-
Notifications
You must be signed in to change notification settings - Fork 1
/
README
86 lines (50 loc) · 2.36 KB
/
README
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
This is a module (shared object) for bind9 based on the dlz_dlopen API
It is built using autotools - see INSTALL for how to compile it.
Integrating with bind:
----------------------
a) Install the binary using the dlz-ldap-enum package:
# apt-get install dlz-ldap-enum (Debian, Ubuntu)
# yum install dlz-ldap-enum (Fedora, RHEL, CentOS)
or if you built it from source:
make install
or manually install the binary:
cp dlz_ldap_enum.so /usr/lib/.....wherever..../
b) Install the config file
cp dlz_ldap_enum.conf /etc/bind/ (Debian, Ubuntu)
cp dlz_ldap_enum.conf /etc/named/ (Fedora, RHEL, CentOS)
or to whichever directory you use for bind config files.
c) Modify your named.conf to include the new file, e.g. add the following:
include "/etc/bind/dlz_ldap_enum.conf"; (Debian, Ubuntu)
or
include "/etc/named/dlz_ldap_enum.conf"; (Fedora, RHEL, CentOS)
d) If required, create a user in LDAP that the bind process can use to
access the directory.
e) Modify the settings in dlz_ldap_enum.conf to match your environment
f) Delegate domain from your main zone to the sub-zone,
e.g. your main zone = example.org
your ENUM zone = e164-lookup.example.org
=> in the zone file for example.org (possibly called db.example.org),
insert the following:
e164-lookup IN NS hostname-of-nameserver
where `hostname-of-nameserver' is the relative hostname of the
server where you run the dlz-ldap-enum module.
g) Restart bind
Setting up LDAP and testing
---------------------------
Your LDAP server must typically contain entries with attributes
for telephone and email, e.g.:
dn: cn=Tester,dc=example,dc=org
objectClass: inetOrgPerson
cn: Tester
sn: Tests
mail: [email protected]
telephoneNumber: +44207135
Test with the `dig' command:
$ dig @localhost -t any 5.3.1.7.0.2.4.4.e164-rev.test
;; ANSWER SECTION:
5.3.1.7.0.2.4.4.e164-rev.test. 60 IN NAPTR 100 10 "u" "E2U+sip" "!^\\+44207135$!sip:[email protected]!" .
5.3.1.7.0.2.4.4.e164-rev.test. 60 IN NAPTR 100 10 "u" "E2U+xmpp" "!^\\+44207135$!xmpp:[email protected]!" .
You can see what is happening by running the nameserver on the console
in debug mode:
# named -g -d 1
and then you will see all the LDAP queries issues by the server.