Ldap support is not working properly.

Rogov Stepan rogov at promo.ru
Wed Jul 28 14:15:04 UTC 2010 

Hi there!

I download and installed DHCP 4.2.0,it is configured  --with-ldap and
--with-ldapcrypto. And define DEBUG_LDAP.

When i run it:
./server/dhcpd -f eth1
Internet Systems Consortium DHCP Server 4.2.0
Copyright 2004-2010 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/
Connecting to LDAP server office.mirror.ldap.xxx.yy:636
LDAPS session successfully enabled to office.mirror.ldap.xxx.yy:636
Successfully logged into LDAP server office.mirror.ldap.xxx.yy
Found dhcpServer LDAP entry
'cn=lan.xxx.yy,ou=DHCP_Servers,ou=Services,dc=xxx,dc=yy'
LDAP: Parsing dhcpServer options
'cn=lan.xxx.yy,ou=DHCP_Servers,ou=Services,dc=xxx,dc=yy' ...
LDAP: Parsing dhcpService DN
'cn=Computers,ou=DHCP_Servers,ou=Services,dc=xxx,dc=yy' ...
Wrote 0 leases to leases file.


No subnet declaration for eth1 (172.30.0.1).
** Ignoring requests on eth1.  If this is not what
   you want, please write a subnet declaration
   in your dhcpd.conf file for the network segment
   to which interface eth1 is attached. **


Not configured to listen on any interfaces!
<cut here>
exiting.

But I have defined subnet "172.30.0.0" in ldap.
Also no effect using the following attributes: "dhcpSubnetDN",
"dhcpGroupDN", "dhcpHostDN", etc. Debug messqge "Parsing external DNs
for..." does not appear.

__________________________________
Here is my dhcpd.conf:
option domain-name "example.org";
ldap-server "office.mirror.ldap.xxx.yy";
ldap-port 636;
ldap-ssl ldaps;
ldap-username "cn=gatekeeper,dc=xxx,dc=yy";
ldap-password "mega_password";
ldap-base-dn "dc=xxx,dc=yy";
ldap-tls-cert "/etc/openldap/ssl/client.crt";
ldap-tls-key "/etc/openldap/ssl/client.key";
ldap-tls-ca-file "/etc/openldap/ssl/xxx.yy.ca.crt";
ldap-method dynamic;
ldap-debug-file "/var/log/dhcp-ldap-startup.log";
ldap-dhcp-server-cn "lan.xxx.yy";


dhcp-ldap-startup.log:
# cat /var/log/dhcp-ldap-startup.log
option routers 172.30.0.1;
option domain-name-servers 8.8.8.8, 8.8.4.4;


Here is ldap tree:
dn: ou=DHCP_Servers,ou=Services,dc=xxx,dc=yy
objectClass: top
objectClass: organizationalUnit
ou: DHCP_Servers

dn: cn=lan.xxx.yy,ou=DHCP_Servers,ou=Services,dc=xxx,dc=yy
objectClass: top
objectClass: dhcpServer
cn: lan.xxx.yy
dhcpServiceDN: cn=Computers,ou=DHCP_Servers,ou=Services,dc=xxx,dc=yy
dhcpOption: routers 172.30.0.1
dhcpOption: domain-name-servers 8.8.8.8, 8.8.4.4

dn: cn=Computers,ou=DHCP_Servers,ou=Services,dc=xxx,dc=yy
objectClass: top
objectClass: dhcpService
cn: Computers
dhcpPrimaryDN: cn=lan.xxx.yy,ou=DHCP_Servers,ou=Services,dc=xxx,dc=yy
dhcpStatements: ddns-update-style none
dhcpStatements: get-lease-hostnames true
dhcpStatements: use-host-decl-names true
dhcpStatements: default-lease-time 7200
dhcpStatements: max-lease-time 14400
dhcpOption: domain-name "lan.xxx.yy"
dhcpSubnetDN:
cn=172.30.0.0,cn=Computers,ou=DHCP_Servers,ou=Services,dc=xxx,dc=yy

dn: cn=172.30.0.0,cn=Computers,ou=DHCP_Servers,ou=Services,dc=xxx,dc=yy
cn: 172.30.0.0
dhcpHostDN: ou=Users,dc=xxx,dc=yy
dhcpNetMask: 15
dhcpOption: domain-name-servers  8.8.8.8, 8.8.4.4
dhcpOption: routers 172.30.0.1
dhcpOption: subnet-mask 255.254.0.0
dhcpOption: broadcast-address 172.31.255.255
dhcpRange: 172.30.0.2 172.30.0.200
objectClass: top
objectClass: dhcpSubnet
objectClass: dhcpOptions

More information about the dhcp-users mailing list