BIND
dn="cn=Manager,dc=my-domain,dc=com" method=128
2013-10-15T19:10:16.980680-04:00 test slapd[12675]: conn=1057 op=0 BIND
dn="cn=Manager,dc=my-domain,dc=com" mech=SIMPLE ssf=0
2013-10-15T19:10:16.980683-04:00 test slapd[12675]: conn=1057 op=0
RESULT tag=97 err=0 text=
2013-10-15T19:10:16.982325-04:00 test slapd[12675]: conn=1058 fd=17
ACCEPT from IP=127.0.0.1:57850 (IP=0.0.0.0:389)
2013-10-15T19:10:16.983442-04:00 test slapd[12675]: conn=1058 op=0 BIND
dn="cn=Manager,dc=my-domain,dc=com" method=128
2013-10-15T19:10:16.983456-04:00 test slapd[12675]: conn=1058 op=0 BIND
dn="cn=Manager,dc=my-domain,dc=com" mech=SIMPLE ssf=0
2013-10-15T19:10:16.983459-04:00 test slapd[12675]: conn=1058 op=0
RESULT tag=97 err=0 text=
2013-10-15T19:10:16.990216-04:00 test slapd[12675]: conn=1057 op=1
SEARCH RESULT tag=101 err=12 nentries=0 text=critical extension is not
recognized
2013-10-15T19:10:16.990883-04:00 test slapd[12675]: conn=1057 op=1
do_search: get_ctrls failed
2013-10-15T19:10:16.991177-04:00 test slapd[12675]: conn=1058 op=1 SRCH
base="cn=dns,dc=my-domain,dc=com" scope=2 deref=0
filter="(&(idnsZoneActive=TRUE)(|(objectClass=idnsZone)(objectClass=idnsForwardZone)))"
2013-10-15T19:10:16.991468-04:00 test slapd[12675]: conn=1058 op=1 SRCH
attr=idnsName idnsUpdatePolicy idnsAllowQuery idnsAllowTransfer
idnsForwardPolicy idnsForwarders idnsAllowDynUpdate idnsAllowSyncPTR
objectClass
2013-10-15T19:10:16.991740-04:00 test slapd[12675]: <=
bdb_equality_candidates: (idnsZoneActive) not indexed
2013-10-15T19:10:16.992025-04:00 test slapd[12675]: conn=1058 op=1
SEARCH RESULT tag=101 err=0 nentries=1 text=
i know that the schema for dyn-dns is loaded and all the objectClasses
and attributeTypes are available. the problem i run into is an A Record
that should be in the zone data cannot be queried out of the BIND
instance that is talking to LDAP.
[root@test conf.d]# nslookup foo.my-domain.com. localhost
;; Got SERVFAIL reply from 127.0.0.1, trying next server
;; Got SERVFAIL reply from 127.0.0.1, trying next server
Server: localhost
Address: 127.0.0.1#53
** server can't find foo.my-domain.com: SERVFAIL
i am using:
bind - 9.9.3
bind-dyndb-ldap - 3.5
openldap 2.4.36
on Fedora 19 (yes, it is the distro packaged version). Can anyone give
me some pointers on how to get this working?