Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
DHCP 4.3.x cannot contact LDAP Server
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
TopGun_61
n00b
n00b


Joined: 27 Aug 2014
Posts: 4
Location: Switzerland

PostPosted: Thu Jun 08, 2017 12:07 pm    Post subject: DHCP 4.3.x cannot contact LDAP Server Reply with quote

Hi all,

After updating the DHCP Server from version 4.2.x to 4.3.4 I got the following error by starting dhcpd:
Code:
 * dhcpd has detected a syntax error in your configuration files:
Internet Systems Consortium DHCP Server 4.3.4 Gentoo-r0
Copyright 2004-2016 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/
LDAPS session successfully enabled to ldapm.foss-group.int:636
Error: Cannot login into ldap server ldapm.foss-group.int:636: Can't contact LDAP server
Configuration file errors encountered -- exiting

If you think you have received this message due to a bug rather
than a configuration issue please read the section on submitting
bugs on either our web page at www.isc.org or in the README file
before submitting a bug.  These pages explain the proper
process and the information we find helpful for debugging..

exiting.
 * ERROR: dhcpd failed to start


DHCP is successfully contacting the LDAP Server but the login fails.

The configuration which was working with DHCP 4.2.x:
/etc/dhcp/dhcpd.conf
Code:

ldap-server "ldapm.domain.local";
ldap-port 636;
ldap-ssl ldaps;
ldap-tls-ca-file "/etc/ssl/certs/FOSS-Cloud_CA.cert.pem";
ldap-username "cn=dhcp,ou=services,ou=administration,dc=foss-cloud,dc=org";
ldap-password "XXXXXX&#";
ldap-base-dn "ou=dhcp,ou=networks,ou=virtualization,ou=services,dc=foss-cloud,dc=org";
ldap-dhcp-server-cn "dhcp-01";
ldap-method dynamic;


If I replace the domain with the IP address, it works.
Code:

ldap-server "10.1.130.8";
ldap-port 636;
ldap-ssl ldaps;
ldap-tls-ca-file "/etc/ssl/certs/FOSS-Cloud_CA.cert.pem";
ldap-username "cn=dhcp,ou=services,ou=administration,dc=foss-cloud,dc=org";
ldap-password "dV3YNa&#";
ldap-base-dn "ou=dhcp,ou=networks,ou=virtualization,ou=services,dc=foss-cloud,dc=org";
ldap-dhcp-server-cn "dhcp-01";
ldap-method dynamic;


/etc/hosts
Code:

# IPv4 and IPv6 localhost aliases
127.0.0.1       localhost
::1             localhost


192.168.1.8  single.domain.local
10.1.130.8 ldapm.domain.local


We need the domainname in dhcpd.conf. Does somebody has any idea?

Thank you!
Back to top
View user's profile Send private message
Waishon
n00b
n00b


Joined: 14 Jun 2017
Posts: 1

PostPosted: Thu Jun 15, 2017 12:37 am    Post subject: Reply with quote

Hi,

I'm also a member of the foss-community and read the e-mail with the issue.

This seems to be a common issue with the newer versions of isc-dhcp-server.

What I found out is that the dhcp server ignores the /etc/hosts file, so it will send a request to the DNS server "Hey give me the ip of foss-cloud.int", but there is no A-Record for this address available, so it give you the "Can't contact LDAP server" instantaneously. When you now try another address that contains a valid A-Record e.g. foss-cloud.org or google.de the DHCP service waits for an answer until it receives a timeout.

But if you now use a domain with an A-Record that points to 127.0.0.1 e.g localtest.me everything works as expected. Using an ip there is never a DNS request, so this also works fine.

The question is, how to solve this issue? Using "localhost" isn't a workaround?
Maybe we should write a bug report to the isc community
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum