Last modified 14 hours ago Last modified on 12/08/16 12:18:21


This is a new LDAP driver for BIND9.

It allows you to read data and also write data back (DNS Updates) to an LDAP backend.

Driver versions <= 10 use unofficial "dynamic database" API so you would need patches for official BIND9.

The new version v11 is compatible with BIND 9.11 out-of-the-box so you do not need to patch BIND to use it. Stay tuned for the release - comming out soon!

Documentation and support

Lastest documentation is available inside README in Git.

More detailed information is in wiki articles:

This plugin is used extensively by FreeIPA project. Best place to post your questions is freeipa-users mailing list. You can also look into mailing list archive.

Did you encounter a bug? Please follow bug reporting guideline. Thank you!

Source code

The latest release is available at

Web interface to git repository is available at


Notes about Fedora package release process

Design documents

(please read General considerations)


Notes about BIND internals

Design goals and core decisions

  • bind-dyndb-ldap was developed for needs of FreeIPA project (but it can be used independently, e.g. with OpenLDAP)
  • FreeIPA defines most of bind-dyndb-ldap's high-level goals
  • Today, some functionality and code overlaps with existing software. The open question is if we should do something about it, and what happens if we do not do anything. For further details see article about Maintainability.