File: README

package info (click to toggle)
dlz-ldap-enum 1.1.0-1
  • links: PTS, VCS
  • area: main
  • in suites: sid
  • size: 1,404 kB
  • ctags: 286
  • sloc: sh: 11,274; ansic: 1,455; makefile: 18
file content (86 lines) | stat: -rw-r--r-- 2,418 bytes parent folder | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86

This is a module (shared object) for bind9 based on the dlz_dlopen API

It is built using autotools - see INSTALL for how to compile it.


Integrating with bind:
----------------------

a) Install the binary using the dlz-ldap-enum package:

     # apt-get install dlz-ldap-enum       (Debian, Ubuntu)
     # yum install dlz-ldap-enum           (Fedora, RHEL, CentOS)

   or if you built it from source:

     make install

   or manually install the binary:

     cp dlz_ldap_enum.so /usr/lib/.....wherever..../

b) Install the config file

     cp dlz_ldap_enum.conf /etc/bind/      (Debian, Ubuntu)

     cp dlz_ldap_enum.conf /etc/named/     (Fedora, RHEL, CentOS)

   or to whichever directory you use for bind config files.

c) Modify your named.conf to include the new file, e.g. add the following:

     include "/etc/bind/dlz_ldap_enum.conf";      (Debian, Ubuntu)

   or

     include "/etc/named/dlz_ldap_enum.conf";     (Fedora, RHEL, CentOS)

d) If required, create a user in LDAP that the bind process can use to
   access the directory.

e) Modify the settings in dlz_ldap_enum.conf to match your environment

f) Delegate domain from your main zone to the sub-zone,

   e.g. your main zone = example.org
        your ENUM zone = e164-lookup.example.org

    => in the zone file for example.org  (possibly called db.example.org),
       insert the following:

         e164-lookup   IN    NS   hostname-of-nameserver

    where `hostname-of-nameserver' is the relative hostname of the
    server where you run the dlz-ldap-enum module.

g) Restart bind

Setting up LDAP and testing
---------------------------

   Your LDAP server must typically contain entries with attributes
   for telephone and email, e.g.:

     dn: cn=Tester,dc=example,dc=org
     objectClass: inetOrgPerson
     cn: Tester
     sn: Tests
     mail: tester1@example.org
     telephoneNumber: +44207135

  Test with the `dig' command:

    $ dig @localhost -t any 5.3.1.7.0.2.4.4.e164-rev.test 

    ;; ANSWER SECTION:
    5.3.1.7.0.2.4.4.e164-rev.test. 60 IN	NAPTR	100 10 "u" "E2U+sip" "!^\\+44207135$!sip:tester1@example.org!" .
    5.3.1.7.0.2.4.4.e164-rev.test. 60 IN	NAPTR	100 10 "u" "E2U+xmpp" "!^\\+44207135$!xmpp:tester1@example.org!" .

   You can see what is happening by running the nameserver on the console
   in debug mode:

     # named -g -d 1

   and then you will see all the LDAP queries issues by the server.