ISC DHCP with ldap in AD?

Rowland Penny repenny at f2s.com
Mon Mar 11 10:38:11 MDT 2013 

On 11/03/13 15:05, Serge NOEL wrote:
> Sorry, i made respond only, and not respond to all...
>
> for now, i have use ldbmodify wich require that your AD is down. 
> Please consider that i am doing full tests on how to find the best way 
> to manage AD. This is not the only way, but i use it, and it works...
>
> ldbmodify -H CN\=CONFIGURATION\,DC\=NET6A\,DC\=LAN.ldb 
> /tmp/oc_provision_schema_modify.ldif --option "dsdb:schema update 
> allowed"=true
>
> Think to adapt command for your needs :
> ldbmodify -H *<path to your ldb file>* *<path to .ldif file>* --option 
> "dsdb:schema update allowed"=true
>
>
> I use it as it was the first test without complaining of bad 
> login/password
>
> Please, keep me informed on your test...
>
> Serge
>
>
>
>
> Hi,
> Thank for your offer :-)
>
> It seems to me your message didn't go in the forum. Maybe it would be 
> better to keep it on the forum so others can follow.
>
> Ok I 'm gonna give you bit more detail on my setup and my goals:
>
> We are moving from a samba3 NT domain through samba4 basicaly because 
> of the end of XP and we want to be able to manage W7 machine using 
> GPO. This part going very well.
>
> We were using openldap as a backend for samba3 domain, isc dhcp and 
> bind dns. As our machine will now run samba4 will have to shutdown 
> openldap.

No you don't, bit of an overkill really, but you could run openldap on 
port 3389 just for dhcp ;-)

Rowland

> The DNS got internal so no problem but we'd like to keep dhcp on ldap.
>
> So I think there is juste one step left for having this to work: 
> extend the shema.
>
> Which ldap-utils tools? from samba4? from openldap?
>
>
> 2013/3/11 Serge NOEL <serge.noel2008 at gmail.com 
> <mailto:serge.noel2008 at gmail.com>>
>
>    Hello,
>
>    working on same things, but far at the begining, if your project is
>    not too urgent, i can help you.
>
>    At first, note that Ldap doesn't have right schema definition, so
>    you are right ; we have to extend the schema. I take a look on it
>    and it's seems not so difficult.
>    You have to gain a .ldif file schema and add it with ldap-utils tools.
>
>    Next, you have to inform isc-dhcp to use Ldap and place
>    configurations data in the right place.
>
>    Notes
>       you can't securise Dhcp server because actually, isc-dhcp use
>    external file to store leases. (i am looking for a different server
>    with this capability)
>       you have to modify schema, wich presents some risks on production
>    servers.
>
>    Hope it can help
>    Serge
>
>
>
>
>    Le 11/03/2013 13:39, Alexis a écrit :
>
>        Hi,
>
>        I would like to use samba AD as a backend for my ISC DHCP server.
>        As anybody succeed in this?
>
>        I guess I should start with adding te openldap schema into the 
> AD or
>        something like that.
>
>        Is there a way to achieve this?
>
>
>        Don't know from where to start I would appreciate any link/advice.
>
>        Thank you.
>
>
>
>


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

More information about the samba-technical mailing list