hmmm. so the problem with our integration is that we use the standard schema. that makes
DHCP data a separate tree. To make it a real part of freeipa you’d want to get data for a
host from its normal host entry. Either you’d need to modify the server to read data from
the normal freeipa data, or you could keep the official DHCP schema, but make the
management tools see the items as attributes of the freeipa host entry. Both are pretty
easy to do. But I can see that a real integration like this would be a project that would
compete with other priorities for IPA.
From my point of view, it’s kind of the biggest missing piece in IPA at the moment, though
our integration works fine and shouldn’t present any maintenance issues.
(You may ask, why use IPA for your DHCP data? In our case it’s because IPA is the only
multimaster replicated data we have. I’d rather not have to manage a mulitimasteir SQL
database just to do DHCP.)
On Jul 6, 2020, at 2:24:43 PM, Charles Hedrick via FreeIPA-users
<freeipa-users(a)lists.fedorahosted.org> wrote:
The main issues are
* adding to the schema
* tools for managing
* dynamic address allocation
We don’t use dynamic allocation. so that’s not an issue for us. That means the normal ISC
dhcpd works fine. It supports getting data from LDAP. They supply a schema file, which
with some tweaking works fine with freeipa.
I have a .py file that will add commands to the IPA command line to manage most data.
That should work anywhere with possible minor changes because the base DN will not be
Rutgers. I also have a web GUI which is part of my larger user management system. That
might be a bit harder to port, though in principle the whole system is designed to be
portable. (It uses Spring Boot.)
The issues I see with integration into freeipa are
* adding it to the freeipa web GUI. I think that can be done with their defined extension
method, so it doesn’t need a change in core code
* dynamic address management.
The current ISC daemon uses a master / backup approach for dynamic address allocation. So
it stores allocations locally on the server. That means it doesn’t need LDAP or another
database. It should work just fine with freeipa. However the newer ISC DHCP code
(currently a separate project) really wants a symmetrical database. LDAP might work,
depending upon how often you need to allocate addresses, but LDAP really isn’t intended
for high write rates.
> On Apr 24, 2020, at 6:23 AM, Ronald Wimmer via FreeIPA-users
<freeipa-users(a)lists.fedorahosted.org> wrote:
>
> Hi there,
>
> are there any plans to integrate a DHCP server into FreeIPA. We have several
environments where a lack of DHCP is a showstopper at the moment.
>
> Cheers,
> Ronald
> _______________________________________________
> FreeIPA-users mailing list -- freeipa-users(a)lists.fedorahosted.org
> To unsubscribe send an email to freeipa-users-leave(a)lists.fedorahosted.org
> Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives:
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedoraho...
_______________________________________________
FreeIPA-users mailing list -- freeipa-users(a)lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-leave(a)lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedoraho...