[pkg-dhcp-devel] Bug#655364: Server doesn't read LDAP conf correctly
Fabien C.
r112i7oldi3yvkc at jetable.org
Tue Jan 10 16:52:02 UTC 2012
Package: isc-dhcp-server-ldap
Version: 4.1.1-P1-15+squeeze3
Severity: normal
* Summary: I cannot use isc-dhcp-server-ldap from Squeeze with my LDAP configuration. I have an old one (v. 3.0.5) working properly, and the one from unstable (v. 4.2.2-2) working too.
------
Hello,
I used a quite old dhcp server (v3.0.5) compiled with the ldap patch. The schema was inserted into the LDAP server when the DHCP server was compiled, so it may be a bit old (and custom?...)
I tried using the server from Squeeze instead, and it didn't work :
No subnet declaration for eth0
[...]
Not configured to listen on any interfaces!
It seems that the DHCP server now needs a subnet declaration, despite the LDAP configuration, whatever, I added this in dhcpd.conf:
subnet 10.3.0.0 netmask 255.255.0.0
==> Listening on LPF/eth0/... (good, it starts listening)
I launched wireshark to see that it couldn't get it's config:
LDAPMessage searchRequest(4) "cn=DHCP Service Config,conf=Dhcp,ou=City,ou=Servers,dc=mycompany,dc=com" singleLevel
Filter: (!(|(|(objectClass=dhcpTSigKey)(objectClass=dhcpClass))(objectClass=dhcpFailOverPeer)))
==> LDAPMessage searchResDone(4) success (value does not conform to assertion syntax) [0 results]
It founds the dhcpServiceDN attribute correctly (thanks to the "ldap-base-dn" option in dhcpd.conf) which is [cn=DHCP Service Config,...], but then...
The subnets and hosts configuration is within the subtree (cn=DHCP Service Config,...) but the request returns 0 result because of the filter. I have no dhcpTSigKey, dhcpClass or dhcpFailOverPeer in my subtree. The first son of [cn=DHCP Service Config,...] is a dhcpSharedNetwork one (as explained in the package file /usr/share/doc/isc-dhcp-server-ldap/README.ldap.gz).
The DHCP server version from Sid however (v. 4.2.2-2) doesn't use such a filter (it uses objectClass=*) and it manages to read the configuration properly (according to wireshark, but I didn't tested further though).
Do you know where the problem comes from?
Thank you,
Fabien
PS: You can find the problematic filter on line 1772 of dhcp-4.1.0-ldap-code.dpatch within the source pkg.
-- System Information:
Debian Release: 6.0.3
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.32-5-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages isc-dhcp-server-ldap depends on:
ii debianutils 3.4 Miscellaneous utilities specific t
ii isc-dhcp-common 4.1.1-P1-15+squeeze3 common files used by all the isc-d
ii isc-dhcp-server 4.1.1-P1-15+squeeze3 ISC DHCP server for automatic IP a
ii libc6 2.11.2-10 Embedded GNU C Library: Shared lib
ii libldap-2.4-2 2.4.23-7.2 OpenLDAP libraries
ii libssl0.9.8 0.9.8o-4squeeze4 SSL shared libraries
isc-dhcp-server-ldap recommends no packages.
isc-dhcp-server-ldap suggests no packages.
-- no debconf information
More information about the pkg-dhcp-devel
mailing list