[Freeipa-users] BIND apparently not loading ldap.so
Petr Spacek
pspacek at redhat.com
Thu Feb 11 09:46:23 UTC 2016
On 10.2.2016 20:05, Chris Lajoie wrote:
> Hi, I am using the bind-dyndb-ldap package (not full FreeIPA) and I am having a problem where it appears that the plugin is not getting loaded by BIND at all. I have nothing in the logs at all from the plugin. No failures of any kind, just regular named startup. I would have expected BIND to provide a log message saying it is loading an external plugin, or at least some kind of initialization message from the plugin itself, but I see neither. What am I doing wrong here?
>
> This is the relevant portion of my named.conf file:
>
> logging {
> channel default_debug {
> file "/var/log/named/named.log" versions 4 size 5m;
> severity info;
> print-time yes;
> };
> };
>
> dynamic-db "ldap" {
> library "ldap.so";
> arg "uri ldap://ldap.ett.local";
> arg "base ou=dns,dc=ett,dc=local";
> arg "auth_method simple";
> arg "bind_dn cn=admin,dc=ett,dc=local";
> arg "password secret";
> arg "verbose_checks yes";
> arg "serial_autoincrement yes";
> };
Interesting ...
What version of BIND and bind-dyndb-ldap packages are you using?
$ rpm -q bind bind-dyndb-ldap
I'm not sure how exactly the logging magic in BIND works so I would recommend
you to to run BIND using command:
$ named -g -u named
and check output in the console to see if it contains line like
'bind-dyndb-ldap version 8.0 compiled at 16:09:02 Jan 20 2016, compiler 5.3.1
20151207 (Red Hat 5.3.1-2)'
This message is logged at info level.
If it fails, I would recommend you to double-check that BIND is actually
reading the right configuration file :-) Add line "thismustsurelyfail" to
random places in named.conf and see ;-)
I hope it helps.
--
Petr^2 Spacek
More information about the Freeipa-users
mailing list