dhcp 4.3.2 with ldap backend
Kristof Van Doorsselaere
kristof.vandoorsselaere at hogent.be
Mon May 11 10:59:53 UTC 2015
>> Does this also work if you use "-H ldaps://..."?
Yes, but only if I remove the -Z option, else I get:
additional info: TLS already started
Kristof
On 11/05/15 10:53, "Peter Rathlev" <peter at rathlev.dk> wrote:
>On Mon, 2015-05-11 at 06:46 +0000, Kristof Van Doorsselaere wrote:
>> I just tested ldapsearch on this new dhcp server, and so far, this
>> seems to work for me, example:
>>
>> [root@ new_server ~]# ldapsearch -Z -LLL -b “dc=example,dc=com" \
>> -H ldap://ldaptest.example.com -D “uid=admin,dc=example,dc=com" \
>> -W "(&(objectClass=dhcpHost)(dhcpHWAddress=ethernet 00:02:b3:d0:2a:ca))"
>> Enter LDAP Password:
>> dn: cn=0002b3d02aca,cn=CA-NET,cn=DHCP Service Config,dc=example,dc=com
>...
>
>Does this also work if you use "-H ldaps://..."?
>
>> Also when I disable ldap-ssl: —> ldap-ssl off , it refuses to start:
>>
>> May 11 08:43:13 new_server systemd: Starting IPv4 DHCP server on ...
>> May 11 08:43:13 new_server dhcpd: Error: Cannot login into ldap server \
>> ldaptest.example.com:389: Can't contact LDAP server
>> May 11 08:43:13 new_server dhcpd: Configuration file errors encountered \
>> -- exiting
>>
>> And in all cases, I don’t see any connections towards my ldap server.
>
>Just a shot in the dark, but could it be related to SELinux? Does it
>give you the same errors if you try "setenforce 0" first?
>
>--
>Peter
>
>_______________________________________________
>dhcp-users mailing list
>dhcp-users at lists.isc.org
>https://lists.isc.org/mailman/listinfo/dhcp-users
More information about the dhcp-users
mailing list