X-Git-Url: http://pere.pagekite.me/gitweb/homepage.git/blobdiff_plain/e22781370f42c3479c619ecbc275ef2e7c64099e..40ff9fcec918fec87e73eae321520cbe14e9032f:/blog/index.rss

diff --git a/blog/index.rss b/blog/index.rss
index 961899c3d6..bcb8a035c6 100644
--- a/blog/index.rss
+++ b/blog/index.rss
@@ -6,6 +6,72 @@
                 <link>http://people.skolelinux.org/pere/blog/</link>
                 <atom:link href="http://people.skolelinux.org/pere/blog/index.rss" rel="self" type="application/rss+xml" />
 	
+	<item>
+		<title>Combining PowerDNS and ISC DHCP LDAP objects</title>
+		<link>http://people.skolelinux.org/pere/blog/Combining_PowerDNS_and_ISC_DHCP_LDAP_objects.html</link>
+		<guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Combining_PowerDNS_and_ISC_DHCP_LDAP_objects.html</guid>
+                <pubDate>Wed, 14 Jul 2010 23:45:00 +0200</pubDate>
+		<description>
+&lt;p&gt;For a while now, I have wanted to find a way to change the DNS and
+DHCP services in Debian Edu to use the same LDAP objects for a given
+computer, to avoid the possibility of having a inconsistent state for
+a computer in LDAP (as in DHCP but no DNS entry or the other way
+around) and make it easier to add computers to LDAP.&lt;/p&gt;
+
+&lt;p&gt;I&#39;ve looked at how powerdns and dhcpd is using LDAP, and using this
+information finally found a solution that seem to work.&lt;/p&gt;
+
+&lt;p&gt;The old setup required three LDAP objects for a given computer.
+One forward DNS entry, one reverse DNS entry and one DHCP entry.  If
+we switch powerdns to use its strict LDAP method (ldap-method=strict
+in pdns-debian-edu.conf), the forward and reverse DNS entries are
+merged into one while making it impossible to transfer the reverse map
+to a slave DNS server.&lt;/p&gt;
+
+&lt;p&gt;If we also replace the object class used to get the DNS related
+attributes to one allowing these attributes to be combined with the
+dhcphost object class, we can merge the DNS and DHCP entries into one.
+I&#39;ve written such object class in the dnsdomainaux.schema file (need
+proper OIDs, but that is a minor issue), and tested the setup.  It
+seem to work.&lt;/p&gt;
+
+&lt;p&gt;With this test setup in place, we can get away with one LDAP object
+for both DNS and DHCP, and even the LTSP configuration I suggested in
+an earlier email.  The combined LDAP object will look something like
+this:&lt;/p&gt;
+
+&lt;blockquote&gt;&lt;pre&gt;
+  dn: cn=hostname,cn=group1,cn=THINCLIENTS,cn=DHCP Config,dc=skole,dc=skolelinux,dc=no
+  cn: hostname
+  objectClass: dhcphost
+  objectclass: domainrelatedobject
+  objectclass: dnsdomainaux
+  associateddomain: hostname.intern
+  arecord: 10.11.12.13
+  dhcphwaddress: ethernet 00:00:00:00:00:00
+  dhcpstatements: fixed-address hostname
+  ldapconfigsound: Y
+&lt;/pre&gt;&lt;/blockquote&gt;
+
+&lt;p&gt;The DNS server uses the associateddomain and arecord entries, while
+the DHCP server uses the dhcphwaddress and dhcpstatements entries
+before asking DNS to resolve the fixed-adddress.  LTSP will use
+dhcphwaddress or associateddomain and the ldapconfig* attributes.&lt;/p&gt;
+
+&lt;p&gt;I am not yet sure if I can get the DHCP server to look for its
+dhcphost in a different location, to allow us to put the objects
+outside the &quot;DHCP Config&quot; subtree, but hope to figure out a way to do
+that.  If I can&#39;t figure out a way to do that, we can still get rid of
+the hosts subtree and move all its content into the DHCP Config tree
+(which probably should be renamed to be more related to the new
+content.  I suspect cn=dnsdhcp,ou=services or something like that
+might be a good place to put it.&lt;/p&gt;
+
+&lt;p&gt;If you want to help out with implementing this for Debian Edu,
+please contact us on debian-edu@lists.debian.org.&lt;/p&gt;
+</description>
+	</item>
+	
 	<item>
 		<title>Idea for storing LTSP configuration in LDAP</title>
 		<link>http://people.skolelinux.org/pere/blog/Idea_for_storing_LTSP_configuration_in_LDAP.html</link>
@@ -625,36 +691,5 @@ hÃ¥ndheves strengt.&lt;/p&gt;
 </description>
 	</item>
 	
-	<item>
-		<title>Officeshots taking shape</title>
-		<link>http://people.skolelinux.org/pere/blog/Officeshots_taking_shape.html</link>
-		<guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Officeshots_taking_shape.html</guid>
-                <pubDate>Sun, 13 Jun 2010 11:40:00 +0200</pubDate>
-		<description>
-&lt;p&gt;For those of us caring about document exchange and
-interoperability, &lt;a href=&quot;http://www.officeshots.org/&quot;&gt;OfficeShots&lt;/a&gt;
-is a great service.  It is to ODF documents what
-&lt;a href=&quot;http://browsershots.org/&quot;&gt;BrowserShots&lt;/a&gt; is for web
-pages.&lt;/p&gt;
-
-&lt;p&gt;A while back, I was contacted by Knut Yrvin at the part of Nokia
-that used to be Trolltech, who wanted to help the OfficeShots project
-and wondered if the University of Oslo where I work would be
-interested in supporting the project.  I helped him to navigate his
-request to the right people at work, and his request was answered with
-a spot in the machine room with power and network connected, and Knut
-arranged funding for a machine to fill the spot.  The machine is
-administrated by the OfficeShots people, so I do not have daily
-contact with its progress, and thus from time to time check back to
-see how the project is doing.&lt;/p&gt;
-
-&lt;p&gt;Today I had a look, and was happy to see that the Dell box in our
-machine room now is the host for several virtual machines running as
-OfficeShots factories, and the project is able to render ODF documents
-in 17 different document processing implementation on Linux and
-Windows.  This is great.&lt;/p&gt;
-</description>
-	</item>
-	
         </channel>
 </rss>
