[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: dnsDomain2.schema and aRecord

--On Monday, December 11, 2006 9:06 AM +0100 JÃrgen Magin <gaston@octo-soft.de> wrote:


I'm using dnsDomain2 schema with openldap 2.2.27 for dns server (pdns).
When I look into the logfiles i saw that some questions are not answered
by slapd.

When I ask:
    ldapsearch -x -LLL "dc=hostname"
i get the follwing answer:
    objectClass: top
    objectClass: dNSDomain2
    objectClass: domainRelatedObject
    dc: hostname
    pTRRecord: hostname.example.local
    associatedDomain: hostname.example.local
ok, but
    ldapsearch -x -LLL "aRecord="
    ldapsearch -x -LLL "aRecord=192*"
returns nothing and
    ldapsearch -x -LLL "aRecord=*"
returns all entries.

The entry 'aRecord' is of type caseIgnoreIA5Match.
What's wrong there? Any ideas?

Yes. You apparently didn't read the schema definition:

# 9.3.22.  DNS ARecord
#  The A Record attribute type specifies a type A (Address) DNS resource
#  record [6] [7].
#    aRecord ATTRIBUTE
#            DNSRecordSyntax
#    ::= {pilotAttributeType 26}
## incorrect syntax?
attributetype ( 0.9.2342.19200300.100.1.26 NAME 'aRecord'
   EQUALITY caseIgnoreIA5Match

As you can see, there is *no* SUBSTR defined, so there is no defined rule on how to handle substring searches.


Quanah Gibson-Mount
Principal Software Developer
ITS/Shared Application Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html