LDAP schema

Michael Ströder michael at stroeder.com
Sat Dec 6 18:57:38 UTC 2014


Brendan,

Michael Ströder wrote:
> Brendan Kearney wrote:
>> i make no guarantees that the ldif will work for you.  see attached.
> 
> I had to add/rearrange some entries to make your example LDIF file work with
> the complete tree structure (attached).

I have a question regarding semantics of 'dhcpSubclassesDN'.

In your LDIF example file there's the following attribute value:

dhcpsubclassesdn: ou=DHCP SubClasses,cn=DHCP Config,[..]

Obviously this points to a container entry (I had to add) and not to a entry
of object class 'dhcpSubClass'.

Is that the right use?

For those of you using OpenLDAP you might want to check out and comment on the
constraints attached below. I had to disable the constraint for
'dhcpServiceDN' because in the example LDIF file there are forward and
backward references from/to 'dhcpService' and the 'dhcpServer' entries causing
hen-and-egg (or egg-and-hen) problem.

Ciao, Michael.

--------------------------- OpenLDAP constraints ----------------------------
constraint_attribute
  dhcpHWAddress
  regex "^(ethernet|token-ring|fddi) ([0-9a-f]{2}\:){5}[0-9a-f]{2}$"

constraint_attribute
  dhcpPrimaryDN,dhcpSecondaryDN,dhcpFailOverPeerDN
  uri "ldap:///dc=stroeder,dc=de?entryDN?sub?(objectClass=dhcpServer)"

constraint_attribute
  dhcpOptionsDN
  uri "ldap:///dc=stroeder,dc=de?entryDN?sub?(objectClass=dhcpOptions)"

constraint_attribute
  dhcpHostDN,dhcpReservedForClient,dhcpAssignedToClient
  uri "ldap:///dc=stroeder,dc=de?entryDN?sub?(objectClass=dhcpHost)"

constraint_attribute
  dhcpPoolDN
  uri "ldap:///dc=stroeder,dc=de?entryDN?sub?(objectClass=dhcpPool)"

constraint_attribute
  dhcpGroupDN
  uri "ldap:///dc=stroeder,dc=de?entryDN?sub?(objectClass=dhcpGroup)"

constraint_attribute
  dhcpSubnetDN
  uri "ldap:///dc=stroeder,dc=de?entryDN?sub?(objectClass=dhcpSubnet)"

constraint_attribute
  dhcpLeaseDN,dhcpLeasesDN
  uri "ldap:///dc=stroeder,dc=de?entryDN?sub?(objectClass=dhcpLeases)"

constraint_attribute
  dhcpClassesDN
  uri "ldap:///dc=stroeder,dc=de?entryDN?sub?(objectClass=dhcpClass)"

constraint_attribute
  dhcpSubclassesDN
  uri "ldap:///dc=stroeder,dc=de?entryDN?sub?(objectClass=dhcpSubclass)"

constraint_attribute
  dhcpSharedNetworkDN
  uri "ldap:///dc=stroeder,dc=de?entryDN?sub?(objectClass=dhcpSharedNetwork)"

#constraint_attribute
#  dhcpServiceDN
#  uri "ldap:///dc=stroeder,dc=de?entryDN?sub?(objectClass=dhcpService)"


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4252 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://lists.isc.org/pipermail/dhcp-users/attachments/20141206/23f0be63/attachment.bin>


More information about the dhcp-users mailing list