Mac Authentication
Markus Schabel
markus.schabel at tgm.ac.at
Mon Sep 8 16:57:13 UTC 2003
Brian Masney wrote:
> On Mon, Sep 08, 2003 at 05:50:30PM +0200, Markus Schabel wrote:
>
>>Keith Patton wrote:
>>
>>><snip/>
>>>I was thinking about having dhcp query our corp wide ldap database for
>>>valid mac addresses. The ldap would contain a branch that would be
>>>equivalent to the host statement in the dhcp.conf file.
>>
>>That seems like a good solution. Take a look at the dhcp-ldap-patch:
>>http://home.ntelos.net/~masneyb/ - it is documented that it queries the
>>directory for each DHCP request, but here it doesn't seem to do this,
>>instead it is reading LDAP at startup and that was it. (You can
>>configure this, maybe I've just done wrong..) - Works fine (but the
>>patched dhcp version here is a few months old, so I'm not sure if it
>>applies on the actual release candidate)
>
>
> The patch on my website is against 3.0.11rc11. I hope to have a patch out for
> rc12 in a day or two. (it's fairly trivial to do, I just need to find the
> time to do it.)
I've changed the schema to work with OpenLDAP 2.1.x - not sure if you
have already done this, if you want you can have a look at my modified
version...
(and the debian-style of the patch is a bit strange - shouldn't it be
called dhcp3-server-ldap or something similar? so that when you do a
dpkg-buildpackage you have all common dhcp3-* packages and additionally
the -ldap package?)
> I have received a lot of positive feedback about this patch. I would eventually
> like to see it get merged into the main DHCP distribution. (hint hint ;)
That would be great... (or at least in the debian dhcp distribution)
regards markus
More information about the dhcp-hackers
mailing list