We did most of this, and have been using it for a few years. However it depends upon the ISC DHCP server, which is now EOL. The replacement, KEA, does not support LDAP, and there are no plans for it to.
I think the reason is that they didn't want to put dynamic addresses in LDAP, because LDAP is thought of as read-mostly. The way LDAP is used in IPA, of course, means there are lots of changes going on. For most sites, I suspect putting leases in LDAP would be OK. But ISC isn't going to help, I don't think.
From: Ellsworth, Nathan Andrew via FreeIPA-users <freeipa-users@lists.fedorahosted.org>
Sent: Monday, September 25, 2023 2:09 PM
To: freeipa-users@lists.fedorahosted.org <freeipa-users@lists.fedorahosted.org>
Cc: Ellsworth, Nathan Andrew <Nathan.Ellsworth@UTDallas.edu>
Subject: [Freeipa-users] Re: Plans for integrating DHCPThere is an interesting design document already for DHCP with FreeIPA.
I've already implemented a kea-isc dhcp integration with
freeipa. Been operating for about 16 months now without important
change. Also handles dnssec key rotations. Allows to designate
fixed ips, handles name collisions, generates certs, offers to
collect v6 duid with v4 mac under a common freeipa/dns host,
etc. Entirely HA, supports ranges via via across a dozen 'inside
client locations', etc. Uses mariadb as a backend to kea-dhcp.
And supports connectivity to more than one ISP for HA purposes.
https://rockstablesystems.com It was 'quite a ride' from a tech
perspective.
HC
_______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue