1090 lines
41 KiB
Plaintext
1090 lines
41 KiB
Plaintext
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
Network Working Group M. Meredith,
|
||
|
|
Internet Draft V. Nanjundaswamy,
|
||
|
|
Document: <draft-ietf-dhc-ldap-schema-00.txt> M. Hinckley
|
||
|
|
Category: Proposed Standard Novell Inc.
|
||
|
|
Expires: 15th December 2001 16th June 2001
|
||
|
|
|
||
|
|
|
||
|
|
LDAP Schema for DHCP
|
||
|
|
|
||
|
|
Status of this Memo
|
||
|
|
|
||
|
|
This document is an Internet-Draft and is in full conformance with all
|
||
|
|
provisions of Section 10 of RFC2026 [ ].
|
||
|
|
|
||
|
|
Internet-Drafts are working documents of the Internet Engineering Task
|
||
|
|
Force (IETF), its areas, and its working groups. Note that other groups
|
||
|
|
may also distribute working documents as Internet-Drafts. Internet-
|
||
|
|
Drafts are draft documents valid for a maximum of six months and may be
|
||
|
|
updated, replaced, or obsolete by other documents at any time. It is
|
||
|
|
inappropriate to use Internet-Drafts as reference material or to cite
|
||
|
|
them other than as "work in progress." The list of current Internet-
|
||
|
|
Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt The
|
||
|
|
list of Internet-Draft Shadow Directories can be accessed at
|
||
|
|
http://www.ietf.org/shadow.html.
|
||
|
|
|
||
|
|
1. Abstract
|
||
|
|
|
||
|
|
This document defines a schema for representing DHCP configuration in an
|
||
|
|
LDAP directory. It can be used to represent the DHCP Service
|
||
|
|
configuration(s) for an entire enterprise network, a subset of the
|
||
|
|
network, or even a single server. Representing DHCP configuration in an
|
||
|
|
LDAP directory enables centralized management of DHCP services offered
|
||
|
|
by one or more DHCP Servers within the enterprise.
|
||
|
|
|
||
|
|
2. Conventions used in this document
|
||
|
|
|
||
|
|
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
|
||
|
|
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
|
||
|
|
document are to be interpreted as described in RFC-2119 [ ].
|
||
|
|
|
||
|
|
In places where different sets of terminology are commonly used to
|
||
|
|
represent similar DHCP concepts, this schema uses the terminology of the
|
||
|
|
Internet Software Consortium's DHCP server reference implementation.
|
||
|
|
For more information see www.isc.org.
|
||
|
|
|
||
|
|
3. Design Considerations
|
||
|
|
|
||
|
|
The DHCP LDAP schema is designed to be a simple multi-server schema. The
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
M. Meredith et al. Expires December 2001 [Page 1]
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001
|
||
|
|
|
||
|
|
|
||
|
|
intent of this schema is to provide a basic framework for representing
|
||
|
|
the most common elements used in the configuration of DHCP Server. This
|
||
|
|
should allow other network services to obtain and use basic DHCP
|
||
|
|
configuration information in a server-independent but knowledgeable way.
|
||
|
|
|
||
|
|
It is expected that some implementations may need to extend the schema
|
||
|
|
objects, in order to implement all of their features or needs. It is
|
||
|
|
recommended that you use the schema defined in this draft to represent
|
||
|
|
DHCP configuration information in an LDAP directory. Conforming to a
|
||
|
|
standard schema improves interoperability between DHCP implementations
|
||
|
|
from different vendors.
|
||
|
|
|
||
|
|
Some implementations may choose not to support all of the objects
|
||
|
|
defined here.
|
||
|
|
|
||
|
|
Two decisions are explicitly left up to each implementation:
|
||
|
|
|
||
|
|
First, implementations may choose not to store the lease information in
|
||
|
|
the directory, so those objects would not be used.
|
||
|
|
|
||
|
|
Second, implementations may choose not to implement the auditing
|
||
|
|
information.
|
||
|
|
|
||
|
|
It is up to the implementation to determine if the data in the directory
|
||
|
|
is considered "authoritative", or if it is simply a copy of data from an
|
||
|
|
authoritative source. Validity of the information if used as a copy is
|
||
|
|
to be ensured by the implementation.
|
||
|
|
|
||
|
|
Primarily two types of applications will use the information in this
|
||
|
|
schema: 1. DHCP servers (for loading their configuration) 2. Management
|
||
|
|
Interfaces (for defining/editing configurations).
|
||
|
|
|
||
|
|
The schema should be efficient for the needs of both types of
|
||
|
|
applications. The schema is designed to allow objects managed by DHCP
|
||
|
|
(such as computers, subnets, etc) to be present anywhere in a directory
|
||
|
|
hierarchy (to allow those objects to be placed in the directory for
|
||
|
|
managing administrative control and access to the objects).
|
||
|
|
|
||
|
|
The schema uses a few naming conventions - all object classes and
|
||
|
|
attributes are prefixed with "dhcp" to decrease the chance that object
|
||
|
|
classes and attributes will have the same name. The schema also uses
|
||
|
|
standard naming attributes ("cn", "ou", etc) for all objects.
|
||
|
|
|
||
|
|
4. Common DHCP Configuration Attributes
|
||
|
|
|
||
|
|
Although DHCP manages several different types of objects, the
|
||
|
|
configuration of those objects is often similar. Consequently, most of
|
||
|
|
these objects have a common set of attributes, which are defined below.
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
M. Meredith et al. Expires December 2001 [Page 2]
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001
|
||
|
|
|
||
|
|
|
||
|
|
4.1. Attributes Definitions
|
||
|
|
|
||
|
|
The schema definitions listed below are for readability. The LDIF
|
||
|
|
layout for this schema will follow in section 8.
|
||
|
|
|
||
|
|
Name: dhcpPrimaryDN Description: The Distinguished Name of the
|
||
|
|
dhcpServer object, which is the primary server for the configuration.
|
||
|
|
Syntax: DN Flags: SINGLE-VALUE
|
||
|
|
|
||
|
|
Named: dhcpSecondaryDN Description: The Distinguished Name(s) of the
|
||
|
|
dhcpServer object(s), which are secondary servers for the configuration.
|
||
|
|
Syntax: DN
|
||
|
|
|
||
|
|
Name: dhcpStatements Description: Flexible storage for representing any
|
||
|
|
specific data depending on the object to which it is attached. Examples
|
||
|
|
include conditional statements, Server parameters, etc. This also
|
||
|
|
serves as a 'catch-all' attribute that allows the standard to evolve
|
||
|
|
without needing to update the schema. Syntax: IA5String
|
||
|
|
|
||
|
|
Name: dhcpRange Description: The starting and ending IP Addresses in the
|
||
|
|
range (inclusive), separated by a hyphen; if the range only contains one
|
||
|
|
address, then just the address can be specified with no hyphen. Each
|
||
|
|
range is defined as a separate value. Syntax: IA5String
|
||
|
|
|
||
|
|
Name: dhcpPermitList Description: This attribute contains the permit
|
||
|
|
lists associated with a pool. Each permit list is defined as a separate
|
||
|
|
value. Syntax: IA5String
|
||
|
|
|
||
|
|
Name: dhcpNetMask Description: The subnet mask length for the subnet.
|
||
|
|
The mask can be easily computed from this length. Syntax: Integer
|
||
|
|
Flags: SINGLE-VALUE
|
||
|
|
|
||
|
|
Name: dhcpOption Description: Encoded option values to be sent to
|
||
|
|
clients. Each value represents a single option and contains (OptionTag,
|
||
|
|
Length, OptionData) encoded in the format used by DHCP. For more
|
||
|
|
information see [DHCPOPT]. Syntax: OctetString
|
||
|
|
|
||
|
|
Name: dhcpClassData Description: Encoded text string or list of bytes
|
||
|
|
expressed in hexadecimal, separated by colons. Clients match subclasses
|
||
|
|
based on matching the class data with the results of a 'match' or 'spawn
|
||
|
|
with' statement in the class name declarations. Syntax: IA5String
|
||
|
|
Flags: SINGLE-VALUE
|
||
|
|
|
||
|
|
Name: dhcpSubclassesDN Description: List of subclasses, these are the
|
||
|
|
actual DN of each subclass object. Syntax: DN
|
||
|
|
|
||
|
|
Name: dhcpClassesDN Description: List of classes, these are the actual
|
||
|
|
DN of each class object. Syntax: DN
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
M. Meredith et al. Expires December 2001 [Page 3]
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001
|
||
|
|
|
||
|
|
|
||
|
|
Name: dhcpSubnetDN Description: List of subnets, these are the actual DN
|
||
|
|
of each subnet object. Syntax: DN
|
||
|
|
|
||
|
|
Name: dhcpPoolDN Description: List of pools, these are the actual DN of
|
||
|
|
each Pool object. Syntax: DN
|
||
|
|
|
||
|
|
Name: dhcpOptionsDN Description: List of options, these are the actual
|
||
|
|
DN of each Options object. Syntax: DN
|
||
|
|
|
||
|
|
Name: dhcpHostDN Description: List of hosts, these are the actual DN of
|
||
|
|
each host object. Syntax: DN
|
||
|
|
|
||
|
|
Name: dhcpSharedNetworkDN Description: List of shared networks, these
|
||
|
|
are the actual DN of each shared network object. Syntax: DN
|
||
|
|
|
||
|
|
Name: dhcpGroupDN Description: List of groups, these are the actual DN
|
||
|
|
of each Group object. Syntax: DN
|
||
|
|
|
||
|
|
Name: dhcpLeaseDN Description: Single Lease DN. A dhcpHost configuration
|
||
|
|
uses this attribute to identify a static IP address assignment. Syntax:
|
||
|
|
DN Flags: SINGLE-VALUE
|
||
|
|
|
||
|
|
Name: dhcpLeasesDN Description: List of leases, these are the actual DN
|
||
|
|
of each lease object. Syntax: DN
|
||
|
|
|
||
|
|
Name: dhcpServiceDN Description: The DN of dhcpService object(s)which
|
||
|
|
contain the configuration information. Each dhcpServer object has this
|
||
|
|
attribute identifying the DHCP configuration(s) that the server is
|
||
|
|
associated with. Syntax: DN
|
||
|
|
|
||
|
|
Name: dhcpHWAddress Description: The hardware address of the client
|
||
|
|
associated with a lease Syntax: OctetString Flags: SINGLE-VALUE
|
||
|
|
|
||
|
|
Name: dhcpVersion Description: This is the version identified for the
|
||
|
|
object that this attribute is part of. In case of the dhcpServer object,
|
||
|
|
this represents the DHCP software version. Syntax: IA5String Flags:
|
||
|
|
SINGLE-VALUE
|
||
|
|
|
||
|
|
Name: dhcpImplementation Description: DHCP Server implementation
|
||
|
|
description e.g. DHCP Vendor information. Syntax: IA5String Flags:
|
||
|
|
SINGLE-VALUE
|
||
|
|
|
||
|
|
Name: dhcpHashBucketAssignment Description: HashBucketAssignment bit map
|
||
|
|
for the DHCP Server, as defined in DHC Load Balancing Algorithm [RFC
|
||
|
|
3074]. Syntax: Octet String Flags: SINGLE-VALUE
|
||
|
|
|
||
|
|
Name: dhcpDelayedServiceParameter Description: Delay in seconds
|
||
|
|
corresponding to Delayed Service Parameter configuration, as defined in
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
M. Meredith et al. Expires December 2001 [Page 4]
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001
|
||
|
|
|
||
|
|
|
||
|
|
DHC Load Balancing Algorithm [RFC 3074]. Syntax: Integer Flags: SINGLE-
|
||
|
|
VALUE
|
||
|
|
|
||
|
|
Name: dhcpMaxClientLeadTime Description: Maximum Client Lead Time
|
||
|
|
configuration in seconds, as defined in DHCP Failover Protocol [FAILOVR]
|
||
|
|
Syntax: Integer Flags: SINGLE-VALUE
|
||
|
|
|
||
|
|
Name: dhcpFailOverEndpointState Description: Server (Failover Endpoint)
|
||
|
|
state, as defined in DHCP Failover Protocol [FAILOVR] Syntax: IA5String
|
||
|
|
Flags: SINGLE-VALUE
|
||
|
|
|
||
|
|
5. Configurations and Services
|
||
|
|
|
||
|
|
The schema definitions below are for readability the LDIF layout for
|
||
|
|
this schema will follow in section 8.
|
||
|
|
|
||
|
|
The DHC working group is currently considering several proposals for
|
||
|
|
fail-over and redundancy of DHCP servers. These may require sharing of
|
||
|
|
configuration information between servers. This schema provides a
|
||
|
|
generalized mechanism for supporting any of these proposals, by
|
||
|
|
separating the definition of a server from the definition of
|
||
|
|
configuration service provided by the server.
|
||
|
|
|
||
|
|
Separating the DHCP Server (dhcpServer) and the DHCP Configuration
|
||
|
|
(dhcpService) representations allows a configuration service to be
|
||
|
|
provided by one or more servers. Similarly, a server may provide one or
|
||
|
|
more configurations. The schema allows a server to be configured as
|
||
|
|
either a primary or secondary provider of a DHCP configuration.
|
||
|
|
|
||
|
|
Configurations are also defined so that one configuration can include
|
||
|
|
some of the objects that are defined in another configuration. This
|
||
|
|
allows for sharing and/or a hierarchy of related configuration items.
|
||
|
|
|
||
|
|
Name: dhcpService Description: Service object that represents the
|
||
|
|
actual DHCP Service configuration. This will be a container with the
|
||
|
|
following attributes. Must: cn, dhcpPrimaryDN May: dhcpSecondaryDN,
|
||
|
|
dhcpSharedNetworkDN, dhcpSubnetDN, dhcpGroupDN, dhcpHostDN,
|
||
|
|
dhcpClassesDN, dhcpOptionsDN, dhcpStatements
|
||
|
|
|
||
|
|
The following objects could exist inside the dhcpService container:
|
||
|
|
dhcpSharedNetwork, dhcpSubnet, dhcpGroup, dhcpHost, dhcpClass,
|
||
|
|
dhcpOptions, dhcpLog
|
||
|
|
|
||
|
|
Name: dhcpServer Description: Server object that the DHCP server will
|
||
|
|
login as. The configuration information is in the dhcpService container
|
||
|
|
that the dhcpServiceDN points to. Must: cn, dhcpServiceDN May:
|
||
|
|
dhcpVersion, dhcpImplementation, dhcpHashBucketAssignment,
|
||
|
|
dhcpDelayedServiceParameter, dhcpMaxClientLeadTime,
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
M. Meredith et al. Expires December 2001 [Page 5]
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001
|
||
|
|
dhcpFailOverEndpointState, dhcpStatements
|
||
|
|
|
||
|
|
5.1. DHCP Declaration related classes:
|
||
|
|
|
||
|
|
Name: dhcpSharedNetwork Description: Shared Network class will list what
|
||
|
|
pools and subnets are in this network.
|
||
|
|
|
||
|
|
This will be a container with the following attributes. Must: cn May:
|
||
|
|
dhcpSubnetDN, dhcpPoolDN, dhcpOptionsDN, dhcpStatements
|
||
|
|
|
||
|
|
The following objects can exist within a dhcpSharedNetwork container:
|
||
|
|
dhcpSubnet, dhcpPool, dhcpOptions, dhcpLog
|
||
|
|
|
||
|
|
Name: dhcpSubnet Description: Subnet object will include configuration
|
||
|
|
information associated with a subnet, including a range and a net mask.
|
||
|
|
|
||
|
|
This will be a container with the following attributes. Must: cn
|
||
|
|
(Subnet address), dhcpNetMask May: dhcpRange, dhcpPoolDN, dhcpGroupDN,
|
||
|
|
dhcpHostDN, dhcpClassesDN, dhcpLeasesDN, dhcpOptionsDN, dhcpStatements
|
||
|
|
|
||
|
|
The following objects can exist within a dhcpSubnet container: dhcpPool,
|
||
|
|
dhcpGroup, dhcpHost, dhcpClass, dhcpOptions, dhcpLease, dhcpLog
|
||
|
|
|
||
|
|
Name: dhcpGroup Description: Group object will have configuration
|
||
|
|
information associated with a group.
|
||
|
|
|
||
|
|
This will be a container with the following attributes. Must: cn May:
|
||
|
|
dhcpHostDN, dhcpOptionsDN, dhcpStatements
|
||
|
|
|
||
|
|
The following objects can exist within a dhcpGroup container: dhcpHost,
|
||
|
|
dhcpOptions
|
||
|
|
|
||
|
|
Name: dhcpHost Description: The host object includes DHCP host
|
||
|
|
declarations to assign a static IP address or declare the client as
|
||
|
|
known or specify statements for a specific client. Must: cn May:
|
||
|
|
dhcpLeaseDN, dhcpHWAddress, dhcpOptionsDN, dhcpStatements
|
||
|
|
|
||
|
|
The following objects can exist within a dhcpHost container: dhcpLease,
|
||
|
|
dhcpOptions
|
||
|
|
|
||
|
|
Name: dhcpOptions Description: The options class is for option space
|
||
|
|
declarations, it contains a list of options. Must: cn, dhcpOption
|
||
|
|
|
||
|
|
Name: dhcpClass Description: This is a class to group clients together
|
||
|
|
based on matching rules.
|
||
|
|
|
||
|
|
This will be a container with the following attributes. Must: cn May:
|
||
|
|
dhcpSubClassesDN, dhcpOptionsDN, dhcpStatements
|
||
|
|
|
||
|
|
The following object can exist within a dhcpClass container:
|
||
|
|
dhcpSubclass, dhcpOptions
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
M. Meredith et al. Expires December 2001 [Page 6]
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001
|
||
|
|
|
||
|
|
|
||
|
|
Name: dhcpSubClass Description: This includes configuration information
|
||
|
|
for a subclass associated with a class. The dhcpSubClass object will
|
||
|
|
always be contained within the corresponding class container object.
|
||
|
|
Must: cn May: dhcpClassData, dhcpOptionsDN, dhcpStatements
|
||
|
|
|
||
|
|
Name: dhcpPool Description: This contains configuration for a pool that
|
||
|
|
will have the range of addresses, permit lists and point to classes and
|
||
|
|
leases that are members of this pool.
|
||
|
|
|
||
|
|
This will be a container that could be contained by dhcpSubnet or a
|
||
|
|
dhcpSharedNetwork. Must: cn, dhcpRange May: dhcpClassesDN,
|
||
|
|
dhcpPermitList, dhcpLeasesDN, dhcpOptionsDN, dhcpStatements
|
||
|
|
|
||
|
|
The following objects can exist within a dhcpPool container: dhcpClass,
|
||
|
|
dhcpOptions, dhcpLease, dhcpLog
|
||
|
|
|
||
|
|
6. Tracking Address Assignments
|
||
|
|
|
||
|
|
The behavior of a DHCP server is influenced by two factors - it's
|
||
|
|
configuration and the current state of the addresses that have been
|
||
|
|
assigned to clients. This schema defines a set of objects for
|
||
|
|
representing the DHCP configuration associated with a server. The
|
||
|
|
following object classes provide the ability to record how addresses are
|
||
|
|
used including maintaining history (audit log) on individual leases.
|
||
|
|
Recording lease information in a directory could result in a significant
|
||
|
|
performance impact and is therefore optional. Implementations supporting
|
||
|
|
logging of leases need to consider the performance impact.
|
||
|
|
|
||
|
|
6.1. dhcpLeases Attribute Definitions
|
||
|
|
|
||
|
|
The schema definitions below are for readability the LDIF layout for
|
||
|
|
this schema will follow in section 8.
|
||
|
|
|
||
|
|
Name: dhcpAddressState Description: This stores information about the
|
||
|
|
current binding-status of an address. For dynamic addresses managed by
|
||
|
|
DHCP, the values should be restricted to the states defined in the DHCP
|
||
|
|
Failover Protocol draft [FAILOVR]: 'FREE', 'ACTIVE', 'EXPIRED',
|
||
|
|
'RELEASED', 'RESET', 'ABANDONED', 'BACKUP'. For more information on
|
||
|
|
these states see [FAILOVR]. For other addresses, it SHOULD be one of
|
||
|
|
the following: 'UNKNOWN', 'RESERVED' (an address that is managed by DHCP
|
||
|
|
that is reserved for a specific client), 'RESERVED-ACTIVE' (same as
|
||
|
|
reserved, but address is currently in use), 'ASSIGNED' (assigned
|
||
|
|
manually or by some other mechanism), 'UNASSIGNED', 'NOTASSIGNABLE'.
|
||
|
|
Syntax: IA5String Flags: SINGLE-VALUE
|
||
|
|
|
||
|
|
Name: dhcpExpirationTime Description: This is the time the current lease
|
||
|
|
for an address expires. Syntax: DateTime Flags: SINGLE-VALUE
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
M. Meredith et al. Expires December 2001 [Page 7]
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001
|
||
|
|
|
||
|
|
|
||
|
|
Name: dhcpStartTimeOfState Description: This is the time of the last
|
||
|
|
state change for a leased address. Syntax: DateTime Flags: SINGLE-VALUE
|
||
|
|
|
||
|
|
Name: dhcpLastTransactionTime Description: This is the last time a valid
|
||
|
|
DHCP packet was received from the client. Syntax: DateTime Flags:
|
||
|
|
SINGLE-VALUE
|
||
|
|
|
||
|
|
Name: dhcpBootpFlag Description: This indicates whether the address was
|
||
|
|
assigned via BOOTP Syntax: Boolean Flags: SINGLE-VALUE
|
||
|
|
|
||
|
|
Name: dhcpDomainName Description: This is the name of the domain sent to
|
||
|
|
the client by the server. It is essentially the same as the value for
|
||
|
|
DHCP option 15 sent to the client, and represents only the domain - not
|
||
|
|
the full FQDN. To obtain the full FQDN assigned to the client you must
|
||
|
|
prepend the "dhcpAssignedHostName" to this value with a ".". Syntax:
|
||
|
|
IA5String Flags: SINGLE-VALUE
|
||
|
|
|
||
|
|
Name: dhcpDnsStatus Description: This indicates the status of updating
|
||
|
|
DNS resource records on behalf of the client by the DHCP server for this
|
||
|
|
address. The value is a 16-bit bitmask that has the same values as
|
||
|
|
specified by the Failover-DDNS option (see [FAILOVR]). Syntax: Integer
|
||
|
|
Flags: SINGLE-VALUE
|
||
|
|
|
||
|
|
Name: dhcpRequestedHostName Description: This is the hostname that was
|
||
|
|
requested by the client. Syntax: IA5String Flags: SINGLE-VALUE
|
||
|
|
|
||
|
|
Name: dhcpAssignedHostName Description: This is the actual hostname that
|
||
|
|
was assigned to a client. It may not be the name that was requested by
|
||
|
|
the client. The fully qualified domain name can be determined by
|
||
|
|
appending the value of "dhcpDomainName" (with a dot separator) to this
|
||
|
|
name. Syntax: IA5String Flags: SINGLE-VALUE
|
||
|
|
|
||
|
|
Name: dhcpReservedForClient Description: This is the distinguished name
|
||
|
|
of the "dhcpHost" that an address is reserved for. This may not be the
|
||
|
|
same as the "dhcpAssignedToClient" attribute if the address is being
|
||
|
|
reassigned but the current lease has not yet expired. Syntax: DN Flags:
|
||
|
|
SINGLE-VALUE
|
||
|
|
|
||
|
|
Name: dhcpAssignedToClient Description: This is the distinguished name
|
||
|
|
of a "dhcpHost" that an address is currently assigned to. This
|
||
|
|
attribute is only present in the class when the address is leased.
|
||
|
|
Syntax: DN Flags: SINGLE-VALUE
|
||
|
|
|
||
|
|
Name: dhcpRelayAgentInfo Description: If the client request was received
|
||
|
|
via a relay agent, this contains information about the relay agent that
|
||
|
|
was available from the DHCP request. This is a hex-encoded option
|
||
|
|
value. Syntax: OctetString Flags: SINGLE-VALUE
|
||
|
|
|
||
|
|
Name: dhcpErrorLog Description: Generic error log attribute that allows
|
||
|
|
logging error conditions within a dhcpService or a dhcpSubnet, like no IP
|
||
|
|
addresses available for lease. Syntax: IA5String
|
||
|
|
|
||
|
|
M. Meredith et al. Expires December 2001 [Page 8]
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001
|
||
|
|
|
||
|
|
|
||
|
|
6.2. dhcpLeases Object Class
|
||
|
|
|
||
|
|
This class represents an IP address. It may or may not be leaseable,
|
||
|
|
and the object may exist even though a lease is not currently active for
|
||
|
|
the associated IP address.
|
||
|
|
|
||
|
|
It is recommended that all Lease objects for a single DHCP Service be
|
||
|
|
centrally located within a single container. This ensures that the lease
|
||
|
|
objects and the corresponding logs do not have to be relocated, when
|
||
|
|
address ranges allocated to individual DHCP subnets and/or pools change.
|
||
|
|
|
||
|
|
The schema definitions below are for readability the LDIF layout for
|
||
|
|
this schema will follow in section 8.
|
||
|
|
|
||
|
|
Name: dhcpLeases Description: This is the object that holds state
|
||
|
|
information about an IP address. The cn (which is the IP address), and
|
||
|
|
the current address-state are mandatory attributes. If the address is
|
||
|
|
assigned then, some of the optional attributes will have valid data.
|
||
|
|
Must: cn, dhcpAddressState May: dhcpExpirationTime,
|
||
|
|
dhcpStartTimeOfState, dhcpLastTransactionTime, dhcpBootpFlag,
|
||
|
|
dhcpDomainName, dhcpDnsStatus, dhcpRequestedHostName,
|
||
|
|
dhcpAssignedHostName, dhcpReservedForClient, dhcpAssignedToClient,
|
||
|
|
dhcpRelayAgentInfo, dhcpHWAddress
|
||
|
|
|
||
|
|
6.3 Audit Log Information
|
||
|
|
|
||
|
|
A dhcpLog object is created whenever a lease is assigned or released.
|
||
|
|
This object is intended to be created under the corresponding dhcpLeases
|
||
|
|
container, or dhcpPool, dhcpSubnet, dhcpSharedNetwork or dhcpService
|
||
|
|
containers.
|
||
|
|
|
||
|
|
The log information under the dhcpLeases container would be for
|
||
|
|
addresses matching that lease information. The log information in the
|
||
|
|
other containers could be used for errors, i.e. when a pool or subnet is
|
||
|
|
out our addresses or if a server is not able to assign any more
|
||
|
|
addresses for a particular dhcpService.
|
||
|
|
|
||
|
|
Name: dhcpLog Description: This is the object that holds past
|
||
|
|
information about an IP address. The cn is the time/date stamp when the
|
||
|
|
address was assigned or released, the address state at the time, if the
|
||
|
|
address was assigned or released. Must: cn May: dhcpAddressState,
|
||
|
|
dhcpExpirationTime, dhcpStartTimeOfState, dhcpLastTransactionTime,
|
||
|
|
dhcpBootpFlag, dhcpDomainName, dhcpDnsStatus, dhcpRequestedHostName,
|
||
|
|
dhcpAssignedHostName, dhcpReservedForClient, dhcpAssignedToClient,
|
||
|
|
dhcpRelayAgentInfo, dhcpHWAddress, dhcpErrorLog
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
M. Meredith et al. Expires December 2001 [Page 9]
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001
|
||
|
|
|
||
|
|
|
||
|
|
7. Determining settings
|
||
|
|
|
||
|
|
The dhcpStatements attribute is the key to DHC enhancements that may
|
||
|
|
come along, and the different key words that a particular server
|
||
|
|
implementation may use. This attribute can be used to hold conditional
|
||
|
|
DHCP Statements and DHCP server parameters. Having a generic settings
|
||
|
|
attribute that is just a string, allows this schema to be extensible and
|
||
|
|
easy to configure.
|
||
|
|
|
||
|
|
All of the attributes that end with DN are references to the class that
|
||
|
|
precedes the DN e.g. the dhcpPrimaryDN and dhcpSecondaryDN attributes
|
||
|
|
hold the Distinguished Names of the dhcpServer objects that are
|
||
|
|
associated with the dhcpService object.
|
||
|
|
|
||
|
|
8. LDIF format for attributes and classes.
|
||
|
|
|
||
|
|
# Attributes
|
||
|
|
|
||
|
|
( 2.16.840.1.113719.1.203.4.1 NAME 'dhcpPrimaryDN' DESC
|
||
|
|
'The DN of the dhcpServer which is the primary server for the
|
||
|
|
configuration.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE )
|
||
|
|
|
||
|
|
( 2.16.840.1.113719.1.203.4.2 NAME 'dhcpSecondaryDN' DESC 'The DN of
|
||
|
|
dhcpServer(s) which provide backup service for the configuration.'
|
||
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
|
||
|
|
|
||
|
|
( 2.16.840.1.113719.1.203.4.3 NAME 'dhcpStatements' DESC 'Flexible
|
||
|
|
storage for specific data depending on what object this exists in. Like
|
||
|
|
conditional statements, server parameters, etc. This allows the standard
|
||
|
|
to evolve without needing to adjust the schema.' SYNTAX
|
||
|
|
1.3.6.1.4.1.1466.115.121.1.26 )
|
||
|
|
|
||
|
|
( 2.16.840.1.113719.1.203.4.4 NAME 'dhcpRange' DESC 'The starting &
|
||
|
|
ending IP Addresses in the range (inclusive), separated by a hyphen; if
|
||
|
|
the range only contains one address, then just the address can be
|
||
|
|
specified with no hyphen. Each range is defined as a separate value.'
|
||
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
|
||
|
|
|
||
|
|
( 2.16.840.1.113719.1.203.4.5 NAME 'dhcpPermitList' DESC 'This attribute
|
||
|
|
contains the permit lists associated with a pool. Each permit list is
|
||
|
|
defined as a separate value.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
|
||
|
|
|
||
|
|
( 2.16.840.1.113719.1.203.4.6 NAME 'dhcpNetMask' DESC 'The subnet mask
|
||
|
|
length for the subnet. The mask can be easily computed from this
|
||
|
|
length.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
|
||
|
|
|
||
|
|
( 2.16.840.1.113719.1.203.4.7 NAME 'dhcpOption' DESC 'Encoded option
|
||
|
|
values to be sent to clients. Each value represents a single option and
|
||
|
|
contains (OptionTag, Length, OptionValue) encoded in the format used by
|
||
|
|
DHCP.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
|
||
|
|
|
||
|
|
M. Meredith et al. Expires December 2001 [Page 10]
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001
|
||
|
|
|
||
|
|
|
||
|
|
( 2.16.840.1.113719.1.203.4.8 NAME 'dhcpClassData' DESC 'Encoded text
|
||
|
|
string or list of bytes expressed in hexadecimal, separated by colons.
|
||
|
|
Clients match subclasses based on matching the class data with the
|
||
|
|
results of match or spawn with statements in the class name
|
||
|
|
declarations.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
|
||
|
|
|
||
|
|
( 2.16.840.1.113719.1.203.4.9 NAME 'dhcpOptionsDN' DESC 'The
|
||
|
|
distinguished name(s) of the dhcpOption objects containing the
|
||
|
|
configuration options provided by the server.' SYNTAX
|
||
|
|
1.3.6.1.4.1.1466.115.121.1.12 )
|
||
|
|
|
||
|
|
( 2.16.840.1.113719.1.203.4.10 NAME 'dhcpHostDN' DESC 'the distinguished
|
||
|
|
name(s) of the dhcpHost objects.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
|
||
|
|
|
||
|
|
( 2.16.840.1.113719.1.203.4.11 NAME 'dhcpPoolDN' DESC 'The distinguished
|
||
|
|
name(s) of pools.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
|
||
|
|
|
||
|
|
( 2.16.840.1.113719.1.203.4.12 NAME 'dhcpGroupDN' DESC 'The
|
||
|
|
distinguished name(s) of the groups.' SYNTAX
|
||
|
|
1.3.6.1.4.1.1466.115.121.1.12 )
|
||
|
|
|
||
|
|
( 2.16.840.1.113719.1.203.4.13 NAME 'dhcpSubnetDN' DESC 'The
|
||
|
|
distinguished name(s) of the subnets.' SYNTAX
|
||
|
|
1.3.6.1.4.1.1466.115.121.1.12 )
|
||
|
|
|
||
|
|
( 2.16.840.1.113719.1.203.4.14 NAME 'dhcpLeaseDN' DESC 'The
|
||
|
|
distinguished name of a client address.' SYNTAX
|
||
|
|
1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE)
|
||
|
|
|
||
|
|
( 2.16.840.1.113719.1.203.4.15 NAME 'dhcpLeasesDN' DESC 'The
|
||
|
|
distinguished name(s) client addresses.' SYNTAX
|
||
|
|
1.3.6.1.4.1.1466.115.121.1.12 )
|
||
|
|
|
||
|
|
( 2.16.840.1.113719.1.203.4.16 NAME 'dhcpClassesDN' DESC 'The
|
||
|
|
distinguished name(s) of a class(es) in a subclass.' SYNTAX
|
||
|
|
1.3.6.1.4.1.1466.115.121.1.12 )
|
||
|
|
|
||
|
|
( 2.16.840.1.113719.1.203.4.17 NAME 'dhcpSubclassesDN' DESC 'The
|
||
|
|
distinguished name(s) of subclass(es).' SYNTAX
|
||
|
|
1.3.6.1.4.1.1466.115.121.1.12 )
|
||
|
|
|
||
|
|
( 2.16.840.1.113719.1.203.4.18 NAME 'dhcpSharedNetworkDN' DESC 'The
|
||
|
|
distinguished name(s) of sharedNetworks.' SYNTAX
|
||
|
|
1.3.6.1.4.1.1466.115.121.1.12 )
|
||
|
|
|
||
|
|
( 2.16.840.1.113719.1.203.4.19 NAME 'dhcpServiceDN' DESC 'The DN of
|
||
|
|
dhcpService object(s)which contain the configuration information. Each
|
||
|
|
dhcpServer object has this attribute identifying the DHCP
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
M. Meredith et al. Expires December 2001 [Page 11]
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001
|
||
|
|
|
||
|
|
|
||
|
|
configuration(s) that the server is associated with.' SYNTAX
|
||
|
|
1.3.6.1.4.1.1466.115.121.1.12 )
|
||
|
|
|
||
|
|
( 2.16.840.1.113719.1.203.4.20 NAME 'dhcpVersion' DESC 'The version
|
||
|
|
attribute of this object.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-
|
||
|
|
VALUE )
|
||
|
|
|
||
|
|
( 2.16.840.1.113719.1.203.4.21 NAME 'dhcpImplementation' DESC
|
||
|
|
'Description of the DHCP Server implementation e.g. DHCP Server's
|
||
|
|
vendor.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
|
||
|
|
|
||
|
|
( 2.16.840.1.113719.1.203.4.22 NAME 'dhcpAddressState' DESC 'This stores
|
||
|
|
information about the current binding-status of an address. For dynamic
|
||
|
|
addresses managed by DHCP, the values should be restricted to the
|
||
|
|
following: "FREE", "ACTIVE", "EXPIRED", "RELEASED", "RESET",
|
||
|
|
"ABANDONED", "BACKUP". For other addresses, it SHOULD be one of the
|
||
|
|
following: "UNKNOWN", "RESERVED" (an address that is managed by DHCP
|
||
|
|
that is reserved for a specific client), "RESERVED-ACTIVE" (same as
|
||
|
|
reserved, but address is currently in use), "ASSIGNED" (assigned
|
||
|
|
manually or by some other mechanism), "UNASSIGNED", "NOTASSIGNABLE".'
|
||
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
|
||
|
|
|
||
|
|
( 2.16.840.1.113719.1.203.4.23 NAME 'dhcpExpirationTime' DESC 'This is
|
||
|
|
the time the current lease for an address expires.' SYNTAX
|
||
|
|
1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE )
|
||
|
|
|
||
|
|
( 2.16.840.1.113719.1.203.4.24 NAME 'dhcpStartTimeOfState' DESC 'This is
|
||
|
|
the time of the last state change for a leased address.' SYNTAX
|
||
|
|
1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE )
|
||
|
|
|
||
|
|
( 2.16.840.1.113719.1.203.4.25 NAME 'dhcpLastTransactionTime' DESC 'This
|
||
|
|
is the last time a valid DHCP packet was received from the client.'
|
||
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE )
|
||
|
|
|
||
|
|
( 2.16.840.1.113719.1.203.4.26 NAME 'dhcpBootpFlag' DESC 'This indicates
|
||
|
|
whether the address was assigned via BOOTP.' SYNTAX
|
||
|
|
1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE )
|
||
|
|
|
||
|
|
( 2.16.840.1.113719.1.203.4.27 NAME 'dhcpDomainName' DESC 'This is the
|
||
|
|
name of the domain sent to the client by the server. It is essentially
|
||
|
|
the same as the value for DHCP option 15 sent to the client, and
|
||
|
|
represents only the domain - not the full FQDN. To obtain the full FQDN
|
||
|
|
assigned to the client you must prepend the "dhcpAssignedHostName" to
|
||
|
|
this value with a ".".' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-
|
||
|
|
VALUE )
|
||
|
|
|
||
|
|
( 2.16.840.1.113719.1.203.4.28 NAME 'dhcpDnsStatus' DESC 'This indicates
|
||
|
|
the status of updating DNS resource records on behalf of the client by
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
M. Meredith et al. Expires December 2001 [Page 12]
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001
|
||
|
|
|
||
|
|
|
||
|
|
the DHCP server for this address. The value is a 16-bit bitmask.'
|
||
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
|
||
|
|
|
||
|
|
( 2.16.840.1.113719.1.203.4.29 NAME 'dhcpRequestedHostName' DESC 'This
|
||
|
|
is the hostname that was requested by the client.' SYNTAX
|
||
|
|
1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
|
||
|
|
|
||
|
|
( 2.16.840.1.113719.1.203.4.30 NAME 'dhcpAssignedHostName' DESC 'This is
|
||
|
|
the actual hostname that was assigned to a client. It may not be the
|
||
|
|
name that was requested by the client. The fully qualified domain name
|
||
|
|
can be determined by appending the value of "dhcpDomainName" (with a dot
|
||
|
|
separator) to this name.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-
|
||
|
|
VALUE )
|
||
|
|
|
||
|
|
( 2.16.840.1.113719.1.203.4.31 NAME 'dhcpReservedForClient' DESC 'The
|
||
|
|
distinguished name of a "dhcpClient" that an address is reserved for.
|
||
|
|
This may not be the same as the "dhcpAssignedToClient" attribute if the
|
||
|
|
address is being reassigned but the current lease has not yet expired.'
|
||
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE )
|
||
|
|
|
||
|
|
( 2.16.840.1.113719.1.203.4.32 NAME 'dhcpAssignedToClient' DESC 'This is
|
||
|
|
the distinguished name of a "dhcpClient" that an address is currently
|
||
|
|
assigned to. This attribute is only present in the class when the
|
||
|
|
address is leased.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE )
|
||
|
|
|
||
|
|
( 2.16.840.1.113719.1.203.4.33 NAME 'dhcpRelayAgentInfo' DESC 'If the
|
||
|
|
client request was received via a relay agent, this contains information
|
||
|
|
about the relay agent that was available from the DHCP request. This is
|
||
|
|
a hex-encoded option value.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
|
||
|
|
SINGLE-VALUE )
|
||
|
|
|
||
|
|
( 2.16.840.1.113719.1.203.4.34 NAME 'dhcpHWAddress' DESC 'The clients
|
||
|
|
hardware address that requested this IP address.' SYNTAX
|
||
|
|
1.3.6.1.4.1.1466.115.121.1.40 SINGLE-VALUE )
|
||
|
|
|
||
|
|
( 2.16.840.1.113719.1.203.4.35 NAME 'dhcpHashBucketAssignment' DESC
|
||
|
|
'HashBucketAssignment bit map for the DHCP Server, as defined in DHC
|
||
|
|
Load Balancing Algorithm [RFC 3074].' SYNTAX
|
||
|
|
1.3.6.1.4.1.1466.115.121.1.40 SINGLE-VALUE )
|
||
|
|
|
||
|
|
( 2.16.840.1.113719.1.203.4.36 NAME 'dhcpDelayedServiceParameter' DESC
|
||
|
|
'Delay in seconds corresponding to Delayed Service Parameter
|
||
|
|
configuration, as defined in DHC Load Balancing Algorithm [RFC 3074]. '
|
||
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
|
||
|
|
|
||
|
|
( 2.16.840.1.113719.1.203.4.37 NAME 'dhcpMaxClientLeadTime' DESC
|
||
|
|
'Maximum Client Lead Time configuration in seconds, as defined in DHCP
|
||
|
|
Failover Protocol [FAILOVR]' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
M. Meredith et al. Expires December 2001 [Page 13]
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001
|
||
|
|
|
||
|
|
|
||
|
|
SINGLE-VALUE )
|
||
|
|
|
||
|
|
( 2.16.840.1.113719.1.203.4.38 NAME 'dhcpFailOverEndpointState' DESC
|
||
|
|
'Server (Failover Endpoint) state, as defined in DHCP Failover Protocol
|
||
|
|
[FAILOVR]' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
|
||
|
|
|
||
|
|
( 2.16.840.1.113719.1.203.4.39 NAME 'dhcpErrorLog' DESC
|
||
|
|
Generic error log attribute that allows logging error conditions within a
|
||
|
|
dhcpService or a dhcpSubnet, like no IP addresses available for lease.
|
||
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
|
||
|
|
|
||
|
|
#Classes
|
||
|
|
|
||
|
|
( 2.16.840.1.113719.1.203.6.1 NAME 'dhcpService' DESC ' Service object
|
||
|
|
that represents the actual DHCP Service configuration. This is a
|
||
|
|
container object.' SUP top MUST (cn $ dhcpPrimaryDN) MAY
|
||
|
|
(dhcpSecondaryDN $ dhcpSharedNetworkDN $ dhcpSubnetDN $ dhcpGroupDN $
|
||
|
|
dhcpHostDN $ dhcpClassesDN $ dhcpOptionsDN $ dhcpStatements ) )
|
||
|
|
|
||
|
|
( 2.16.840.1.113719.1.203.6.2 NAME 'dhcpSharedNetwork' DESC 'This stores
|
||
|
|
configuration information for a shared network.' SUP top MUST cn MAY
|
||
|
|
(dhcpSubnetDN $ dhcpPoolDN $ dhcpOptionsDN $ dhcpStatements) X-
|
||
|
|
NDS_CONTAINMENT ('dhcpService' ) )
|
||
|
|
|
||
|
|
( 2.16.840.1.113719.1.203.6.3 NAME 'dhcpSubnet' DESC 'This class defines
|
||
|
|
a subnet. This is a container object.' SUP top MUST ( cn $ dhcpNetMask )
|
||
|
|
MAY (dhcpRange $ dhcpPoolDN $ dhcpGroupDN $ dhcpHostDN $ dhcpClassesDN $
|
||
|
|
dhcpLeasesDN $ dhcpOptionsDN $ dhcpStatements) X-NDS_CONTAINMENT
|
||
|
|
('dhcpService' 'dhcpSharedNetwork') )
|
||
|
|
|
||
|
|
( 2.16.840.1.113719.1.203.6.4 NAME 'dhcpPool' DESC 'This stores
|
||
|
|
configuration information about a pool.' SUP top MUST ( cn $ dhcpRange )
|
||
|
|
MAY (dhcpClassesDN $ dhcpPermitList $ dhcpLeasesDN $ dhcpOptionsDN $
|
||
|
|
dhcpStatements) X-NDS_CONTAINMENT ('dhcpSubnet' 'dhcpSharedNetwork') )
|
||
|
|
|
||
|
|
( 2.16.840.1.113719.1.203.6.5 NAME 'dhcpGroup' DESC 'Group object that
|
||
|
|
lists host DNs and parameters. This is a container object.' SUP top MUST
|
||
|
|
cn MAY ( dhcpHostDN $ dhcpOptionsDN $ dhcpStatements ) X-NDS_CONTAINMENT
|
||
|
|
('dhcpSubnet' 'dhcpService' ) )
|
||
|
|
|
||
|
|
( 2.16.840.1.113719.1.203.6.6 NAME 'dhcpHost' DESC 'This represents
|
||
|
|
information about a particular client' SUP top MUST cn MAY (dhcpLeaseDN
|
||
|
|
$ dhcpHWAddress $ dhcpOptionsDN $ dhcpStatements) X-NDS_CONTAINMENT
|
||
|
|
('dhcpService' 'dhcpSubnet' 'dhcpGroup') )
|
||
|
|
|
||
|
|
( 2.16.840.1.113719.1.203.6.7 NAME 'dhcpClass' DESC 'Represents
|
||
|
|
information about a collection of related clients.' SUP top MUST cn MAY
|
||
|
|
(dhcpSubClassesDN $ dhcpOptionsDN $ dhcpStatements) X-NDS_CONTAINMENT
|
||
|
|
('dhcpService' 'dhcpSubnet' ) )
|
||
|
|
|
||
|
|
( 2.16.840.1.113719.1.203.6.8 NAME 'dhcpSubClass' DESC 'Represents
|
||
|
|
information about a collection of related classes.' SUP top MUST cn MAY
|
||
|
|
(dhcpClassData $ dhcpOptionsDN $ dhcpStatements) X-NDS_CONTAINMENT
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
M. Meredith et al. Expires December 2001 [Page 14]
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001
|
||
|
|
|
||
|
|
|
||
|
|
'dhcpClass' )
|
||
|
|
|
||
|
|
( 2.16.840.1.113719.1.203.6.9 NAME 'dhcpOptions' DESC 'Represents
|
||
|
|
information about a collection of options defined.' SUP top MUST cn MAY
|
||
|
|
( dhcpOption ) X-NDS_CONTAINMENT ('dhcpService' 'dhcpSharedNetwork'
|
||
|
|
'dhcpSubnet' 'dhcpPool' 'dhcpGroup' 'dhcpHost' 'dhcpClass' )
|
||
|
|
|
||
|
|
( 2.16.840.1.113719.1.203.6.10 NAME 'dhcpLeases' DESC 'This class
|
||
|
|
represents an IP Address, which may or may not have been leased.' SUP
|
||
|
|
top MUST ( cn $ dhcpAddressState ) MAY ( dhcpExpirationTime $
|
||
|
|
dhcpStartTimeOfState $ dhcpLastTransactionTime $ dhcpBootpFlag $
|
||
|
|
dhcpDomainName $ dhcpDnsStatus $ dhcpRequestedHostName $
|
||
|
|
dhcpAssignedHostName $ dhcpReservedForClient $ dhcpAssignedToClient $
|
||
|
|
dhcpRelayAgentInfo $ dhcpHWAddress ) X-NDS_CONTAINMENT ( 'dhcpService'
|
||
|
|
'dhcpSubnet' 'dhcpPool') )
|
||
|
|
|
||
|
|
( 2.16.840.1.113719.1.203.6.11 NAME 'dhcpLog' DESC 'This is the object
|
||
|
|
that holds past information about the IP address. The cn is the
|
||
|
|
time/date stamp when the address was assigned or released, the address
|
||
|
|
state at the time, if the address was assigned or released.' SUP top
|
||
|
|
MUST ( cn ) MAY ( dhcpAddressState $ dhcpExpirationTime $
|
||
|
|
dhcpStartTimeOfState $ dhcpLastTransactionTime $ dhcpBootpFlag $
|
||
|
|
dhcpDomainName $ dhcpDnsStatus $ dhcpRequestedHostName $
|
||
|
|
dhcpAssignedHostName $ dhcpReservedForClient $ dhcpAssignedToClient $
|
||
|
|
dhcpRelayAgentInfo $ dhcpHWAddress $ dhcpErrorLog) X-NDS_CONTAINMENT
|
||
|
|
('dhcpLeases' 'dhcpPool' 'dhcpSubnet' 'dhcpSharedNetwork' 'dhcpService' ) )
|
||
|
|
|
||
|
|
( 2.16.840.1.113719.1.203.6.12 NAME 'dhcpServer' DESC 'DHCP Server
|
||
|
|
Object' SUP top MUST (cn, dhcpServiceDN) MAY (dhcpVersion $
|
||
|
|
dhcpImplementation $ dhcpHashBucketAssignment $
|
||
|
|
dhcpDelayedServiceParameter $ dhcpMaxClientLeadTime $
|
||
|
|
dhcpFailOverEndpointState $ dhcpStatements) X-NDS_CONTAINMENT ('O' 'OU'
|
||
|
|
'dc') )
|
||
|
|
|
||
|
|
9. Security Considerations
|
||
|
|
|
||
|
|
Since the DHCP Configuration information is stored in a directory, the
|
||
|
|
security of the information is limited to the security offered by the
|
||
|
|
directory including the security of the objects within that directory.
|
||
|
|
|
||
|
|
10. Intellectual Property Rights Notices
|
||
|
|
|
||
|
|
The IETF takes no position regarding the validity or scope of any
|
||
|
|
intellectual property or other rights that might be claimed to pertain
|
||
|
|
to the implementation or use of the technology described in this
|
||
|
|
document or the extent to which any license under such rights might or
|
||
|
|
might not be available; neither does it represent that it has made any
|
||
|
|
effort to identify any such rights. Information on the IETF's
|
||
|
|
procedures with respect to rights in standards-track and standards-
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
M. Meredith et al. Expires December 2001 [Page 15]
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001
|
||
|
|
|
||
|
|
|
||
|
|
related documentation can be found in BCP-11. Copies of claims of
|
||
|
|
rights made available for publication and any assurances of licenses to
|
||
|
|
be made available, or the result of an attempt made to obtain a general
|
||
|
|
license or permission for the use of such proprietary rights by
|
||
|
|
implementors or users of this specification can be obtained from the
|
||
|
|
IETF Secretariat.
|
||
|
|
|
||
|
|
The IETF invites any interested party to bring to its attention any
|
||
|
|
copyrights, patents or patent applications, or other proprietary rights
|
||
|
|
which may cover technology that may be required to practice this
|
||
|
|
standard. Please address the information to the IETF Executive
|
||
|
|
Director.
|
||
|
|
|
||
|
|
11. Full Copyright Statement
|
||
|
|
|
||
|
|
Copyright (C) The Internet Society (2001). All Rights Reserved.
|
||
|
|
|
||
|
|
This document and translations of it may be copied and furnished to
|
||
|
|
others, and derivative works that comment on or otherwise explain it or
|
||
|
|
assist in its implementation may be prepared, copied, published and
|
||
|
|
distributed, in whole or in part, without restriction of any kind,
|
||
|
|
provided that the above copyright notice and this paragraph are included
|
||
|
|
on all such copies and derivative works. However, this document itself
|
||
|
|
may not be modified in any way, such as by removing the copyright notice
|
||
|
|
or references to the Internet Society or other Internet organizations,
|
||
|
|
except as needed for the purpose of developing Internet standards in
|
||
|
|
which case the procedures for copyrights defined in the Internet
|
||
|
|
Standards process must be followed, or as required to translate it into
|
||
|
|
languages other than English.
|
||
|
|
|
||
|
|
The limited permissions granted above are perpetual and will not be
|
||
|
|
revoked by the Internet Society or its successors or assigns.
|
||
|
|
|
||
|
|
This document and the information contained herein is provided on an "AS
|
||
|
|
IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK
|
||
|
|
FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT
|
||
|
|
LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT
|
||
|
|
INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR
|
||
|
|
FITNESS FOR A PARTICULAR PURPOSE.
|
||
|
|
|
||
|
|
12. References
|
||
|
|
|
||
|
|
[RFC2131] Droms, R., "Dynamic Host Configuration Protocol", RFC 2131,
|
||
|
|
March 1997.
|
||
|
|
|
||
|
|
[RFC2132] Alexander, S., Droms, R., "DHCP Options and BOOTP Vendor
|
||
|
|
Extensions", RFC 2132, March 1997.
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
M. Meredith et al. Expires December 2001 [Page 16]
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001
|
||
|
|
|
||
|
|
|
||
|
|
[MSDHCP] Gu, Y., Vyaghrapuri, R., "An LDAP Schema for Dynamic Host
|
||
|
|
Configuration Protocol Service", Internet Draft <draft-gu-dhcp-ldap-
|
||
|
|
schema-00.txt>, August 1998.
|
||
|
|
|
||
|
|
[NOVDHCP] Miller, T., Patel, A., Rao, P., "Lightweight Directory Access
|
||
|
|
Protocol (v3): Schema for Dynamic Host Configuration Protocol (DHCP)",
|
||
|
|
Internet Draft <draft-miller-dhcp-ldap-schema-00.txt>, June 1998.
|
||
|
|
|
||
|
|
[FAILOVR] Droms, R., Rabil, G., Dooley, M., Kapur, A., Gonczi, S., Volz,
|
||
|
|
B., "DHCP Failover Protocol", Internet Draft <draft-ietf-dhc-
|
||
|
|
failover-08.txt>, July 2000.
|
||
|
|
|
||
|
|
[RFC 3074] Volz B., Gonczi S., Lemon T., Stevens R., "DHC Load Balancing
|
||
|
|
Algorithm", February 2001
|
||
|
|
|
||
|
|
[AGENT] Patrick, M., "DHCP Relay Agent Information Option", Internet
|
||
|
|
Draft <draft-ietf-dhc-agent-options-09.txt>, March 2000.
|
||
|
|
|
||
|
|
[DHCPOPT] Carney, M., "New Option Review Guidelines and Additional
|
||
|
|
Option Namespace", Internet Draft <draft-ietf-dhc-
|
||
|
|
option_review_and_namespace-01.txt>, October 1999.
|
||
|
|
|
||
|
|
[POLICY] Strassner, J., Elleson, E., Moore, B., "Policy Framework LDAP
|
||
|
|
Core Schema", Internet Draft <draft-ietf-policy-core-schema-06.txt>,
|
||
|
|
November 1999.
|
||
|
|
|
||
|
|
[RFC2251] Wahl, M., Howes, T., Kille, S., "Lightweight Directory Access
|
||
|
|
Protocol (v3)", RFC 2251, December 1997.
|
||
|
|
|
||
|
|
[RFC2252] Wahl, M., Coulbeck, A., Howes, T., Kille, S., "Lightweight
|
||
|
|
Directory Access Protocol (v3) Attribute Syntax Definitions", RFC 2252,
|
||
|
|
December 1997.
|
||
|
|
|
||
|
|
[RFC2255] Howes, T., Smith, M., "The LDAP URL Format", RFC 2255,
|
||
|
|
December 1997.
|
||
|
|
|
||
|
|
[RFC951] Croft, B., Gilmore, J., "Bootstrap Protocol (BOOTP)", RFC 951,
|
||
|
|
September 1985.
|
||
|
|
|
||
|
|
[RFC2119] Bradner, S. "Key words for use in RFCs to Indicate Requirement
|
||
|
|
Levels", RFC 2119, March 1997.
|
||
|
|
|
||
|
|
13. Acknowledgments
|
||
|
|
|
||
|
|
This work is partially based on a previous draft draft-ietf-dhc-
|
||
|
|
schema-02.doc.
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
M. Meredith et al. Expires December 2001 [Page 17]
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001
|
||
|
|
|
||
|
|
|
||
|
|
14. Author's Addresses
|
||
|
|
|
||
|
|
Comments regarding this draft may be sent to the authors at the
|
||
|
|
following address:
|
||
|
|
|
||
|
|
Mark Meredith
|
||
|
|
Mark Hinckley
|
||
|
|
Novell Inc.
|
||
|
|
1800 S. Novell Place
|
||
|
|
Provo, Utah 84606
|
||
|
|
|
||
|
|
Vijay K. Nanjundaswamy
|
||
|
|
Novell Software Development (I) Ltd
|
||
|
|
49/1 & 49/3, Garvebhavi Palya,
|
||
|
|
7th Mile, Hosur Road
|
||
|
|
Bangalore 560068
|
||
|
|
|
||
|
|
email: mark_meredith@novell.com
|
||
|
|
email: knvijay@novell.com
|
||
|
|
email: mhinckley@novell.com
|
||
|
|
|
||
|
|
This Internet Draft expires December 16, 2001.
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
M. Meredith et al. Expires December 2001 [Page 18]
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|