ISC DHCP with ldap in AD?
Rowland Penny
repenny at f2s.com
Mon Mar 11 10:38:11 MDT 2013
On 11/03/13 15:05, Serge NOEL wrote:
> Sorry, i made respond only, and not respond to all...
>
> for now, i have use ldbmodify wich require that your AD is down.
> Please consider that i am doing full tests on how to find the best way
> to manage AD. This is not the only way, but i use it, and it works...
>
> ldbmodify -H CN\=CONFIGURATION\,DC\=NET6A\,DC\=LAN.ldb
> /tmp/oc_provision_schema_modify.ldif --option "dsdb:schema update
> allowed"=true
>
> Think to adapt command for your needs :
> ldbmodify -H *<path to your ldb file>* *<path to .ldif file>* --option
> "dsdb:schema update allowed"=true
>
>
> I use it as it was the first test without complaining of bad
> login/password
>
> Please, keep me informed on your test...
>
> Serge
>
>
>
>
> Hi,
> Thank for your offer :-)
>
> It seems to me your message didn't go in the forum. Maybe it would be
> better to keep it on the forum so others can follow.
>
> Ok I 'm gonna give you bit more detail on my setup and my goals:
>
> We are moving from a samba3 NT domain through samba4 basicaly because
> of the end of XP and we want to be able to manage W7 machine using
> GPO. This part going very well.
>
> We were using openldap as a backend for samba3 domain, isc dhcp and
> bind dns. As our machine will now run samba4 will have to shutdown
> openldap.
No you don't, bit of an overkill really, but you could run openldap on
port 3389 just for dhcp ;-)
Rowland
> The DNS got internal so no problem but we'd like to keep dhcp on ldap.
>
> So I think there is juste one step left for having this to work:
> extend the shema.
>
> Which ldap-utils tools? from samba4? from openldap?
>
>
> 2013/3/11 Serge NOEL <serge.noel2008 at gmail.com
> <mailto:serge.noel2008 at gmail.com>>
>
> Hello,
>
> working on same things, but far at the begining, if your project is
> not too urgent, i can help you.
>
> At first, note that Ldap doesn't have right schema definition, so
> you are right ; we have to extend the schema. I take a look on it
> and it's seems not so difficult.
> You have to gain a .ldif file schema and add it with ldap-utils tools.
>
> Next, you have to inform isc-dhcp to use Ldap and place
> configurations data in the right place.
>
> Notes
> you can't securise Dhcp server because actually, isc-dhcp use
> external file to store leases. (i am looking for a different server
> with this capability)
> you have to modify schema, wich presents some risks on production
> servers.
>
> Hope it can help
> Serge
>
>
>
>
> Le 11/03/2013 13:39, Alexis a écrit :
>
> Hi,
>
> I would like to use samba AD as a backend for my ISC DHCP server.
> As anybody succeed in this?
>
> I guess I should start with adding te openldap schema into the
> AD or
> something like that.
>
> Is there a way to achieve this?
>
>
> Don't know from where to start I would appreciate any link/advice.
>
> Thank you.
>
>
>
>
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the samba-technical
mailing list