ldap2dns/doc/example.ldif

###
# ldap2dns examples file
# Part of the ldap2dns package
# (C) 2006 Ben Klang <ben@alkaloid.net>
# http://projects.alkaloid.net
# $Id$
###

# A couple notes before we get started
# All dnscname and dnsname fields can take either a short or fully a qualified
# hostname.  If you do not add a trailing '.' then ldap2dns will append the
# domain name of the parent object.  This is true even if the hostname has a '.'
# inside it. ex: "foo.bar" would get the domain appended.  "foo.bar." would not.

# The records below are designed to be representative of the various options
# available with ldap2dns and tinydns.

# Create the top level object to hold all DNS zones
dn: ou=DNS,dc=example,dc=com
objectClass: top
objectClass: organizationalUnit
ou: DNS

# Example SOA for the "example.com" domain
dn: cn=example.com,ou=DNS,dc=example,dc=com
objectClass: top
objectClass: dnszone
cn: example.com
dnszonename: example.com
dnsttl: 259200
dnsadminmailbox: hostmaster.example.com
dnszonemaster: dns01.example.com
dnsserial: 2006030701

# MX record for example.com.  This MX has a preference of 10 and is aliased
# to the host mx1.example.com.   This hostname will need to be defined elsewhere
# to work as expected.  The complementary record can be found below.
dn: cn=MX-10,cn=example.com,ou=DNS,dc=example,dc=com
objectClass: top
objectClass: dnszone
objectClass: dnsrrset
cn: MX-10
dnstype: mx
dnsdomainname: example.com.
dnscname: mx1
dnspreference: 10

# A record for mx1
dn: cn=mx1.example.com,cn=example.com,ou=DNS,dc=example,dc=com
objectClass: top
objectClass: dnszone
objectClass: dnsrrset
cn: mx1.example.com
dnstype: a
dnsdomainname: mx1
dnsipaddr: 192.168.0.7

# Nameserver record.  This record will also require a separate A record defining
# ns1.example.com to be properly functioning.
dn: cn=ns1.example.com,cn=example.com,ou=DNS,dc=example,dc=com
objectClass: top
objectClass: dnszone
objectClass: dnsrrset
cn: ns1.example.com
dnstype: a
dnsdomainname: ns1
dnsipaddr: 192.168.0.1

# example.com A record
dn: cn=example.com,cn=example.com,ou=DNS,dc=example,dc=com
objectClass: top
objectClass: dnszone
objectClass: dnsrrset
cn: example.com
dnstype: a
dnsdomainname: example.com.
dnsipaddr: 192.168.0.2

# A host named foo with a record TTL of 1800 seconds (30 minutes)
dn: cn=foo.example.com,cn=example.com,ou=DNS,dc=example,dc=com
objectClass: top
objectClass: dnszone
objectClass: dnsrrset
cn: foo.example.com
dnstype: a
dnsdomainname: foo.example.com.
dnsipaddr: 192.168.0.3
dnsttl: 1800

# Example CNAME pointing www.example.com to foo.example.com
dn: cn=www.example.com,cn=example.com,ou=DNS,dc=example,dc=com
objectClass: top
objectClass: dnszone
objectClass: dnsrrset
cn: www.example.com
dnstype: cname
dnsdomainname: www
dnscname: foo.example.com

# Example pointing all otherwise undefined hosts underneath example.com to
# 192.168.0.100
dn: cn=*.example.com,cn=example.com,ou=DNS,dc=example,dc=com
objectClass: top
objectClass: dnszone
objectClass: dnsrrset
cn: *.example.com
dnstype: a
dnsdomainname: *.example.com.
dnsipaddr: 192.168.0.100

# DNS TXT record.  This record is used by Kerberos to associate the example.com
# DNS domain with the EXAMPLE.COM Kerberos realm.
#
# NOTE: The trailing '.' is required in the dnscname field!  This is a bug
# which will be fixed in a future release of ldap2dns.  The trailing '.' is not
# published in the resulting DNS record.
#
dn: cn=TXT-_kerberos.example.com,cn=example.com,ou=DNS,dc=example,dc=com
objectClass: top
objectClass: dnszone
objectClass: dnsrrset
cn: TXT-_kerberos.example.com
dnstype: txt
dnsdomainname: _kerberos.example.com.
dnscname: EXAMPLE.COM.

# SRV record.  This record creates the following BIND SRV record equivalent:
# _kerberos._tcp	IN SRV	0 0 88 krb5kdc.example.com.
dn: cn=SRV-_kerberos._tcp.example.com,cn=example.com,ou=DNS,dc=example,dc=com
objectClass: top
objectClass: dnszone
objectClass: dnsrrset
cn: SRV-_kerberos._tcp.example.com
dnstype: srv
dnsdomainname: _kerberos._tcp.example.com.
dnscname: krb5kdc.example.com.
dnssrvpriority: 0
dnssrvweight: 0
dnssrvport: 88

# This record demonstrates ldap2dns+tinydns' ability to create both an A
# record and a PTR record with just one object.  Note that for the PTR record
# to be of any use you would also need to define a zone/SOA for
# 0.168.192.in-addr.arpa and add at least one nameserver record.
dn: cn=APTR-baz.example.com,cn=example.com,ou=DNS,dc=example,dc=com
dnstype: a
objectClass: top
objectClass: dnszone
objectClass: dnsrrset
dnsdomainname: baz.example.com.
cn: APTR-baz.example.com
dnscipaddr: 192.168.0.15

# The following creates a tinydns record location definition and an  A+PTR
# record that is only published in to hosts who fall in the newly defined "Ke"
# location.  This is a way of implementing what BIND calls "views", only ours 
# are per-record instead of per-zone.
# See http://cr.yp.to/djbdns/tinydns-data.html for 
# details on implementation.

# This location matches all hosts whose IP address match 10.6.1.*
dn: dnslocation=Ke,ou=DNS,dc=example.com
objectClass: top
objectClass: dnsloccodes
dnslocation: Ke
dnsipaddr: 10.6.1

# This location matches all hosts on the internet at-large.  This is the
# "catch-all" location and is used to exclude records from other locations.
dn: dnslocation=Ex,ou=DNS,dc=example.com
objectClass: top
objectClass: dnsloccodes
dnslocation: Ex
dnsipaddr: :

# This record is served to hosts matching the Ke location
dn: cn=Ke-quint.example.com,cn=example.com,ou=DNS,dc=example,dc=com
dnstype: a
objectClass: top
objectClass: dnszone
objectClass: dnsrrset
dnslocation: Ke
cn: Ke-quint.example.com
dnscipaddr: 10.6.1.35
dnsdomainname: quint.example.com.

# This record is served to hosts matching the Ex location (everyone NOT
# matching Ke)
dn: cn=Ex-quint.example.com,cn=example.com,ou=DNS,dc=example,dc=com
dnstype: a
objectClass: top
objectClass: dnszone
objectClass: dnsrrset
dnslocation: Ex
cn: Ex-quint.example.com
dnscipaddr: 192.168.0.89
dnsdomainname: quint.example.com.