X-Git-Url: http://pere.pagekite.me/gitweb/homepage.git/blobdiff_plain/a72b3ef9a721da51330cabf8b7578efe01c5641b..c34a3c4ed42580eae32bcf7205825db0651ff50b:/blog/draft/2010-07-03-ldap-searches.txt diff --git a/blog/draft/2010-07-03-ldap-searches.txt b/blog/draft/2010-07-03-ldap-searches.txt index 7aa5d6b5c8..6e13d6b551 100644 --- a/blog/draft/2010-07-03-ldap-searches.txt +++ b/blog/draft/2010-07-03-ldap-searches.txt @@ -1,8 +1,40 @@ Title: What are they searching for - DNS and DHCP in LDAP +As a step to try to figure a way to merge the DNS and DHCP LDAP +objects in Debian Edu, I have had a look at how pdns-backend-ldap and +dhcp3-server-ldap use the LDAP server. The two approaches are quite +different. + +To get this information, I started slapd with debugging enabled and +dumped the debug output to a file to get the LDAP searches performed +on a Debian Edu main-server. + +powerdns +======== + +http://www.linuxnetworks.de/doc/index.php/PowerDNS_LDAP_Backend + +dhcp +==== + +The DHCP server searches for specific objectclass and then uses the +attributes + + +SRCH "dc=skole,dc=skolelinux,dc=no" 2 0 0 0 0 + filter: (&(objectClass=dhcpServer)(cn=dhcp)) + attrs: + +SRCH "cn=DHCP Config,dc=skole,dc=skolelinux,dc=no" 0 0 0 0 0 + filter: (&(objectClass=dhcpService)(|(dhcpPrimaryDN=cn=dhcp,dc=skole,dc=skolelinux,dc=no)(dhcpSecondaryDN=cn=dhcp,dc=skole,dc=skolelinux,dc=no))) + attrs: + + + + dhcp -> ou=DNSDHCP,dc=skole,dc=skolelinux,dc=no -dn: dc=gateway,dc=intern,ou=Computers,ou=DNSDHCP,dc=skole,dc=skolelinux,dc=no +dn: dc=hostname,ou=Computers,ou=DNSDHCP,dc=skole,dc=skolelinux,dc=no dc: hostname objectClass: top objectClass: dhcpHost @@ -14,6 +46,23 @@ dhcpHWAddress: ethernet 00:00:00:00:00:00 dhcpStatements: fixed-address hostname +# Combined object: + +dn: ? +objectClass: dhcpHost +objectclass: dnsdomainaux +objectclass: domainrelatedobject +objectClass: sambaSamAccount +arecord: $ipaddr +associateddomain: $fqdn +dhcpHWAddress: ethernet $hwaddr +dhcpStatements: fixed-address $fqdn +uid: $hostname\$ +sambaSID: $SAMBASID-$SAMBARIN +sambaAcctFlags: [S ] +sambaPwdLastSet: 1279055792 +sambaNTPassword: $SAMBANTPWDHASH + SRCH "dc=ldap,dc=intern,ou=hosts,dc=skole,dc=skolelinux,dc=no" 0 3 0 0 0 filter: (associatedDomain=ldap.intern) @@ -277,51 +326,19 @@ SRCH "cn=10.0.2.0,cn=INTERNAL,cn=DHCP Config,dc=skole,dc=skolelinux,dc=no" 1 0 SRCH "cn=group1,cn=INTERNAL,cn=DHCP Config,dc=skole,dc=skolelinux,dc=no" 1 0 0 0 0 filter: (objectClass=*) attrs: -bdb_idl_fetch_key: %cn=group1,cn=internal,cn=dhcp config,dc=skole,dc=skolelinux,dc=no - -connection_get(20) -<= ldap_bv2dn(cn=group2,cn=INTERNAL,cn=DHCP Config,dc=skole,dc=skolelinux,dc=no)=0 - -<= ldap_dn2bv(cn=group2,cn=INTERNAL,cn=DHCP Config,dc=skole,dc=skolelinux,dc=no)=0 - -<= ldap_dn2bv(cn=group2,cn=internal,cn=dhcp config,dc=skole,dc=skolelinux,dc=no)=0 SRCH "cn=group2,cn=INTERNAL,cn=DHCP Config,dc=skole,dc=skolelinux,dc=no" 1 0 0 0 0 filter: (objectClass=*) attrs: -bdb_idl_fetch_key: %cn=group2,cn=internal,cn=dhcp config,dc=skole,dc=skolelinux,dc=no -connection_get(20) -=> ldap_bv2dn(cn=THINCLIENTS,cn=DHCP Config,dc=skole,dc=skolelinux,dc=no,0) -<= ldap_bv2dn(cn=THINCLIENTS,cn=DHCP Config,dc=skole,dc=skolelinux,dc=no)=0 - -<= ldap_dn2bv(cn=THINCLIENTS,cn=DHCP Config,dc=skole,dc=skolelinux,dc=no)=0 - -<= ldap_dn2bv(cn=thinclients,cn=dhcp config,dc=skole,dc=skolelinux,dc=no)=0 SRCH "cn=THINCLIENTS,cn=DHCP Config,dc=skole,dc=skolelinux,dc=no" 1 0 0 0 0 filter: (objectClass=*) attrs: -bdb_idl_fetch_key: %cn=thinclients,cn=dhcp config,dc=skole,dc=skolelinux,dc=no - -connection_get(20) -=> ldap_bv2dn(cn=192.168.0.0,cn=THINCLIENTS,cn=DHCP Config,dc=skole,dc=skolelinux,dc=no,0) -<= ldap_bv2dn(cn=192.168.0.0,cn=THINCLIENTS,cn=DHCP Config,dc=skole,dc=skolelinux,dc=no)=0 -<= ldap_dn2bv(cn=192.168.0.0,cn=THINCLIENTS,cn=DHCP Config,dc=skole,dc=skolelinux,dc=no)=0 - -<= ldap_dn2bv(cn=192.168.0.0,cn=thinclients,cn=dhcp config,dc=skole,dc=skolelinux,dc=no)=0 SRCH "cn=192.168.0.0,cn=THINCLIENTS,cn=DHCP Config,dc=skole,dc=skolelinux,dc=no" 1 0 0 0 0 filter: (objectClass=*) attrs: -bdb_idl_fetch_key: %cn=192.168.0.0,cn=thinclients,cn=dhcp config,dc=skole,dc=skolelinux,dc=no - -connection_get(20) -=> ldap_bv2dn(cn=group1,cn=THINCLIENTS,cn=DHCP Config,dc=skole,dc=skolelinux,dc=no,0) -<= ldap_bv2dn(cn=group1,cn=THINCLIENTS,cn=DHCP Config,dc=skole,dc=skolelinux,dc=no)=0 -<= ldap_dn2bv(cn=group1,cn=THINCLIENTS,cn=DHCP Config,dc=skole,dc=skolelinux,dc=no)=0 - -<= ldap_dn2bv(cn=group1,cn=thinclients,cn=dhcp config,dc=skole,dc=skolelinux,dc=no)=0 SRCH "cn=group1,cn=THINCLIENTS,cn=DHCP Config,dc=skole,dc=skolelinux,dc=no" 1 0 0 0 0 filter: (objectClass=*) attrs: @@ -748,37 +765,15 @@ connection_get(18) SRCH "ou=hosts,dc=skole,dc=skolelinux,dc=no" 0 3 0 0 0 filter: (&(associatedDomain=)(sOARecord=*)) attrs: SOARecord dNSTTL modifyTimestamp -base_candidates: base: "ou=hosts,dc=skole,dc=skolelinux,dc=no" (0x00000039) - - -=> ldap_bv2dn(dc=n800,dc=tableteer,dc=nokia,dc=com,ou=hosts,dc=skole,dc=skolelinux,dc=no,0) -<= ldap_bv2dn(dc=n800,dc=tableteer,dc=nokia,dc=com,ou=hosts,dc=skole,dc=skolelinux,dc=no)=0 - -<= ldap_dn2bv(dc=n800,dc=tableteer,dc=nokia,dc=com,ou=hosts,dc=skole,dc=skolelinux,dc=no)=0 -<= ldap_dn2bv(dc=n800,dc=tableteer,dc=nokia,dc=com,ou=hosts,dc=skole,dc=skolelinux,dc=no)=0 SRCH "dc=n800,dc=tableteer,dc=nokia,dc=com,ou=hosts,dc=skole,dc=skolelinux,dc=no" 0 3 0 0 0 filter: (associatedDomain=n800.tableteer.nokia.com) attrs: dNSTTL aRecord nSRecord cNAMERecord sOARecord pTRRecord hInfoRecord mXRecord tXTRecord rPRecord aFSDBRecord KeyRecord aAAARecord lOCRecord sRVRecord nAPTRRecord kXRecord certRecord dSRecord sSHFPRecord iPSecKeyRecord rRSIGRecord nSECRecord dNSKeyRecord dHCIDRecord sPFRecord modifyTimestamp -send_ldap_result: err=10 matched="ou=hosts,dc=skole,dc=skolelinux,dc=no" text="" - -=> ldap_bv2dn(dc=*,dc=tableteer,dc=nokia,dc=com,ou=hosts,dc=skole,dc=skolelinux,dc=no,0) -<= ldap_bv2dn(dc=*,dc=tableteer,dc=nokia,dc=com,ou=hosts,dc=skole,dc=skolelinux,dc=no)=0 -<= ldap_dn2bv(dc=*,dc=tableteer,dc=nokia,dc=com,ou=hosts,dc=skole,dc=skolelinux,dc=no)=0 - -<= ldap_dn2bv(dc=*,dc=tableteer,dc=nokia,dc=com,ou=hosts,dc=skole,dc=skolelinux,dc=no)=0 SRCH "dc=*,dc=tableteer,dc=nokia,dc=com,ou=hosts,dc=skole,dc=skolelinux,dc=no" 0 3 0 0 0 filter: (associatedDomain=\2A.tableteer.nokia.com) attrs: dNSTTL aRecord nSRecord cNAMERecord sOARecord pTRRecord hInfoRecord mXRecord tXTRecord rPRecord aFSDBRecord KeyRecord aAAARecord lOCRecord sRVRecord nAPTRRecord kXRecord certRecord dSRecord sSHFPRecord iPSecKeyRecord rRSIGRecord nSECRecord dNSKeyRecord dHCIDRecord sPFRecord modifyTimestamp -send_ldap_result: err=10 matched="ou=hosts,dc=skole,dc=skolelinux,dc=no" text="" - -=> ldap_bv2dn(dc=*,dc=nokia,dc=com,ou=hosts,dc=skole,dc=skolelinux,dc=no,0) -<= ldap_bv2dn(dc=*,dc=nokia,dc=com,ou=hosts,dc=skole,dc=skolelinux,dc=no)=0 - -<= ldap_dn2bv(dc=*,dc=nokia,dc=com,ou=hosts,dc=skole,dc=skolelinux,dc=no)=0 -<= ldap_dn2bv(dc=*,dc=nokia,dc=com,ou=hosts,dc=skole,dc=skolelinux,dc=no)=0 SRCH "dc=*,dc=nokia,dc=com,ou=hosts,dc=skole,dc=skolelinux,dc=no" 0 3 0 0 0 filter: (associatedDomain=\2A.nokia.com) attrs: dNSTTL aRecord nSRecord cNAMERecord sOARecord pTRRecord hInfoRecord mXRecord tXTRecord rPRecord aFSDBRecord KeyRecord aAAARecord lOCRecord sRVRecord nAPTRRecord kXRecord certRecord dSRecord sSHFPRecord iPSecKeyRecord rRSIGRecord nSECRecord dNSKeyRecord dHCIDRecord sPFRecord modifyTimestamp