[Freeipa-users] FreeIPA + DHCP-LDAP - Fedora 24 - broken

Raul Dias raul at dias.com.br
Mon Nov 7 16:45:02 UTC 2016 

You are right,

This might be more a Fedora issue than FreeIPA. I am hoping that someone 
else is also using DHCP with LDAP (specially with FreeIPA).

I am using the IPA-dhcp plugin: https://github.com/jefferyharrell/IPA-dhcp

ldapsearch -x shows the entries are fine in the LDAP.

Stracing dhcpd shows that it is not making any connection to the LDAP, 
while it shows an error message.

On Fedora 24 (updated), I am using dhcp-server-4.3.4.fc24

/etc/dhcp/dhcpd.conf:
     ldap-server "10.101.1.1"; #or localhost, or any interface ip or ns name
     ldap-port 389;
     ldap-base-dn "cn=dhcp,dc=dias,dc=com,dc=br";
     ldap-method static;
     ldap-debug-file "/var/log/dhcp-ldap-startup.log";

The STDERR output acts as if it were talking to the LDAP server:

     Cannot find host LDAP entry server.dias.com.br 
(&(objectClass=dhcpServer)(cn=server.dias.com.br))

As the output of ldapsearch, the entry is there:
     # server.dias.com.br, dhcp, dias.com.br
     dn: cn=server.dias.com.br,cn=dhcp,dc=dias,dc=com,dc=br
     objectClass: dhcpserver
     objectClass: top
     dhcpServiceDN: cn=dhcp,dc=dias,dc=com,dc=br
     cn: server.dias.com.br
     dhcpStatements: authoritative

Using the same config on a ubuntu host, it works fine, which makes me 
wonder that dhcpd in Fedora 24 does not work at all with LDAP.

Or maybe this is a reflection of some FreeIPA server way of life 
configuration, like sssd.

-rsd


On 07/11/2016 05:10, Petr Spacek wrote:
> On 6.11.2016 06:06, Raul Dias wrote:
>> Hello,
>>
>> It seems that DHCP with LDAP on Fedora 24 (FreeIPA) is broken.
>>
>> Can anyone confirm?
>>
>> Doing an strace -e trace=network does not show any attempt to connect to the
>> ldap server.
>>
>> OTOH, the same config on a Ubuntu 16.10 works fine.
> Hello,
>
> AFAIK DHCP support was never part of official FreeIPA builds. What are you
> trying to achieve and where did you get the builds?
>
> We need to know exact software versions and configuration. For further hints
> how to report bugs please see
> http://www.freeipa.org/page/Troubleshooting#Reporting_bugs
>

More information about the Freeipa-users mailing list