Update drafts.

[homepage.git] / blog / draft / 2010-07-03-ldap-searches.txt

diff --git a/blog/draft/2010-07-03-ldap-searches.txt b/blog/draft/2010-07-03-ldap-searches.txt
index 7aa5d6b5c86985539ec2121c92c697ebb02d5f71..6e13d6b5518a9f13048ed9788b4cc8d040af65ed 100644 (file)
--- a/blog/draft/2010-07-03-ldap-searches.txt
+++ b/blog/draft/2010-07-03-ldap-searches.txt
@@ -1,8 +1,40 @@
 Title: What are they searching for - DNS and DHCP in LDAP
 
 Title: What are they searching for - DNS and DHCP in LDAP
 

+As a step to try to figure a way to merge the DNS and DHCP LDAP
+objects in Debian Edu, I have had a look at how pdns-backend-ldap and
+dhcp3-server-ldap use the LDAP server.  The two approaches are quite
+different.
+
+To get this information, I started slapd with debugging enabled and
+dumped the debug output to a file to get the LDAP searches performed
+on a Debian Edu main-server.
+
+powerdns
+========
+
+http://www.linuxnetworks.de/doc/index.php/PowerDNS_LDAP_Backend
+
+dhcp
+====
+
+The DHCP server searches for specific objectclass and then uses the
+attributes
+
+
+SRCH "dc=skole,dc=skolelinux,dc=no" 2 0    0 0 0
+    filter: (&(objectClass=dhcpServer)(cn=dhcp))
+    attrs:
+
+SRCH "cn=DHCP Config,dc=skole,dc=skolelinux,dc=no" 0 0    0 0 0
+    filter: (&(objectClass=dhcpService)(|(dhcpPrimaryDN=cn=dhcp,dc=skole,dc=skolelinux,dc=no)(dhcpSecondaryDN=cn=dhcp,dc=skole,dc=skolelinux,dc=no)))
+    attrs:
+
+
+
+

 dhcp -> ou=DNSDHCP,dc=skole,dc=skolelinux,dc=no
 
 dhcp -> ou=DNSDHCP,dc=skole,dc=skolelinux,dc=no
 

-dn: dc=gateway,dc=intern,ou=Computers,ou=DNSDHCP,dc=skole,dc=skolelinux,dc=no
+dn: dc=hostname,ou=Computers,ou=DNSDHCP,dc=skole,dc=skolelinux,dc=no

 dc: hostname
 objectClass: top
 objectClass: dhcpHost
 dc: hostname
 objectClass: top
 objectClass: dhcpHost


@@ -14,6 +46,23 @@ dhcpHWAddress: ethernet 00:00:00:00:00:00
 dhcpStatements: fixed-address hostname
 
 
 dhcpStatements: fixed-address hostname
 
 

+# Combined object:
+
+dn: ?
+objectClass: dhcpHost
+objectclass: dnsdomainaux
+objectclass: domainrelatedobject
+objectClass: sambaSamAccount
+arecord: $ipaddr
+associateddomain: $fqdn
+dhcpHWAddress: ethernet $hwaddr
+dhcpStatements: fixed-address $fqdn
+uid: $hostname\$
+sambaSID: $SAMBASID-$SAMBARIN
+sambaAcctFlags: [S          ]
+sambaPwdLastSet: 1279055792
+sambaNTPassword: $SAMBANTPWDHASH
+

 
 SRCH "dc=ldap,dc=intern,ou=hosts,dc=skole,dc=skolelinux,dc=no" 0 3    0 0 0
     filter: (associatedDomain=ldap.intern)
 
 SRCH "dc=ldap,dc=intern,ou=hosts,dc=skole,dc=skolelinux,dc=no" 0 3    0 0 0
     filter: (associatedDomain=ldap.intern)


@@ -277,51 +326,19 @@ SRCH "cn=10.0.2.0,cn=INTERNAL,cn=DHCP Config,dc=skole,dc=skolelinux,dc=no" 1 0
 SRCH "cn=group1,cn=INTERNAL,cn=DHCP Config,dc=skole,dc=skolelinux,dc=no" 1 0    0 0 0
     filter: (objectClass=*)
     attrs:
 SRCH "cn=group1,cn=INTERNAL,cn=DHCP Config,dc=skole,dc=skolelinux,dc=no" 1 0    0 0 0
     filter: (objectClass=*)
     attrs:

-bdb_idl_fetch_key: %cn=group1,cn=internal,cn=dhcp config,dc=skole,dc=skolelinux,dc=no
-
-connection_get(20)

 
 

-<= ldap_bv2dn(cn=group2,cn=INTERNAL,cn=DHCP Config,dc=skole,dc=skolelinux,dc=no)=0 
-
-<= ldap_dn2bv(cn=group2,cn=INTERNAL,cn=DHCP Config,dc=skole,dc=skolelinux,dc=no)=0 
-
-<= ldap_dn2bv(cn=group2,cn=internal,cn=dhcp config,dc=skole,dc=skolelinux,dc=no)=0 

 SRCH "cn=group2,cn=INTERNAL,cn=DHCP Config,dc=skole,dc=skolelinux,dc=no" 1 0    0 0 0
     filter: (objectClass=*)
     attrs:
 SRCH "cn=group2,cn=INTERNAL,cn=DHCP Config,dc=skole,dc=skolelinux,dc=no" 1 0    0 0 0
     filter: (objectClass=*)
     attrs:

-bdb_idl_fetch_key: %cn=group2,cn=internal,cn=dhcp config,dc=skole,dc=skolelinux,dc=no

 
 

-connection_get(20)
-=> ldap_bv2dn(cn=THINCLIENTS,cn=DHCP Config,dc=skole,dc=skolelinux,dc=no,0)
-<= ldap_bv2dn(cn=THINCLIENTS,cn=DHCP Config,dc=skole,dc=skolelinux,dc=no)=0 
-
-<= ldap_dn2bv(cn=THINCLIENTS,cn=DHCP Config,dc=skole,dc=skolelinux,dc=no)=0 
-
-<= ldap_dn2bv(cn=thinclients,cn=dhcp config,dc=skole,dc=skolelinux,dc=no)=0 

 SRCH "cn=THINCLIENTS,cn=DHCP Config,dc=skole,dc=skolelinux,dc=no" 1 0    0 0 0
     filter: (objectClass=*)
     attrs:
 SRCH "cn=THINCLIENTS,cn=DHCP Config,dc=skole,dc=skolelinux,dc=no" 1 0    0 0 0
     filter: (objectClass=*)
     attrs:

-bdb_idl_fetch_key: %cn=thinclients,cn=dhcp config,dc=skole,dc=skolelinux,dc=no
-
-connection_get(20)
-=> ldap_bv2dn(cn=192.168.0.0,cn=THINCLIENTS,cn=DHCP Config,dc=skole,dc=skolelinux,dc=no,0)
-<= ldap_bv2dn(cn=192.168.0.0,cn=THINCLIENTS,cn=DHCP Config,dc=skole,dc=skolelinux,dc=no)=0 

 
 

-<= ldap_dn2bv(cn=192.168.0.0,cn=THINCLIENTS,cn=DHCP Config,dc=skole,dc=skolelinux,dc=no)=0 
-
-<= ldap_dn2bv(cn=192.168.0.0,cn=thinclients,cn=dhcp config,dc=skole,dc=skolelinux,dc=no)=0 

 SRCH "cn=192.168.0.0,cn=THINCLIENTS,cn=DHCP Config,dc=skole,dc=skolelinux,dc=no" 1 0    0 0 0
     filter: (objectClass=*)
     attrs:
 SRCH "cn=192.168.0.0,cn=THINCLIENTS,cn=DHCP Config,dc=skole,dc=skolelinux,dc=no" 1 0    0 0 0
     filter: (objectClass=*)
     attrs:

-bdb_idl_fetch_key: %cn=192.168.0.0,cn=thinclients,cn=dhcp config,dc=skole,dc=skolelinux,dc=no
-
-connection_get(20)
-=> ldap_bv2dn(cn=group1,cn=THINCLIENTS,cn=DHCP Config,dc=skole,dc=skolelinux,dc=no,0)
-<= ldap_bv2dn(cn=group1,cn=THINCLIENTS,cn=DHCP Config,dc=skole,dc=skolelinux,dc=no)=0 

 
 

-<= ldap_dn2bv(cn=group1,cn=THINCLIENTS,cn=DHCP Config,dc=skole,dc=skolelinux,dc=no)=0 
-
-<= ldap_dn2bv(cn=group1,cn=thinclients,cn=dhcp config,dc=skole,dc=skolelinux,dc=no)=0 

 SRCH "cn=group1,cn=THINCLIENTS,cn=DHCP Config,dc=skole,dc=skolelinux,dc=no" 1 0    0 0 0
     filter: (objectClass=*)
     attrs:
 SRCH "cn=group1,cn=THINCLIENTS,cn=DHCP Config,dc=skole,dc=skolelinux,dc=no" 1 0    0 0 0
     filter: (objectClass=*)
     attrs:


@@ -748,37 +765,15 @@ connection_get(18)
 SRCH "ou=hosts,dc=skole,dc=skolelinux,dc=no" 0 3    0 0 0
     filter: (&(associatedDomain=)(sOARecord=*))
     attrs: SOARecord dNSTTL modifyTimestamp
 SRCH "ou=hosts,dc=skole,dc=skolelinux,dc=no" 0 3    0 0 0
     filter: (&(associatedDomain=)(sOARecord=*))
     attrs: SOARecord dNSTTL modifyTimestamp

-base_candidates: base: "ou=hosts,dc=skole,dc=skolelinux,dc=no" (0x00000039)
-
-
-=> ldap_bv2dn(dc=n800,dc=tableteer,dc=nokia,dc=com,ou=hosts,dc=skole,dc=skolelinux,dc=no,0)
-<= ldap_bv2dn(dc=n800,dc=tableteer,dc=nokia,dc=com,ou=hosts,dc=skole,dc=skolelinux,dc=no)=0 
-
-<= ldap_dn2bv(dc=n800,dc=tableteer,dc=nokia,dc=com,ou=hosts,dc=skole,dc=skolelinux,dc=no)=0 

 
 

-<= ldap_dn2bv(dc=n800,dc=tableteer,dc=nokia,dc=com,ou=hosts,dc=skole,dc=skolelinux,dc=no)=0 

 SRCH "dc=n800,dc=tableteer,dc=nokia,dc=com,ou=hosts,dc=skole,dc=skolelinux,dc=no" 0 3    0 0 0
     filter: (associatedDomain=n800.tableteer.nokia.com)
     attrs: dNSTTL aRecord nSRecord cNAMERecord sOARecord pTRRecord hInfoRecord mXRecord tXTRecord rPRecord aFSDBRecord KeyRecord aAAARecord lOCRecord sRVRecord nAPTRRecord kXRecord certRecord dSRecord sSHFPRecord iPSecKeyRecord rRSIGRecord nSECRecord dNSKeyRecord dHCIDRecord sPFRecord modifyTimestamp
 SRCH "dc=n800,dc=tableteer,dc=nokia,dc=com,ou=hosts,dc=skole,dc=skolelinux,dc=no" 0 3    0 0 0
     filter: (associatedDomain=n800.tableteer.nokia.com)
     attrs: dNSTTL aRecord nSRecord cNAMERecord sOARecord pTRRecord hInfoRecord mXRecord tXTRecord rPRecord aFSDBRecord KeyRecord aAAARecord lOCRecord sRVRecord nAPTRRecord kXRecord certRecord dSRecord sSHFPRecord iPSecKeyRecord rRSIGRecord nSECRecord dNSKeyRecord dHCIDRecord sPFRecord modifyTimestamp

-send_ldap_result: err=10 matched="ou=hosts,dc=skole,dc=skolelinux,dc=no" text=""
-
-=> ldap_bv2dn(dc=*,dc=tableteer,dc=nokia,dc=com,ou=hosts,dc=skole,dc=skolelinux,dc=no,0)
-<= ldap_bv2dn(dc=*,dc=tableteer,dc=nokia,dc=com,ou=hosts,dc=skole,dc=skolelinux,dc=no)=0 

 
 

-<= ldap_dn2bv(dc=*,dc=tableteer,dc=nokia,dc=com,ou=hosts,dc=skole,dc=skolelinux,dc=no)=0 
-
-<= ldap_dn2bv(dc=*,dc=tableteer,dc=nokia,dc=com,ou=hosts,dc=skole,dc=skolelinux,dc=no)=0 

 SRCH "dc=*,dc=tableteer,dc=nokia,dc=com,ou=hosts,dc=skole,dc=skolelinux,dc=no" 0 3    0 0 0
     filter: (associatedDomain=\2A.tableteer.nokia.com)
     attrs: dNSTTL aRecord nSRecord cNAMERecord sOARecord pTRRecord hInfoRecord mXRecord tXTRecord rPRecord aFSDBRecord KeyRecord aAAARecord lOCRecord sRVRecord nAPTRRecord kXRecord certRecord dSRecord sSHFPRecord iPSecKeyRecord rRSIGRecord nSECRecord dNSKeyRecord dHCIDRecord sPFRecord modifyTimestamp
 SRCH "dc=*,dc=tableteer,dc=nokia,dc=com,ou=hosts,dc=skole,dc=skolelinux,dc=no" 0 3    0 0 0
     filter: (associatedDomain=\2A.tableteer.nokia.com)
     attrs: dNSTTL aRecord nSRecord cNAMERecord sOARecord pTRRecord hInfoRecord mXRecord tXTRecord rPRecord aFSDBRecord KeyRecord aAAARecord lOCRecord sRVRecord nAPTRRecord kXRecord certRecord dSRecord sSHFPRecord iPSecKeyRecord rRSIGRecord nSECRecord dNSKeyRecord dHCIDRecord sPFRecord modifyTimestamp

-send_ldap_result: err=10 matched="ou=hosts,dc=skole,dc=skolelinux,dc=no" text=""
-
-=> ldap_bv2dn(dc=*,dc=nokia,dc=com,ou=hosts,dc=skole,dc=skolelinux,dc=no,0)
-<= ldap_bv2dn(dc=*,dc=nokia,dc=com,ou=hosts,dc=skole,dc=skolelinux,dc=no)=0 
-
-<= ldap_dn2bv(dc=*,dc=nokia,dc=com,ou=hosts,dc=skole,dc=skolelinux,dc=no)=0 

 
 

-<= ldap_dn2bv(dc=*,dc=nokia,dc=com,ou=hosts,dc=skole,dc=skolelinux,dc=no)=0 

 SRCH "dc=*,dc=nokia,dc=com,ou=hosts,dc=skole,dc=skolelinux,dc=no" 0 3    0 0 0
     filter: (associatedDomain=\2A.nokia.com)
     attrs: dNSTTL aRecord nSRecord cNAMERecord sOARecord pTRRecord hInfoRecord mXRecord tXTRecord rPRecord aFSDBRecord KeyRecord aAAARecord lOCRecord sRVRecord nAPTRRecord kXRecord certRecord dSRecord sSHFPRecord iPSecKeyRecord rRSIGRecord nSECRecord dNSKeyRecord dHCIDRecord sPFRecord modifyTimestamp
 SRCH "dc=*,dc=nokia,dc=com,ou=hosts,dc=skole,dc=skolelinux,dc=no" 0 3    0 0 0
     filter: (associatedDomain=\2A.nokia.com)
     attrs: dNSTTL aRecord nSRecord cNAMERecord sOARecord pTRRecord hInfoRecord mXRecord tXTRecord rPRecord aFSDBRecord KeyRecord aAAARecord lOCRecord sRVRecord nAPTRRecord kXRecord certRecord dSRecord sSHFPRecord iPSecKeyRecord rRSIGRecord nSECRecord dNSKeyRecord dHCIDRecord sPFRecord modifyTimestamp