Harry Jede wrote: > Zeus Panchenko wrote: > > hi, > > > > I configured my isc-dhcpd servers to work with openldap, all works > > > > now when I want to find dn for some definite MAC or IP, I am unable > > to do that > > ... > > > I use filter: > > "(&(objectClass=dhcpHost)(dhcpStatements=fixed-address > > 10.0.0.222))" > > > > and receive empty result ... > > Then you make a mistake :-( > > $ ldapsearch -xLLL -H ldap://10.100.0.1 '(&(objectclass=dhcphost) > (dhcpStatements=fixed-address 10.100.0.102))' dn dhcpStatements > dn: cn=DEBIAN,ou=hosts,cn=DHCP Config,dc=europa,dc=xx > dhcpStatements: fixed-address 10.100.0.102 > > > it is the same picture for anything except dhcpStatements=* ... > > > > so, how is it correct to write the filter to get all objects with > > IP like 10.0.0.2* ? > > By default, that's not possible. You need to modify the schema to > make this work. > > step 1: find the dhcp schema > > # ldapsearch -LLLY external -H ldapi:/// -b cn=schema,cn=config > dn|grep dhcp > dn: cn={7}dhcp,cn=schema,cn=config > > step2: prepare a ldapmodify input file > > # echo 'dn: cn={7}dhcp,cn=schema,cn=config' > /tmp/dhcp_s.ldif > # echo 'changetype: modify' >> /tmp/dhcp_s.ldif > # echo 'replace: olcAttributeTypes' >> /tmp/dhcp_s.ldif > > step 3: retrieve the attributes from cn=config > > # ldapsearch -LLLY external -H ldapi:/// -b cn=schema,cn=config > 'cn={7}dhcp' olcAttributeTypes >> /tmp/dhcp_s.ldif > > step 4.1: add Substring match to dhcpStatements with an editor > > this I have added "SUBSTR caseIgnoreIA5SubstringsMatch" to > dhcpStatements. The result is: > > olcAttributeTypes: {2}( 2.16.840.1.113719.1.203.4.3 NAME > 'dhcpStatements' DESC 'Flexible storage for specific data depending > on what object this exists in. Like conditional statements, server > parameters, etc. This allows the standard to evolve without needing > to adjust the schema.' EQUALITY caseIgnoreIA5Match SUBSTR > caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) > > step 4.2 remove line number 4 > in my config 'dn: cn={7}dhcp,cn=schema,cn=config' > > step 5: update the server > > # ldapmodify -Y external -H ldapi:/// -f /tmp/dhcp_s.ldif > > step 6: be happy ;-) > > $ ldapsearch -xLLL -H ldap://10.100.0.1 '(&(objectclass=dhcphost) > (dhcpStatements=fixed-address 10.100.0.*))' dn dhcpStatementsdn: > cn=ainf-01,ou=hosts,cn=DHCP Config,dc=europa,dc=xx > dhcpStatements: fixed-address 10.100.0.101 > > dn: cn=ainf-02,ou=hosts,cn=DHCP Config,dc=europa,dc=xx > dhcpStatements: fixed-address 10.100.0.103 > dhcpStatements: filename "pxelinux.0" > dhcpStatements: next-server 10.100.0.1 > dhcpStatements: broadcast-address 10.100.255.255 > > dn: cn=ainf-22,ou=hosts,cn=DHCP Config,dc=europa,dc=xx > dhcpStatements: fixed-address 10.100.0.104 > > dn: cn=DEBIAN,ou=hosts,cn=DHCP Config,dc=europa,dc=xx > dhcpStatements: fixed-address 10.100.0.102 > > hints: > 1. modify an objectclass this way, will not work > 2. an index on dhcpStatements is not required to make this work > perhaps good for performance reasons > 3. try it first on a test server :-)
Sorry, I have overseen that you are using slapd.conf. So it is much easier. Just modify dhcp.schema and restart slapd. -- Harry Jede
