Last update is: 2014-02-13.
PS. Previous update is/was 2007-07-13. This doesn't mean much - the source have
no known bugs and no wishlists. "It just works"...
I still accept bug reports and wishlists and will fix bugs as they show up though.
The GIT version have just been tested with Bind9 9.10.0b1 and 9.9.5 compiled against OpenLDAP 2.4.31 as well as 2.4.38 without any problem what so ever.
The latest releases are the stable 1.0 and the more experimental development release 1.1.0
Feel free to try my own, highly experimental 1.1.2 release. Please report any bugs or issues you might have with it!
git clone https://github.com/FransUrbo/bind9-ldap git checkout -b v1.0 UPSTREAM_1_0To retreive Stig's 1.1.0 version, use tag UPSTREAM_1_1_0 instead.
Roman A. Egorov has written a utility called zone2ldif for converting a zone file into an LDIF file that uses the dNSZone schema. This is quite useful for moving your existing zone files into LDAP. Also, if you're not sure how to use the schema, you could first write a zone file and then use this utility to see how it's done.
A related utility by Jeffry McNeil is zone2ldap It will try to write the zone to LDAP rather than just creating LDIF.
You can speed up the LDAP searches done by BIND quite a lot by using indexing. In your LDAP server configuration you should specify that you want equality indexing on the zoneName amd relativeDomainName attributes.
One way to solve this could be to have a stealth master, not giving it an NS record, and have at least two slaves. The slaves can be any nameserver software you like, and will use AXFR and do caching as usual. In many situations LDAP lookups might be fast enough and you might like the advantage of instant updates. You could then have several masters all using LDAP. You should then use LDAP replication or whatever so that the masters use different LDAP servers. There's no point in several masters and one LDAP server.
Finished a bind9-ldap package for Debian GNU/Linux and Ubuntu. Packages for Feisty is done, and packages for Sarge is building right now.
I think I have, with the 1.1.1 version, managed to fix the problem with bind9 reload (a reload failed previously because the bind didn't work). Please test this (either packages or by checking out HEAD).
Spent the whole day merging all my changes from my days with the LDAP sdb. The changes I've done is in the HEAD branch in the CVS repository, and it's change log is also availible.
I, Turbo Fredriksson, took over maintainence on the request of author, Stig Veenas. Started to import the code into CVS, tagged UPSTREAM_1_0 for his 1.0 version, and tag UPSTREAM_1_1_0 for the 1.1.0 version.
I'm currently in the process of merging my changes and fixes that I've been using on my own installations. To test/use this version, please checkout the HEAD branch from CVS. This is still experimental (and migt compile - I'll merge all changes/differences first, then fix any compile problems etc). Any patches etc will be much appreciated. Please mail these to the mailinglist.
Two new releases are available. First is the 1.0 release. This is identical to the beta release and is the one to use in production. There is also release 1.1.0 which has a number of experimental features. I believe it works well, but I advice testing that in a non-production environment. The main new feature is perhaps support for URLs with ldaps and ldapi schemes when using OpenLDAP libraries. This means you can use SSL or UNIX domain sockets. The use of UNIX domain sockets should give better performance than TCP/IP. Other features are support for specifying search scope and which LDAP attributes to request.
The 1.0-beta release fixes a memory leak present since 0.8. I recommend upgrading to this release, especially if you have problems with BIND eating up too much memory. The only new feature since 1.0-alpha is optional TLS support. This will become the official 1.0 release unless any problems show up.
The 1.0-alpha release uses LDAPv3 by default while previous versions used the LDAP library's default which usually is LDAPv2. It also supports LDAP simple bind. That is, one can use plain-text password for authentication. Except for this, it's identical to 0.9.
In version 0.9 the code has been cleaned up a bit and should be slightly faster than previous versions. It also fixes an error with zone transfers (AXFR) and entries with multiple relativeDomainName values. The problem was that it would only use the first value in the result.
Version 0.8 uses asynchronous LDAP search which should give better performance. Thanks to Ashley Burston for providing patch. Another new feature is allowing filters in URLs. Some error logging has also been added.
Version 0.7 allows space and other characters to be used in URLs by use of %-quoting. For instance space can be written as %20. It also fixes a problem with some servers and/or APIs that do not preserve attribute casing.
Version 0.6 fixes a memory leak present when not using the RFC 1823 API.
Version 0.5 introduces thread support and improved connection handling, and also support for URLs with literal IPv6 addresses. See README for details.
Since 0.4 a new schema called dNSZone is used. In my opinion this schema is much better than what was used in prior versions. The main advantage is that you can store your zones any way you like in the directory tree.