[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: dhcp.schema attribute dhcpStatements value in filter

Harry Jede wrote:
> Zeus Panchenko wrote:
> > hi,
> > 
> > I configured my isc-dhcpd servers to work with openldap, all works
> > 
> > now when I want to find dn for some definite MAC or IP, I am unable
> > to do that
> 
> ...
> 
> > I use filter:
> > "(&(objectClass=dhcpHost)(dhcpStatements=fixed-address
> > 10.0.0.222))"
> > 
> > and receive empty result ...
> 
> Then you make a mistake :-(
> 
> $ ldapsearch -xLLL -H ldap://10.100.0.1 '(&(objectclass=dhcphost)
> (dhcpStatements=fixed-address 10.100.0.102))' dn dhcpStatements
> dn: cn=DEBIAN,ou=hosts,cn=DHCP Config,dc=europa,dc=xx
> dhcpStatements: fixed-address 10.100.0.102
> 
> > it is the same picture for anything except dhcpStatements=* ...
> > 
> > so, how is it correct to write the filter to get all objects with
> > IP like 10.0.0.2* ?
> 
> By default, that's not possible. You need to modify the schema to
> make this work.
> 
> step 1: find the dhcp schema
> 
> # ldapsearch -LLLY external -H ldapi:/// -b cn=schema,cn=config
> dn|grep dhcp
> dn: cn={7}dhcp,cn=schema,cn=config
> 
> step2: prepare a ldapmodify input file
> 
> # echo 'dn: cn={7}dhcp,cn=schema,cn=config' >  /tmp/dhcp_s.ldif
> # echo 'changetype: modify'                 >> /tmp/dhcp_s.ldif
> # echo 'replace: olcAttributeTypes'         >> /tmp/dhcp_s.ldif
> 
> step 3: retrieve the attributes from cn=config
> 
> # ldapsearch -LLLY external -H ldapi:/// -b cn=schema,cn=config
> 'cn={7}dhcp' olcAttributeTypes >> /tmp/dhcp_s.ldif
> 
> step 4.1: add Substring match to dhcpStatements with an editor
> 
> this I have added "SUBSTR caseIgnoreIA5SubstringsMatch" to
> dhcpStatements. The result is:
> 
> olcAttributeTypes: {2}( 2.16.840.1.113719.1.203.4.3 NAME
> 'dhcpStatements' DESC 'Flexible storage for specific data depending
> on what object this exists in. Like conditional statements, server
> parameters, etc. This allows the standard to evolve without needing
> to adjust the schema.' EQUALITY caseIgnoreIA5Match SUBSTR
> caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
> 
> step 4.2 remove line number 4
> in my config 'dn: cn={7}dhcp,cn=schema,cn=config'
> 
> step 5: update the server
> 
> # ldapmodify -Y external -H ldapi:/// -f /tmp/dhcp_s.ldif
> 
> step 6: be happy ;-)
> 
> $ ldapsearch -xLLL -H ldap://10.100.0.1 '(&(objectclass=dhcphost)
> (dhcpStatements=fixed-address 10.100.0.*))' dn dhcpStatementsdn:
> cn=ainf-01,ou=hosts,cn=DHCP Config,dc=europa,dc=xx
> dhcpStatements: fixed-address 10.100.0.101
> 
> dn: cn=ainf-02,ou=hosts,cn=DHCP Config,dc=europa,dc=xx
> dhcpStatements: fixed-address 10.100.0.103
> dhcpStatements: filename "pxelinux.0"
> dhcpStatements: next-server 10.100.0.1
> dhcpStatements: broadcast-address 10.100.255.255
> 
> dn: cn=ainf-22,ou=hosts,cn=DHCP Config,dc=europa,dc=xx
> dhcpStatements: fixed-address 10.100.0.104
> 
> dn: cn=DEBIAN,ou=hosts,cn=DHCP Config,dc=europa,dc=xx
> dhcpStatements: fixed-address 10.100.0.102
> 
> hints:
> 1. modify an objectclass this way, will not work
> 2. an index on dhcpStatements is not required to make this work
>    perhaps good for performance reasons
> 3. try it first on a test server :-)

Sorry,
I have overseen that you are using slapd.conf.
So it is much easier. Just modify dhcp.schema and restart slapd.

-- 

Harry Jede