ISC DHCP with ldap in AD?

Serge NOEL serge.noel2008 at gmail.com
Mon Mar 11 09:05:32 MDT 2013 

Sorry, i made respond only, and not respond to all...

for now, i have use ldbmodify wich require that your AD is down. Please 
consider that i am doing full tests on how to find the best way to 
manage AD. This is not the only way, but i use it, and it works...

ldbmodify -H CN\=CONFIGURATION\,DC\=NET6A\,DC\=LAN.ldb 
/tmp/oc_provision_schema_modify.ldif --option "dsdb:schema update 
allowed"=true

Think to adapt command for your needs :
ldbmodify -H *<path to your ldb file>* *<path to .ldif file>* --option 
"dsdb:schema update allowed"=true


I use it as it was the first test without complaining of bad login/password

Please, keep me informed on your test...

Serge




Hi,
Thank for your offer :-)

It seems to me your message didn't go in the forum. Maybe it would be 
better to keep it on the forum so others can follow.

Ok I 'm gonna give you bit more detail on my setup and my goals:

We are moving from a samba3 NT domain through samba4 basicaly because of 
the end of XP and we want to be able to manage W7 machine using GPO. 
This part going very well.

We were using openldap as a backend for samba3 domain, isc dhcp and bind 
dns. As our machine will now run samba4 will have to shutdown openldap.
The DNS got internal so no problem but we'd like to keep dhcp on ldap.

So I think there is juste one step left for having this to work: extend 
the shema.

Which ldap-utils tools? from samba4? from openldap?


2013/3/11 Serge NOEL <serge.noel2008 at gmail.com 
<mailto:serge.noel2008 at gmail.com>>

    Hello,

    working on same things, but far at the begining, if your project is
    not too urgent, i can help you.

    At first, note that Ldap doesn't have right schema definition, so
    you are right ; we have to extend the schema. I take a look on it
    and it's seems not so difficult.
    You have to gain a .ldif file schema and add it with ldap-utils tools.

    Next, you have to inform isc-dhcp to use Ldap and place
    configurations data in the right place.

    Notes
       you can't securise Dhcp server because actually, isc-dhcp use
    external file to store leases. (i am looking for a different server
    with this capability)
       you have to modify schema, wich presents some risks on production
    servers.

    Hope it can help
    Serge




    Le 11/03/2013 13:39, Alexis a écrit :

        Hi,

        I would like to use samba AD as a backend for my ISC DHCP server.
        As anybody succeed in this?

        I guess I should start with adding te openldap schema into the AD or
        something like that.

        Is there a way to achieve this?


        Don't know from where to start I would appreciate any link/advice.

        Thank you.

More information about the samba-technical mailing list