|
|
Sponsored Content
Special Forums
UNIX and Linux Applications
bind9 with ldap using dlz
Post 302350459 by yered on Thursday 3rd of September 2009 11:47:07 PM
09-04-2009
Well I tried to apply the $ path with no luck, it still does not work, does anyone knows if there is any official patch out there for that?
I followed this link
Gmane -- Mail To News And Back Again
I guess I will have to get happy with bind using mysql instead of ldap, I don't seem to find any clue about the issue with ldap...
I followed this link
Gmane -- Mail To News And Back Again
I guess I will have to get happy with bind using mysql instead of ldap, I don't seem to find any clue about the issue with ldap...
|
|
9 More Discussions You Might Find Interesting
1. Cybersecurity
Hi again guys,
It seems this is a global thing affecting all the DNS bind versions prior to July 28 2008. I have my work cut out for me very soon, I see at least a handful of servers in my list that either need to patching or upgrading.
How many of you guys are affected? Anybody successfully... (4 Replies)
Discussion started by: sparcguy
4 Replies
2. IP Networking
so we had bind 9.3.0...
we upgraded to 9.5.0 patch 1
we kept the exact same named.conf
now we have a problem that some DMZ server cant do lookups from our DNS slave anymore.
in the named.log we see things like this:
22-Jul-2008 16:05:04.694 security: info: client <our DMZ servers... (2 Replies)
Discussion started by: robsonde
2 Replies
3. IP Networking
Hello,
I'm a noob when it comes to DNS and BIND9, so forgive me if my description seems pedantic:
I connect to my workplace's network using VPN, which sets me up with the workplace DNS servers. Those servers manage the an internal namespace (visible only to users inside the VPN), with a... (5 Replies)
Discussion started by: neked
5 Replies
4. UNIX for Advanced & Expert Users
Hi there,
I have the following problem.
I have a Debian server with bind9.
I can also use my ISP DNS server through the internet box (192.168.1.1).
I would like to fool my client workstation to a local machine when they query for one specific hostname within a domain.
I want to let the... (5 Replies)
Discussion started by: kokonut95
5 Replies
5. Solaris
I have configured a Bind9 DNS on a X4270 machine with Solaris10
I am excuting some repformance tests with DNSPERF tool and maximun CPU usage is 23%. I have seen with
prstat -L -p PID
that named process usses only 2 of the 8 available CPU at the same time although threads for all CPUs exist.... (2 Replies)
Discussion started by: parisph
2 Replies
6. UNIX for Dummies Questions & Answers
how can i set default permission for nslookup,
i have in my nslookup
timeout = 0 retry = 3 port = 53
but i want to set it to :
timeout = 2 retry = 2 port = 53
i'm using bind9 , where can i set the default timeout for it?
thanks in advance (0 Replies)
Discussion started by: prpkrk
0 Replies
7. UNIX for Dummies Questions & Answers
We're moving an app from a server in our domain to a server hosted by the vendor in their domain.
This app had it's own domain setup that we're authoritative for.
Do I need to create a new zone file? zone-vendor_com and set up the CNAME records in this file? Or if I can just edit the one I... (1 Reply)
Discussion started by: joeaverage
1 Replies
8. IP Networking
Hi all,
I've a litte problem to get rollerd running and signing my zones if the ZSK of my zones are near expiring or expired.
rollerd is running but do nothing
startet with:
/usr/bin/perl /usr/sbin/rollerd -rrfile /etc/bind/all.rollrec -directory /etc/bind -logfile /dev/stdout
... (1 Reply)
Discussion started by: xabbu
1 Replies
9. Solaris
I have very limited knowledge on LDAP configuration and have been trying fix one issue, but unsuccessful.
The server, I am working on, is Solaris-10 zone. sudoers is configured on LDAP (its not on local server). I have access to login directly on server with root, but somehow sudo is not working... (9 Replies)
Discussion started by: solaris_1977
9 Replies
LEARN ABOUT SUSE
apache::authznetldap
Apache::AuthzNetLDAP(3) User Contributed Perl Documentation Apache::AuthzNetLDAP(3) NAME
Apache::AuthzNetLDAP - Apache-Perl module that enables you to authorize a user for Website based on LDAP attributes. SYNOPSIS
PerlSetVar BindDN "cn=Directory Manager" PerlSetVar BindPWD "password" PerlSetVar BaseDN "ou=people,o=unt.edu" PerlSetVar LDAPServer ldap.unt.edu PerlSetVar LDAPPort 389 PerlSetVar UIDAttr uid #PerlSetVar UIDAttr mail PerlAuthenHandler Apache::AuthNetLDAP PerlAuthzHandler Apache::AuthzNetLDAP #require valid-user #require user mewilcox #require user mewilcox@venus.acs.unt.edu #require group "cn=Peoplebrowsers1,ou=UNTGroups,ou=People, o=unt.edu" #require ldap-url ldap://pandora.acs.unt.edu/o=unt.edu??sub?sn=wilcox #require ldap-url ldap://pandora.acs.unt.edu/o=unt.edu??sub?sn=smith #require ldap-url ldap://castor.acs.unt.edu/ou=people,o=unt.edu??sub?untcourse= untcoursenumber=1999CCOMM2040001,ou=courses,ou=acad,o=unt.edu DESCRIPTION
After you have authenticated a user (perhaps with Apache::AuthNetLDAP ;) you can use this module to determine whether they are authorized to access the Web resource under this modules control. You can control authorization via one of four methods. The first two are pretty standard, the second two are unique to LDAP. "require" options -- user -> Will authorize access if the authenticated user's username. valid-user -> Will authorize any authenticated user. group -> Will authorize any authenticated user who is a member of the LDAP group specified by groupdn. This module supports groupOfMember, groupOfUniquemember and Netscape's dynamic group object classes. ldap-url -> This will authorize any authenticated user who matches the query specified in the given LDAP URL. This is enables users to get the flexibility of Netscape's dynamic groups, even if their LDAP server does not support such a capability. CONFIGURATION NOTES
It is important to note that this module must be used in conjunction with an authentication module. (...? Is this true? I just thought, that you might want to only authorize a user, instead of authenticate...) If you are using an authentication module, then the following lines will not need to be duplicated: PerlSetVar BindDN "cn=Directory Manager" PerlSetVar BindPWD "password" PerlSetVar BaseDN "ou=people,o=unt.edu" PerlSetVar LDAPServer ldap.unt.edu PerlSetVar LDAPPort 389 PerlSetVar UIDAttr uid #PerlSetVar UIDAttr mail PerlAuthenHandler Apache::AuthNetLDAP The following lines will not need to be duplicated if supported by the authentication module: #require valid-user #require user mewilcox #require user mewilcox@venus.acs.unt.edu #require group "cn=Peoplebrowsers1,ou=UNTGroups,ou=People, o=unt.edu" #require ldap-url ldap://pandora.acs.unt.edu/o=unt.edu??sub?sn=wilcox #require ldap-url ldap://pandora.acs.unt.edu/o=unt.edu??sub?sn=smith #require ldap-url ldap://castor.acs.unt.edu/ou=people,o=unt.edu??sub?untcourse= Obviously, the ldap-url attribute is probably only support by this module. Check out the following link for options to load the module: http://perl.apache.org/docs/1.0/guide/config.html#The_Startup_File http://perl.apache.org/docs/2.0/user/config/config.html#Startup_File AUTHOR
Mark Wilcox mewilcox@unt.edu and Shannon Eric Peevey speeves@unt.edu SEE ALSO
perl(1). WARRANTY Hey, I didn't destroy mankind when testing the module. You're mileage may vary. This module is distributed with the same license as Perl's. perl v5.12.1 2010-07-05 Apache::AuthzNetLDAP(3)