zeha
commented
6 years ago The ldapbackend cannot list its zones. As such, the API won't work with it.
Open bartleydirk opened 6 years ago
zeha
commented
6 years ago The ldapbackend cannot list its zones. As such, the API won't work with it.
goestreicher
commented
6 years ago Thanks for the report. The backend is missing getAllDomains(), I'll propose a PR to add it.
inot
commented
1 year ago got the same problem, but version is 4.8.1. Everything looks fine, no errors at logs. pdns every several seconds asks openldap about zones, and I can see it.
64ef2ebc conn=1212 op=13 SRCH base="ou=dns,dc=avanpost,dc=local" scope=2 deref=3 filter="(&(sOARecord=*)(PdnsDomainId=*))"
64ef2ebc conn=1212 op=13 SRCH attr=associatedDomain
64ef2ebc conn=1212 op=13 SEARCH RESULT tag=101 err=0 nentries=2 text=
64ef2ebc conn=1212 op=14 SRCH base="ou=dns,dc=avanpost,dc=local" scope=2 deref=3 filter="(&(associatedDomain=avanpost.local)(sOARecord=*))"
64ef2ebc conn=1212 op=14 SRCH attr=sOARecord PdnsDomainId PdnsDomainNotifiedSerial PdnsDomainLastCheck PdnsDomainMaster PdnsDomainType
64ef2ebc <= mdb_equality_candidates: (associatedDomain) not indexed
64ef2ebc conn=1212 op=14 SEARCH RESULT tag=101 err=0 nentries=1 text=but curl answer is empty.
curl -v -H "X-API-Key: secret" http://192.168.1.16:18081/api/v1/servers/localhost/zonespdns logs
pda-data-pdns-1 | Aug 30 12:03:35 [webserver] 62fd1c5e-a2f9-466f-a5ac-09c1556476fd Handling request "/api/v1/servers/localhost/zones"
pda-data-pdns-1 | Aug 30 12:03:35 [LdapBackend] LDAP servers = ldap://192.168.1.16:1389/
pda-data-pdns-1 | Aug 30 12:03:35 [LdapBackend] Ldap connection succeeded
pda-data-pdns-1 | Aug 30 12:03:35 [LdapBackend] Ldap connection closed
pda-data-pdns-1 | Aug 30 12:03:35 [webserver] 62fd1c5e-a2f9-466f-a5ac-09c1556476fd Result for "/api/v1/servers/localhost/zones": 200, body length: 2
pda-data-pdns-1 | Aug 30 12:03:35 [webserver] 62fd1c5e-a2f9-466f-a5ac-09c1556476fd 192.168.1.16:54940 "GET /api/v1/servers/localhost/zones HTTP/1.1" 200 332Moreover, If I will change PdnsDomainMaster value to "bad" value. pdns will notice it and die.
pdns.conf
launch=ldap
ldap-host=ldap://192.168.1.16:1389/
ldap-binddn=cn=admin,dc=avanpost,dc=local
ldap-secret=P@ssw0rd
ldap-basedn=ou=dns,dc=avanpost,dc=local
ldap-method=simple
local-address=0.0.0.0
master=yes
api=yes
api-key=secret
webserver=yes
webserver-allow-from=192.168.1.0/24,192.168.0.0/16, 172.0.0.0/8
webserver-address=0.0.0.0
webserver-password=secret2
version-string=anonymous
default-ttl=1500
allow-notify-from=0.0.0.0
allow-axfr-ips=192.168.0.0/16, 195.251.202.0/23, 195.251.204.0/24, \
194.177.194.0/24, 194.177.195.0/24, 10.0.0.0/8, 194.177.210.211, \
194.177.210.10, 83.212.5.18, 83.212.5.22, 2001:648:2011::/48, \
2001:648:2ffc:111::2, 2001:648:2ffc:112::2, 127.0.0.1, ::1
zone-cache-refresh-interval=0
loglevel=7Openldap entries was created exactly like at doc, without any changes except domain name.
Sorry for necroposting, but I have no idea how to figure out this case. Can you help me?
zeha
commented
1 year ago You need to write the necessary code in ldapbackend. At the very least it needs an getAllDomains implementation.
inot
commented
1 year ago You need to write the necessary code in ldapbackend. At the very least it needs an
getAllDomainsimplementation.
Oh, im not a programmer. So, impossible to use ldap backend without coding, right now?
UPD: Im using openldap and libldapbackend.so
omoerbeek
commented
1 year ago You cannot use the ldap backend with the API, that does not mean it does not work at all.
inot
commented
1 year ago You cannot use the ldap backend with the API, that does not mean it does not work at all.
I tried to ask dns host with nslookup and didnt get answer too. Looks like as Im not a developer so it not possible to use this backend at all. Thank you for your response anyway.
omoerbeek
commented
1 year ago You cannot use the ldap backend with the API, that does not mean it does not work at all.
I tried to ask dns host with nslookup and didnt get answer too. Looks like as Im not a developer so it not possible to use this backend at all. Thank you for your response anyway.
Your are drawing the wrong conclusions. Likely your configuration has a problem.
Habbie
commented
1 year ago This is not a support forum. We can provide support via IRC or mailing list or via GitHub Discussions
I have a testing vm installed and functional and answering dns queries. pdns- 4.1.0 I installed PowerDNS-Admin as a possible add on interface and it appears the API calls for stats and configuration are working, but not the other api calls for zones and hosts.
The ldap data is the output of pdns-zone2ldap. I did get the schema into openldap with the additional pdns-domaininfo schema. For one zone for testing purpose I added data for PdnsDomain to see if I could get it to work.
curl -v -H 'X-API-Key: abc' http://127.0.0.1:8081/api/v1/servers/localhost/zones
returns an empty set of zones. I have watched the slapd logs and noticed that when the above curl command is run, powerdns connects to slapd, but performs no searches.
So my question is should the api functionality correctly function with ldap backend, or is this still a work in process. Is there something more I need to do.