Ldap support is not working properly.
Rogov Stepan
rogov at promo.ru
Wed Jul 28 14:15:04 UTC 2010
Hi there!
I download and installed DHCP 4.2.0,it is configured --with-ldap and
--with-ldapcrypto. And define DEBUG_LDAP.
When i run it:
./server/dhcpd -f eth1
Internet Systems Consortium DHCP Server 4.2.0
Copyright 2004-2010 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/
Connecting to LDAP server office.mirror.ldap.xxx.yy:636
LDAPS session successfully enabled to office.mirror.ldap.xxx.yy:636
Successfully logged into LDAP server office.mirror.ldap.xxx.yy
Found dhcpServer LDAP entry
'cn=lan.xxx.yy,ou=DHCP_Servers,ou=Services,dc=xxx,dc=yy'
LDAP: Parsing dhcpServer options
'cn=lan.xxx.yy,ou=DHCP_Servers,ou=Services,dc=xxx,dc=yy' ...
LDAP: Parsing dhcpService DN
'cn=Computers,ou=DHCP_Servers,ou=Services,dc=xxx,dc=yy' ...
Wrote 0 leases to leases file.
No subnet declaration for eth1 (172.30.0.1).
** Ignoring requests on eth1. If this is not what
you want, please write a subnet declaration
in your dhcpd.conf file for the network segment
to which interface eth1 is attached. **
Not configured to listen on any interfaces!
<cut here>
exiting.
But I have defined subnet "172.30.0.0" in ldap.
Also no effect using the following attributes: "dhcpSubnetDN",
"dhcpGroupDN", "dhcpHostDN", etc. Debug messqge "Parsing external DNs
for..." does not appear.
__________________________________
Here is my dhcpd.conf:
option domain-name "example.org";
ldap-server "office.mirror.ldap.xxx.yy";
ldap-port 636;
ldap-ssl ldaps;
ldap-username "cn=gatekeeper,dc=xxx,dc=yy";
ldap-password "mega_password";
ldap-base-dn "dc=xxx,dc=yy";
ldap-tls-cert "/etc/openldap/ssl/client.crt";
ldap-tls-key "/etc/openldap/ssl/client.key";
ldap-tls-ca-file "/etc/openldap/ssl/xxx.yy.ca.crt";
ldap-method dynamic;
ldap-debug-file "/var/log/dhcp-ldap-startup.log";
ldap-dhcp-server-cn "lan.xxx.yy";
dhcp-ldap-startup.log:
# cat /var/log/dhcp-ldap-startup.log
option routers 172.30.0.1;
option domain-name-servers 8.8.8.8, 8.8.4.4;
Here is ldap tree:
dn: ou=DHCP_Servers,ou=Services,dc=xxx,dc=yy
objectClass: top
objectClass: organizationalUnit
ou: DHCP_Servers
dn: cn=lan.xxx.yy,ou=DHCP_Servers,ou=Services,dc=xxx,dc=yy
objectClass: top
objectClass: dhcpServer
cn: lan.xxx.yy
dhcpServiceDN: cn=Computers,ou=DHCP_Servers,ou=Services,dc=xxx,dc=yy
dhcpOption: routers 172.30.0.1
dhcpOption: domain-name-servers 8.8.8.8, 8.8.4.4
dn: cn=Computers,ou=DHCP_Servers,ou=Services,dc=xxx,dc=yy
objectClass: top
objectClass: dhcpService
cn: Computers
dhcpPrimaryDN: cn=lan.xxx.yy,ou=DHCP_Servers,ou=Services,dc=xxx,dc=yy
dhcpStatements: ddns-update-style none
dhcpStatements: get-lease-hostnames true
dhcpStatements: use-host-decl-names true
dhcpStatements: default-lease-time 7200
dhcpStatements: max-lease-time 14400
dhcpOption: domain-name "lan.xxx.yy"
dhcpSubnetDN:
cn=172.30.0.0,cn=Computers,ou=DHCP_Servers,ou=Services,dc=xxx,dc=yy
dn: cn=172.30.0.0,cn=Computers,ou=DHCP_Servers,ou=Services,dc=xxx,dc=yy
cn: 172.30.0.0
dhcpHostDN: ou=Users,dc=xxx,dc=yy
dhcpNetMask: 15
dhcpOption: domain-name-servers 8.8.8.8, 8.8.4.4
dhcpOption: routers 172.30.0.1
dhcpOption: subnet-mask 255.254.0.0
dhcpOption: broadcast-address 172.31.255.255
dhcpRange: 172.30.0.2 172.30.0.200
objectClass: top
objectClass: dhcpSubnet
objectClass: dhcpOptions
More information about the dhcp-users
mailing list