| View previous topic :: View next topic |
| Author |
Message |
TopGun_61
n00b
Joined: 27 Aug 2014
Posts: 4
Location: Switzerland
|
 Posted: Thu Jun 08, 2017 12:07 pm Post subject: DHCP 4.3.x cannot contact LDAP Server |
 |
|
Hi all,
After updating the DHCP Server from version 4.2.x to 4.3.4 I got the following error by starting dhcpd:
| Code: | * dhcpd has detected a syntax error in your configuration files:
Internet Systems Consortium DHCP Server 4.3.4 Gentoo-r0
Copyright 2004-2016 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/
LDAPS session successfully enabled to ldapm.foss-group.int:636
Error: Cannot login into ldap server ldapm.foss-group.int:636: Can't contact LDAP server
Configuration file errors encountered -- exiting
If you think you have received this message due to a bug rather
than a configuration issue please read the section on submitting
bugs on either our web page at www.isc.org or in the README file
before submitting a bug. These pages explain the proper
process and the information we find helpful for debugging..
exiting.
* ERROR: dhcpd failed to start |
DHCP is successfully contacting the LDAP Server but the login fails.
The configuration which was working with DHCP 4.2.x:
/etc/dhcp/dhcpd.conf
| Code: |
ldap-server "ldapm.domain.local";
ldap-port 636;
ldap-ssl ldaps;
ldap-tls-ca-file "/etc/ssl/certs/FOSS-Cloud_CA.cert.pem";
ldap-username "cn=dhcp,ou=services,ou=administration,dc=foss-cloud,dc=org";
ldap-password "XXXXXX&#";
ldap-base-dn "ou=dhcp,ou=networks,ou=virtualization,ou=services,dc=foss-cloud,dc=org";
ldap-dhcp-server-cn "dhcp-01";
ldap-method dynamic; |
If I replace the domain with the IP address, it works.
| Code: |
ldap-server "10.1.130.8";
ldap-port 636;
ldap-ssl ldaps;
ldap-tls-ca-file "/etc/ssl/certs/FOSS-Cloud_CA.cert.pem";
ldap-username "cn=dhcp,ou=services,ou=administration,dc=foss-cloud,dc=org";
ldap-password "dV3YNa&#";
ldap-base-dn "ou=dhcp,ou=networks,ou=virtualization,ou=services,dc=foss-cloud,dc=org";
ldap-dhcp-server-cn "dhcp-01";
ldap-method dynamic; |
/etc/hosts
| Code: |
# IPv4 and IPv6 localhost aliases
127.0.0.1 localhost
::1 localhost
192.168.1.8 single.domain.local
10.1.130.8 ldapm.domain.local
|
We need the domainname in dhcpd.conf. Does somebody has any idea?
Thank you! |
|
| Back to top |
|
 |
Waishon
n00b
Joined: 14 Jun 2017
Posts: 1
|
| Posted: Thu Jun 15, 2017 12:37 am Post subject: |
|
|
Hi,
I'm also a member of the foss-community and read the e-mail with the issue.
This seems to be a common issue with the newer versions of isc-dhcp-server.
What I found out is that the dhcp server ignores the /etc/hosts file, so it will send a request to the DNS server "Hey give me the ip of foss-cloud.int", but there is no A-Record for this address available, so it give you the "Can't contact LDAP server" instantaneously. When you now try another address that contains a valid A-Record e.g. foss-cloud.org or google.de the DHCP service waits for an answer until it receives a timeout.
But if you now use a domain with an A-Record that points to 127.0.0.1 e.g localtest.me everything works as expected. Using an ip there is never a DNS request, so this also works fine.
The question is, how to solve this issue? Using "localhost" isn't a workaround?
Maybe we should write a bug report to the isc community |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Networking & Security
