[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: dnsDomain2.schema and aRecord



--On Monday, December 11, 2006 9:06 AM +0100 JÃrgen Magin <gaston@octo-soft.de> wrote:

Hello

I'm using dnsDomain2 schema with openldap 2.2.27 for dns server (pdns).
When I look into the logfiles i saw that some questions are not answered
by slapd.

When I ask:
    ldapsearch -x -LLL "dc=hostname"
i get the follwing answer:
    dn:
dc=hostnanme,dc=example.local,ou=DNS,ou=Services,dc=example,dc=local
    objectClass: top
    objectClass: dNSDomain2
    objectClass: domainRelatedObject
    dc: hostname
    aRecord: 192.168.1.1
    pTRRecord: hostname.example.local
    associatedDomain: hostname.example.local
ok, but
    ldapsearch -x -LLL "aRecord=192.168.1.1"
or
    ldapsearch -x -LLL "aRecord=192*"
returns nothing and
    ldapsearch -x -LLL "aRecord=*"
returns all entries.

The entry 'aRecord' is of type caseIgnoreIA5Match.
What's wrong there? Any ideas?


Yes.  You apparently didn't read the schema definition:

# 9.3.22.  DNS ARecord
#
#  The A Record attribute type specifies a type A (Address) DNS resource
#  record [6] [7].
#
#    aRecord ATTRIBUTE
#        WITH ATTRIBUTE-SYNTAX
#            DNSRecordSyntax
#    ::= {pilotAttributeType 26}
#
## incorrect syntax?
attributetype ( 0.9.2342.19200300.100.1.26 NAME 'aRecord'
   EQUALITY caseIgnoreIA5Match
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )


As you can see, there is *no* SUBSTR defined, so there is no defined rule on how to handle substring searches.

--Quanah



--
Quanah Gibson-Mount
Principal Software Developer
ITS/Shared Application Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html