HI Nick, The powerdns plugin for GOsa is finished, but the lack of DNSSEC and the chance of drop this feature in future versions of powerdns force the debian-edu project to choose bind in place of powerdns for the next version of debian-edu.
The plugin use the same design as bind9 and the repository is here: https://oss.gonicus.de/labs/gosa-contrib/browser/powerdns <https://oss.gonicus.de/labs/gosa-contrib/browser/powerdns>The other real option to use in LDAP is binddlz project but is experimental and very complex to use in any tool, but have all the features :(. I really like to see a update of the powerdns-ldap plugin because also I think that ldap is a really good backend to manage DNS. Thanks 2011/4/30 Nick Milas <nmi...@admin.noa.gr> > On 23/3/2011 11:05 πμ, bert hubert wrote: > > To clarify, PowerDNS development happens because one or more of the >> following three reasons: >> >> ... >> >> >> We also develop quite some things because, frankly, we find them cool >> >> For LDAP, right now none if these things is the case. 1) We don't feel >> that >> LDAP is a particularly good or interesting place to store DNS data. It >> will >> for example have big problems with PowerDNSSEC because of lack of >> ordering. >> >> Although there has been some time since this thread started, and nothing > has changed in essence (we have no news from Udo Rader who offered to work > on the issues), I would like to add a couple of points. > > 1. I really find storing DNS records in LDAP cool and fun, and I have been > wondering why there is so little interest for it. > 2. I have discussed the issue in openldap mailing list (see: > http://www.openldap.org/lists/openldap-technical/201104/msg00363.html and > the associated thread) and people there think too that: > > * LDAP *IS *the best place to store DNS data > * Maintaining/evolving the PowerDNS LDAP backend is "interesting and > worthwhile" (but noone volunteered to work on it, at least yet) > > As I have said in the past, I agree with the above. It strikes me that, > although LDAP seems perhaps the best solution to store DNS records (at least > from a potential performance perspective), there seems to be so little use > of it! I will attribute this to: > > (a) BIND ldap backend (dlz / sdb) being highly experimental and > practically unsuitable for production > (b) lack of publicity about PowerDNS itself, let alone its LDAP backend. > (c) lack of "critical momentum" for PowerDNS - LDAP, mainly caused > by lack of case studies, performance test results (e.g. LDAP vs > MySQL backends), white papers, studies with focus on large domains, > etc. - to prove beyond doubt it's worth it even for enterprise use. > (d) lack of nice management tools that would allow (LDAP-stored) DNS > Record management using an easy and efficient GUI (which would also > enforce all needed checks when changing records etc.) The reason for > this is (b) and (c) above. But, there is some ongoing activity on > this (see for example the GoSA project: > http://www.mail-archive.com/debian-edu@lists.debian.org/msg21887.html). > For our organization's needs, we have developed a php application > which is very convenient (but would require a lot of work to become > more generic and programming is rather non-professional). > > So, considering the above, I would like to underline that LDAP should NOT > become unmaintained: > > (i) It would not be difficult to include at least the proposed patch > for Ticket #313 > ( > http://mailman.powerdns.com/pipermail/pdns-users/2010-September/007004.html > ) > in one v3.0 build so we can install and test. > (ii) I would encourage PowerDNS developers to only provide a > solution for Ticket #260 (= #323) (this time/effort should be very > low) which is the minimum to keep LDAP backend in production status > in the new versions. So, it will gain time to hopefully build up > (b), (c), (d) above. > > I have no personal reasons to promote this work (it would have been easier > for me and would require much less time than what I am doing now to switch > to any other backend), but, feeling comfortable in a nice community like > this, I have publicly expressed my feelings regarding what I believe > is/should be a real power in PowerDNS which we all want to thrive. > > Regards, > Nick > > > > _______________________________________________ > Pdns-users mailing list > Pdns-users@mailman.powerdns.com > http://mailman.powerdns.com/mailman/listinfo/pdns-users > -- Alejandro Escanero Blanco Administrador de Sistemas GNU/Linux Desarrollador de GOsa (http://www.gosa-project.org) Blog: http://www.mylifebetweencomputers.com Jabber: blain...@jabberes.com
_______________________________________________ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
