Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
AUTHORS
COPYING
ChangeLog
INSTALL
Makefile.am
NEWS
README
bind98_dlz_dlopen.h
configure.ac
dlz-ldap-enum.spec.in
dlz_ldap_enum.conf
dlz_ldap_enum_driver.c
dlz_ldap_enum_driver.h
sdlz_helper.c
sdlz_helper.h

README

This is a module (shared object) for bind9 based on the dlz_dlopen API

It is built using autotools - see INSTALL for how to compile it.


Integrating with bind:
----------------------

a) Install the binary using the dlz-ldap-enum package:

     # apt-get install dlz-ldap-enum       (Debian, Ubuntu)
     # yum install dlz-ldap-enum           (Fedora, RHEL, CentOS)

   or if you built it from source:

     make install

   or manually install the binary:

     cp dlz_ldap_enum.so /usr/lib/.....wherever..../

b) Install the config file

     cp dlz_ldap_enum.conf /etc/bind/      (Debian, Ubuntu)

     cp dlz_ldap_enum.conf /etc/named/     (Fedora, RHEL, CentOS)

   or to whichever directory you use for bind config files.

c) Modify your named.conf to include the new file, e.g. add the following:

     include "/etc/bind/dlz_ldap_enum.conf";      (Debian, Ubuntu)

   or

     include "/etc/named/dlz_ldap_enum.conf";     (Fedora, RHEL, CentOS)

d) If required, create a user in LDAP that the bind process can use to
   access the directory.

e) Modify the settings in dlz_ldap_enum.conf to match your environment

f) Delegate domain from your main zone to the sub-zone,

   e.g. your main zone = example.org
        your ENUM zone = e164-lookup.example.org

    => in the zone file for example.org  (possibly called db.example.org),
       insert the following:

         e164-lookup   IN    NS   hostname-of-nameserver

    where `hostname-of-nameserver' is the relative hostname of the
    server where you run the dlz-ldap-enum module.

g) Restart bind

Setting up LDAP and testing
---------------------------

   Your LDAP server must typically contain entries with attributes
   for telephone and email, e.g.:

     dn: cn=Tester,dc=example,dc=org
     objectClass: inetOrgPerson
     cn: Tester
     sn: Tests
     mail: tester1@example.org
     telephoneNumber: +44207135

  Test with the `dig' command:

    $ dig @localhost -t any 5.3.1.7.0.2.4.4.e164-rev.test 

    ;; ANSWER SECTION:
    5.3.1.7.0.2.4.4.e164-rev.test. 60 IN	NAPTR	100 10 "u" "E2U+sip" "!^\\+44207135$!sip:tester1@example.org!" .
    5.3.1.7.0.2.4.4.e164-rev.test. 60 IN	NAPTR	100 10 "u" "E2U+xmpp" "!^\\+44207135$!xmpp:tester1@example.org!" .

   You can see what is happening by running the nameserver on the console
   in debug mode:

     # named -g -d 1

   and then you will see all the LDAP queries issues by the server.