DHCP + ldap

Richard Pijnenburg richard at softwaredev.nl
Tue May 11 07:33:48 UTC 2010


Hi all,

I've been doing some more work with it.
I can define the hosts on the fly, but the subnets need to be specified
before starting the dhcp server.
Adding a subnet to the shared network while the dhcp server is running it
won't see it.

I hoped this could be different, or is it not possible due to the design
of dhcpd?

best regards,

Richard Pijnenburg

On Mon, 10 May 2010 21:03:58 +0200, "Richard Pijnenburg"
<richard at softwaredev.nl> wrote:
> I have it working :-)
> Seems that in the 4.2.0b1 the ldap is broken.
> In version 4.1.1 with the manual patch it works immediately.
> Looks like it will take some work for the new version.
> 
> Regards,
> 
> Richard
> 
> -----Original Message-----
> From: dhcp-users-bounces+richard=softwaredev.nl at lists.isc.org
> [mailto:dhcp-users-bounces+richard=softwaredev.nl at lists.isc.org] On
Behalf
> Of Richard Pijnenburg
> Sent: maandag 10 mei 2010 19:18
> To: 'Users of ISC DHCP'
> Subject: RE: DHCP + ldap
> 
> Hi Glenn,
> 
> No luck so far.
> Basically all data should be in the ldap database but for some reason
it's
> not getting it.
> Also nothing is being written in the debug logfile.
> Seems there are some bugs in it :-(
> 
> Regards,
> 
> Richard
> 
> -----Original Message-----
> From: dhcp-users-bounces+richard=softwaredev.nl at lists.isc.org
> [mailto:dhcp-users-bounces+richard=softwaredev.nl at lists.isc.org] On
Behalf
> Of Glenn Satchell
> Sent: maandag 10 mei 2010 16:04
> To: Users of ISC DHCP
> Subject: Re: DHCP + ldap
> 
> Hi Richard
> 
> In dhcpd.conf you have defined the subnet 192.168.3.0/24, and the dhcp 
> server is 192.168.3.1. That's all fine, but you can't hand out an 
> address of 192.168.4.x if you haven't defined that subnet. So the dhcp 
> server falls back to offering a dynamic address, but there is no dynamic

> range defined, so there are no leases to offer.
> 
> There are a few ways to overcome this, depending on your network setup.
> 
> - Offer a fixed address in the correct subnet range, 192.168.3.x
> 
> - Create a shared network for 192.168.3.0/24 and 192.168.4.0/24
> 
> - Create a new subnet 192.168.4.0/24 and set up an appropriate relay, if

> it is a separate network.
> 
> BTW, none of the above is related to the ldap patch.
> 
> regards,
> -glenn
> 
> On 05/10/10 18:58, Richard Pijnenburg wrote:
>> Dear list,
>>
>> Ive sent the following to the maker of the ldap patch, david, but
>> perhaps some one here can help me as well.
>>
>> ----
>>
>> The ldap server part works perfectly after some modifications.
>>
>> So I went to the dhcp server part.
>>
>> I've added the rules and came across some small issues.
>>
>> in the dhcp.conf I had to add the config rule "ldap-dhcp-server-cn"
>> because you assume that the sever hostname is being used.
>>
>> In my own case this wasn't handy.
>>
>> The config rule isn't in the documentation but found it in the source
> code.
>>
>> second: I don't see anything being logged into the ldap-debug-file.
>>
>> third: I got 2 compile errors when I enabled the DEBUG_LDAP rule at the
>> following rules:
>>
>> log_info ("Adding contents of subtree '%s' to config stack from '%s'
>> reference", tempbv[j], search[i]);
>>
>> log_info ("LDAP: Parsing dhcpService DN '%s' ...", tempbv[cnt]);
>>
>> I don't have the complete message but it was about it was expecting a
>> char but got something else.
>>
>> And most important is that it doesn't give out any dhcp ip's.
>>
>> After I enabled debug I see this:
>>
>> Searching for (&(objectClass=dhcpHost)(dhcpHWAddress=ethernet
>> 00:50:56:b8:01:87)) in LDAP tree cn=DHCP Config,dc=ldapserver,dc=local
>>
>> Found dhcpHWAddress LDAP entry cn=my.host.name,cn=192.168.4.0,cn=DHCP
>> Config,dc=ldapserver,dc=local
>>
>> Sending the following options: 'next-server 192.168.2.10;
>>
>> filename "pxelinux.0";
>>
>> fixed-address 192.168.4.20;
>>
>> '
>>
>> DHCPDISCOVER from 00:50:56:b8:01:87 via eth1: network 192.168.3.0/24:
no
>> free leases
>>
>> below you will find the slapd.conf and dhcpd.conf (passwords changed
>> ofcourse ):
>>
>> -- slapd.conf --
>>
>> include /etc/openldap/schema/core.schema
>>
>> include /etc/openldap/schema/cosine.schema
>>
>> include /etc/openldap/schema/inetorgperson.schema
>>
>> include /etc/openldap/schema/nis.schema
>>
>> include /etc/openldap/schema/dhcp.schema
>>
>> index dhcpHWAddress eq
>>
>> index dhcpClassData eq
>>
>> allow bind_v2
>>
>> pidfile /var/run/openldap/slapd.pid
>>
>> argsfile /var/run/openldap/slapd.args
>>
>> database bdb
>>
>> suffix "dc=ldapserver,dc=local"
>>
>> rootdn "cn=root,dc=ldapserver,dc=local"
>>
>> rootpw {SSHA}ECKv2sa9F2kP46OwVJAD9oZGUezOL++z
>>
>> directory /var/lib/ldap
>>
>> index objectClass eq,pres
>>
>> index ou,cn,mail,surname,givenname eq,pres,sub
>>
>> index uidNumber,gidNumber,loginShell eq,pres
>>
>> index uid,memberUid eq,pres,sub
>>
>> index nisMapName,nisMapEntry eq,pres,sub
>>
>> -- dhcp.conf --
>>
>> log-facility local7;
>>
>> subnet 192.168.3.0 netmask 255.255.255.0 {
>>
>> }
>>
>> ldap-server "localhost";
>>
>> ldap-port 389;
>>
>> ldap-username "cn=root,dc=ldapserver,dc=local";
>>
>> ldap-password "myprivatepassword";
>>
>> ldap-base-dn "dc=ldapserver,dc=local";
>>
>> ldap-dhcp-server-cn "root";
>>
>> ldap-method dynamic;
>>
>> ldap-debug-file "/var/log/dhcp-ldap-startup.log";
>>
>> in this case the server has 192.168.3.1 as IP address and i try to give
>> out 192.168.4.x IP via a fixed IP from the mac address.
>>
>> according to the debug message it found the host and got the
information
>> and is sending it.
>>
>> But on the other hand it seems it doesn't parse it correctly or
>> something.
>>
>> I hope some one can give me a hint what i'm doing wrong.
>>
>> With best regards,
>>
>> Richard Pijnenburg
>>
> _______________________________________________
> dhcp-users mailing list
> dhcp-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/dhcp-users
> 
> 
> Geen virus gevonden in het binnenkomende-bericht.
> Gecontroleerd door AVG - www.avg.com 
> Versie: 9.0.819 / Virusdatabase: 271.1.1/2865 - datum van uitgifte:
> 05/10/10
> 08:26:00
> 
> _______________________________________________
> dhcp-users mailing list
> dhcp-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/dhcp-users
> 
> 
> Geen virus gevonden in het binnenkomende-bericht.
> Gecontroleerd door AVG - www.avg.com 
> Versie: 9.0.819 / Virusdatabase: 271.1.1/2865 - datum van uitgifte:
> 05/10/10
> 08:26:00
> 
> _______________________________________________
> dhcp-users mailing list
> dhcp-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/dhcp-users



More information about the dhcp-users mailing list