/[packages]/cauldron/dhcp/current/SOURCES/draft-ietf-dhc-ldap-schema-01.txt
ViewVC logotype

Contents of /cauldron/dhcp/current/SOURCES/draft-ietf-dhc-ldap-schema-01.txt

Parent Directory Parent Directory | Revision Log Revision Log


Revision 16733 - (show annotations) (download)
Thu Jan 13 23:42:18 2011 UTC (13 years, 2 months ago) by dmorgan
File MIME type: text/plain
File size: 41765 byte(s)
imported package dhcp
1
2
3
4
5
6 Network Working Group M. Meredith,
7 Internet Draft V. Nanjundaswamy,
8 Document: <draft-ietf-dhc-ldap-schema-00.txt> M. Hinckley
9 Category: Proposed Standard Novell Inc.
10 Expires: 15th December 2001 16th June 2001
11
12
13 LDAP Schema for DHCP
14
15 Status of this Memo
16
17 This document is an Internet-Draft and is in full conformance with all
18 provisions of Section 10 of RFC2026 [ ].
19
20 Internet-Drafts are working documents of the Internet Engineering Task
21 Force (IETF), its areas, and its working groups. Note that other groups
22 may also distribute working documents as Internet-Drafts. Internet-
23 Drafts are draft documents valid for a maximum of six months and may be
24 updated, replaced, or obsolete by other documents at any time. It is
25 inappropriate to use Internet-Drafts as reference material or to cite
26 them other than as "work in progress." The list of current Internet-
27 Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt The
28 list of Internet-Draft Shadow Directories can be accessed at
29 http://www.ietf.org/shadow.html.
30
31 1. Abstract
32
33 This document defines a schema for representing DHCP configuration in an
34 LDAP directory. It can be used to represent the DHCP Service
35 configuration(s) for an entire enterprise network, a subset of the
36 network, or even a single server. Representing DHCP configuration in an
37 LDAP directory enables centralized management of DHCP services offered
38 by one or more DHCP Servers within the enterprise.
39
40 2. Conventions used in this document
41
42 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
43 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
44 document are to be interpreted as described in RFC-2119 [ ].
45
46 In places where different sets of terminology are commonly used to
47 represent similar DHCP concepts, this schema uses the terminology of the
48 Internet Software Consortium's DHCP server reference implementation.
49 For more information see www.isc.org.
50
51 3. Design Considerations
52
53 The DHCP LDAP schema is designed to be a simple multi-server schema. The
54
55
56
57 M. Meredith et al. Expires December 2001 [Page 1]
58
59
60
61
62
63 INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001
64
65
66 intent of this schema is to provide a basic framework for representing
67 the most common elements used in the configuration of DHCP Server. This
68 should allow other network services to obtain and use basic DHCP
69 configuration information in a server-independent but knowledgeable way.
70
71 It is expected that some implementations may need to extend the schema
72 objects, in order to implement all of their features or needs. It is
73 recommended that you use the schema defined in this draft to represent
74 DHCP configuration information in an LDAP directory. Conforming to a
75 standard schema improves interoperability between DHCP implementations
76 from different vendors.
77
78 Some implementations may choose not to support all of the objects
79 defined here.
80
81 Two decisions are explicitly left up to each implementation:
82
83 First, implementations may choose not to store the lease information in
84 the directory, so those objects would not be used.
85
86 Second, implementations may choose not to implement the auditing
87 information.
88
89 It is up to the implementation to determine if the data in the directory
90 is considered "authoritative", or if it is simply a copy of data from an
91 authoritative source. Validity of the information if used as a copy is
92 to be ensured by the implementation.
93
94 Primarily two types of applications will use the information in this
95 schema: 1. DHCP servers (for loading their configuration) 2. Management
96 Interfaces (for defining/editing configurations).
97
98 The schema should be efficient for the needs of both types of
99 applications. The schema is designed to allow objects managed by DHCP
100 (such as computers, subnets, etc) to be present anywhere in a directory
101 hierarchy (to allow those objects to be placed in the directory for
102 managing administrative control and access to the objects).
103
104 The schema uses a few naming conventions - all object classes and
105 attributes are prefixed with "dhcp" to decrease the chance that object
106 classes and attributes will have the same name. The schema also uses
107 standard naming attributes ("cn", "ou", etc) for all objects.
108
109 4. Common DHCP Configuration Attributes
110
111 Although DHCP manages several different types of objects, the
112 configuration of those objects is often similar. Consequently, most of
113 these objects have a common set of attributes, which are defined below.
114
115
116
117 M. Meredith et al. Expires December 2001 [Page 2]
118
119
120
121
122
123 INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001
124
125
126 4.1. Attributes Definitions
127
128 The schema definitions listed below are for readability. The LDIF
129 layout for this schema will follow in section 8.
130
131 Name: dhcpPrimaryDN Description: The Distinguished Name of the
132 dhcpServer object, which is the primary server for the configuration.
133 Syntax: DN Flags: SINGLE-VALUE
134
135 Named: dhcpSecondaryDN Description: The Distinguished Name(s) of the
136 dhcpServer object(s), which are secondary servers for the configuration.
137 Syntax: DN
138
139 Name: dhcpStatements Description: Flexible storage for representing any
140 specific data depending on the object to which it is attached. Examples
141 include conditional statements, Server parameters, etc. This also
142 serves as a 'catch-all' attribute that allows the standard to evolve
143 without needing to update the schema. Syntax: IA5String
144
145 Name: dhcpRange Description: The starting and ending IP Addresses in the
146 range (inclusive), separated by a hyphen; if the range only contains one
147 address, then just the address can be specified with no hyphen. Each
148 range is defined as a separate value. Syntax: IA5String
149
150 Name: dhcpPermitList Description: This attribute contains the permit
151 lists associated with a pool. Each permit list is defined as a separate
152 value. Syntax: IA5String
153
154 Name: dhcpNetMask Description: The subnet mask length for the subnet.
155 The mask can be easily computed from this length. Syntax: Integer
156 Flags: SINGLE-VALUE
157
158 Name: dhcpOption Description: Encoded option values to be sent to
159 clients. Each value represents a single option and contains (OptionTag,
160 Length, OptionData) encoded in the format used by DHCP. For more
161 information see [DHCPOPT]. Syntax: OctetString
162
163 Name: dhcpClassData Description: Encoded text string or list of bytes
164 expressed in hexadecimal, separated by colons. Clients match subclasses
165 based on matching the class data with the results of a 'match' or 'spawn
166 with' statement in the class name declarations. Syntax: IA5String
167 Flags: SINGLE-VALUE
168
169 Name: dhcpSubclassesDN Description: List of subclasses, these are the
170 actual DN of each subclass object. Syntax: DN
171
172 Name: dhcpClassesDN Description: List of classes, these are the actual
173 DN of each class object. Syntax: DN
174
175
176
177 M. Meredith et al. Expires December 2001 [Page 3]
178
179
180
181
182
183 INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001
184
185
186 Name: dhcpSubnetDN Description: List of subnets, these are the actual DN
187 of each subnet object. Syntax: DN
188
189 Name: dhcpPoolDN Description: List of pools, these are the actual DN of
190 each Pool object. Syntax: DN
191
192 Name: dhcpOptionsDN Description: List of options, these are the actual
193 DN of each Options object. Syntax: DN
194
195 Name: dhcpHostDN Description: List of hosts, these are the actual DN of
196 each host object. Syntax: DN
197
198 Name: dhcpSharedNetworkDN Description: List of shared networks, these
199 are the actual DN of each shared network object. Syntax: DN
200
201 Name: dhcpGroupDN Description: List of groups, these are the actual DN
202 of each Group object. Syntax: DN
203
204 Name: dhcpLeaseDN Description: Single Lease DN. A dhcpHost configuration
205 uses this attribute to identify a static IP address assignment. Syntax:
206 DN Flags: SINGLE-VALUE
207
208 Name: dhcpLeasesDN Description: List of leases, these are the actual DN
209 of each lease object. Syntax: DN
210
211 Name: dhcpServiceDN Description: The DN of dhcpService object(s)which
212 contain the configuration information. Each dhcpServer object has this
213 attribute identifying the DHCP configuration(s) that the server is
214 associated with. Syntax: DN
215
216 Name: dhcpHWAddress Description: The hardware address of the client
217 associated with a lease Syntax: OctetString Flags: SINGLE-VALUE
218
219 Name: dhcpVersion Description: This is the version identified for the
220 object that this attribute is part of. In case of the dhcpServer object,
221 this represents the DHCP software version. Syntax: IA5String Flags:
222 SINGLE-VALUE
223
224 Name: dhcpImplementation Description: DHCP Server implementation
225 description e.g. DHCP Vendor information. Syntax: IA5String Flags:
226 SINGLE-VALUE
227
228 Name: dhcpHashBucketAssignment Description: HashBucketAssignment bit map
229 for the DHCP Server, as defined in DHC Load Balancing Algorithm [RFC
230 3074]. Syntax: Octet String Flags: SINGLE-VALUE
231
232 Name: dhcpDelayedServiceParameter Description: Delay in seconds
233 corresponding to Delayed Service Parameter configuration, as defined in
234
235
236
237 M. Meredith et al. Expires December 2001 [Page 4]
238
239
240
241
242
243 INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001
244
245
246 DHC Load Balancing Algorithm [RFC 3074]. Syntax: Integer Flags: SINGLE-
247 VALUE
248
249 Name: dhcpMaxClientLeadTime Description: Maximum Client Lead Time
250 configuration in seconds, as defined in DHCP Failover Protocol [FAILOVR]
251 Syntax: Integer Flags: SINGLE-VALUE
252
253 Name: dhcpFailOverEndpointState Description: Server (Failover Endpoint)
254 state, as defined in DHCP Failover Protocol [FAILOVR] Syntax: IA5String
255 Flags: SINGLE-VALUE
256
257 5. Configurations and Services
258
259 The schema definitions below are for readability the LDIF layout for
260 this schema will follow in section 8.
261
262 The DHC working group is currently considering several proposals for
263 fail-over and redundancy of DHCP servers. These may require sharing of
264 configuration information between servers. This schema provides a
265 generalized mechanism for supporting any of these proposals, by
266 separating the definition of a server from the definition of
267 configuration service provided by the server.
268
269 Separating the DHCP Server (dhcpServer) and the DHCP Configuration
270 (dhcpService) representations allows a configuration service to be
271 provided by one or more servers. Similarly, a server may provide one or
272 more configurations. The schema allows a server to be configured as
273 either a primary or secondary provider of a DHCP configuration.
274
275 Configurations are also defined so that one configuration can include
276 some of the objects that are defined in another configuration. This
277 allows for sharing and/or a hierarchy of related configuration items.
278
279 Name: dhcpService Description: Service object that represents the
280 actual DHCP Service configuration. This will be a container with the
281 following attributes. Must: cn, dhcpPrimaryDN May: dhcpSecondaryDN,
282 dhcpSharedNetworkDN, dhcpSubnetDN, dhcpGroupDN, dhcpHostDN,
283 dhcpClassesDN, dhcpOptionsDN, dhcpStatements
284
285 The following objects could exist inside the dhcpService container:
286 dhcpSharedNetwork, dhcpSubnet, dhcpGroup, dhcpHost, dhcpClass,
287 dhcpOptions, dhcpLog
288
289 Name: dhcpServer Description: Server object that the DHCP server will
290 login as. The configuration information is in the dhcpService container
291 that the dhcpServiceDN points to. Must: cn, dhcpServiceDN May:
292 dhcpVersion, dhcpImplementation, dhcpHashBucketAssignment,
293 dhcpDelayedServiceParameter, dhcpMaxClientLeadTime,
294
295
296
297 M. Meredith et al. Expires December 2001 [Page 5]
298
299
300
301
302
303 INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001
304 dhcpFailOverEndpointState, dhcpStatements
305
306 5.1. DHCP Declaration related classes:
307
308 Name: dhcpSharedNetwork Description: Shared Network class will list what
309 pools and subnets are in this network.
310
311 This will be a container with the following attributes. Must: cn May:
312 dhcpSubnetDN, dhcpPoolDN, dhcpOptionsDN, dhcpStatements
313
314 The following objects can exist within a dhcpSharedNetwork container:
315 dhcpSubnet, dhcpPool, dhcpOptions, dhcpLog
316
317 Name: dhcpSubnet Description: Subnet object will include configuration
318 information associated with a subnet, including a range and a net mask.
319
320 This will be a container with the following attributes. Must: cn
321 (Subnet address), dhcpNetMask May: dhcpRange, dhcpPoolDN, dhcpGroupDN,
322 dhcpHostDN, dhcpClassesDN, dhcpLeasesDN, dhcpOptionsDN, dhcpStatements
323
324 The following objects can exist within a dhcpSubnet container: dhcpPool,
325 dhcpGroup, dhcpHost, dhcpClass, dhcpOptions, dhcpLease, dhcpLog
326
327 Name: dhcpGroup Description: Group object will have configuration
328 information associated with a group.
329
330 This will be a container with the following attributes. Must: cn May:
331 dhcpHostDN, dhcpOptionsDN, dhcpStatements
332
333 The following objects can exist within a dhcpGroup container: dhcpHost,
334 dhcpOptions
335
336 Name: dhcpHost Description: The host object includes DHCP host
337 declarations to assign a static IP address or declare the client as
338 known or specify statements for a specific client. Must: cn May:
339 dhcpLeaseDN, dhcpHWAddress, dhcpOptionsDN, dhcpStatements
340
341 The following objects can exist within a dhcpHost container: dhcpLease,
342 dhcpOptions
343
344 Name: dhcpOptions Description: The options class is for option space
345 declarations, it contains a list of options. Must: cn, dhcpOption
346
347 Name: dhcpClass Description: This is a class to group clients together
348 based on matching rules.
349
350 This will be a container with the following attributes. Must: cn May:
351 dhcpSubClassesDN, dhcpOptionsDN, dhcpStatements
352
353 The following object can exist within a dhcpClass container:
354 dhcpSubclass, dhcpOptions
355
356
357
358 M. Meredith et al. Expires December 2001 [Page 6]
359
360
361
362
363
364 INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001
365
366
367 Name: dhcpSubClass Description: This includes configuration information
368 for a subclass associated with a class. The dhcpSubClass object will
369 always be contained within the corresponding class container object.
370 Must: cn May: dhcpClassData, dhcpOptionsDN, dhcpStatements
371
372 Name: dhcpPool Description: This contains configuration for a pool that
373 will have the range of addresses, permit lists and point to classes and
374 leases that are members of this pool.
375
376 This will be a container that could be contained by dhcpSubnet or a
377 dhcpSharedNetwork. Must: cn, dhcpRange May: dhcpClassesDN,
378 dhcpPermitList, dhcpLeasesDN, dhcpOptionsDN, dhcpStatements
379
380 The following objects can exist within a dhcpPool container: dhcpClass,
381 dhcpOptions, dhcpLease, dhcpLog
382
383 6. Tracking Address Assignments
384
385 The behavior of a DHCP server is influenced by two factors - it's
386 configuration and the current state of the addresses that have been
387 assigned to clients. This schema defines a set of objects for
388 representing the DHCP configuration associated with a server. The
389 following object classes provide the ability to record how addresses are
390 used including maintaining history (audit log) on individual leases.
391 Recording lease information in a directory could result in a significant
392 performance impact and is therefore optional. Implementations supporting
393 logging of leases need to consider the performance impact.
394
395 6.1. dhcpLeases Attribute Definitions
396
397 The schema definitions below are for readability the LDIF layout for
398 this schema will follow in section 8.
399
400 Name: dhcpAddressState Description: This stores information about the
401 current binding-status of an address. For dynamic addresses managed by
402 DHCP, the values should be restricted to the states defined in the DHCP
403 Failover Protocol draft [FAILOVR]: 'FREE', 'ACTIVE', 'EXPIRED',
404 'RELEASED', 'RESET', 'ABANDONED', 'BACKUP'. For more information on
405 these states see [FAILOVR]. For other addresses, it SHOULD be one of
406 the following: 'UNKNOWN', 'RESERVED' (an address that is managed by DHCP
407 that is reserved for a specific client), 'RESERVED-ACTIVE' (same as
408 reserved, but address is currently in use), 'ASSIGNED' (assigned
409 manually or by some other mechanism), 'UNASSIGNED', 'NOTASSIGNABLE'.
410 Syntax: IA5String Flags: SINGLE-VALUE
411
412 Name: dhcpExpirationTime Description: This is the time the current lease
413 for an address expires. Syntax: DateTime Flags: SINGLE-VALUE
414
415
416
417
418 M. Meredith et al. Expires December 2001 [Page 7]
419
420
421
422
423
424 INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001
425
426
427 Name: dhcpStartTimeOfState Description: This is the time of the last
428 state change for a leased address. Syntax: DateTime Flags: SINGLE-VALUE
429
430 Name: dhcpLastTransactionTime Description: This is the last time a valid
431 DHCP packet was received from the client. Syntax: DateTime Flags:
432 SINGLE-VALUE
433
434 Name: dhcpBootpFlag Description: This indicates whether the address was
435 assigned via BOOTP Syntax: Boolean Flags: SINGLE-VALUE
436
437 Name: dhcpDomainName Description: This is the name of the domain sent to
438 the client by the server. It is essentially the same as the value for
439 DHCP option 15 sent to the client, and represents only the domain - not
440 the full FQDN. To obtain the full FQDN assigned to the client you must
441 prepend the "dhcpAssignedHostName" to this value with a ".". Syntax:
442 IA5String Flags: SINGLE-VALUE
443
444 Name: dhcpDnsStatus Description: This indicates the status of updating
445 DNS resource records on behalf of the client by the DHCP server for this
446 address. The value is a 16-bit bitmask that has the same values as
447 specified by the Failover-DDNS option (see [FAILOVR]). Syntax: Integer
448 Flags: SINGLE-VALUE
449
450 Name: dhcpRequestedHostName Description: This is the hostname that was
451 requested by the client. Syntax: IA5String Flags: SINGLE-VALUE
452
453 Name: dhcpAssignedHostName Description: This is the actual hostname that
454 was assigned to a client. It may not be the name that was requested by
455 the client. The fully qualified domain name can be determined by
456 appending the value of "dhcpDomainName" (with a dot separator) to this
457 name. Syntax: IA5String Flags: SINGLE-VALUE
458
459 Name: dhcpReservedForClient Description: This is the distinguished name
460 of the "dhcpHost" that an address is reserved for. This may not be the
461 same as the "dhcpAssignedToClient" attribute if the address is being
462 reassigned but the current lease has not yet expired. Syntax: DN Flags:
463 SINGLE-VALUE
464
465 Name: dhcpAssignedToClient Description: This is the distinguished name
466 of a "dhcpHost" that an address is currently assigned to. This
467 attribute is only present in the class when the address is leased.
468 Syntax: DN Flags: SINGLE-VALUE
469
470 Name: dhcpRelayAgentInfo Description: If the client request was received
471 via a relay agent, this contains information about the relay agent that
472 was available from the DHCP request. This is a hex-encoded option
473 value. Syntax: OctetString Flags: SINGLE-VALUE
474
475 Name: dhcpErrorLog Description: Generic error log attribute that allows
476 logging error conditions within a dhcpService or a dhcpSubnet, like no IP
477 addresses available for lease. Syntax: IA5String
478
479 M. Meredith et al. Expires December 2001 [Page 8]
480
481
482
483
484
485 INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001
486
487
488 6.2. dhcpLeases Object Class
489
490 This class represents an IP address. It may or may not be leaseable,
491 and the object may exist even though a lease is not currently active for
492 the associated IP address.
493
494 It is recommended that all Lease objects for a single DHCP Service be
495 centrally located within a single container. This ensures that the lease
496 objects and the corresponding logs do not have to be relocated, when
497 address ranges allocated to individual DHCP subnets and/or pools change.
498
499 The schema definitions below are for readability the LDIF layout for
500 this schema will follow in section 8.
501
502 Name: dhcpLeases Description: This is the object that holds state
503 information about an IP address. The cn (which is the IP address), and
504 the current address-state are mandatory attributes. If the address is
505 assigned then, some of the optional attributes will have valid data.
506 Must: cn, dhcpAddressState May: dhcpExpirationTime,
507 dhcpStartTimeOfState, dhcpLastTransactionTime, dhcpBootpFlag,
508 dhcpDomainName, dhcpDnsStatus, dhcpRequestedHostName,
509 dhcpAssignedHostName, dhcpReservedForClient, dhcpAssignedToClient,
510 dhcpRelayAgentInfo, dhcpHWAddress
511
512 6.3 Audit Log Information
513
514 A dhcpLog object is created whenever a lease is assigned or released.
515 This object is intended to be created under the corresponding dhcpLeases
516 container, or dhcpPool, dhcpSubnet, dhcpSharedNetwork or dhcpService
517 containers.
518
519 The log information under the dhcpLeases container would be for
520 addresses matching that lease information. The log information in the
521 other containers could be used for errors, i.e. when a pool or subnet is
522 out our addresses or if a server is not able to assign any more
523 addresses for a particular dhcpService.
524
525 Name: dhcpLog Description: This is the object that holds past
526 information about an IP address. The cn is the time/date stamp when the
527 address was assigned or released, the address state at the time, if the
528 address was assigned or released. Must: cn May: dhcpAddressState,
529 dhcpExpirationTime, dhcpStartTimeOfState, dhcpLastTransactionTime,
530 dhcpBootpFlag, dhcpDomainName, dhcpDnsStatus, dhcpRequestedHostName,
531 dhcpAssignedHostName, dhcpReservedForClient, dhcpAssignedToClient,
532 dhcpRelayAgentInfo, dhcpHWAddress, dhcpErrorLog
533
534
535
536
537
538
539 M. Meredith et al. Expires December 2001 [Page 9]
540
541
542
543
544
545 INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001
546
547
548 7. Determining settings
549
550 The dhcpStatements attribute is the key to DHC enhancements that may
551 come along, and the different key words that a particular server
552 implementation may use. This attribute can be used to hold conditional
553 DHCP Statements and DHCP server parameters. Having a generic settings
554 attribute that is just a string, allows this schema to be extensible and
555 easy to configure.
556
557 All of the attributes that end with DN are references to the class that
558 precedes the DN e.g. the dhcpPrimaryDN and dhcpSecondaryDN attributes
559 hold the Distinguished Names of the dhcpServer objects that are
560 associated with the dhcpService object.
561
562 8. LDIF format for attributes and classes.
563
564 # Attributes
565
566 ( 2.16.840.1.113719.1.203.4.1 NAME 'dhcpPrimaryDN' DESC
567 'The DN of the dhcpServer which is the primary server for the
568 configuration.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE )
569
570 ( 2.16.840.1.113719.1.203.4.2 NAME 'dhcpSecondaryDN' DESC 'The DN of
571 dhcpServer(s) which provide backup service for the configuration.'
572 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
573
574 ( 2.16.840.1.113719.1.203.4.3 NAME 'dhcpStatements' DESC 'Flexible
575 storage for specific data depending on what object this exists in. Like
576 conditional statements, server parameters, etc. This allows the standard
577 to evolve without needing to adjust the schema.' SYNTAX
578 1.3.6.1.4.1.1466.115.121.1.26 )
579
580 ( 2.16.840.1.113719.1.203.4.4 NAME 'dhcpRange' DESC 'The starting &
581 ending IP Addresses in the range (inclusive), separated by a hyphen; if
582 the range only contains one address, then just the address can be
583 specified with no hyphen. Each range is defined as a separate value.'
584 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
585
586 ( 2.16.840.1.113719.1.203.4.5 NAME 'dhcpPermitList' DESC 'This attribute
587 contains the permit lists associated with a pool. Each permit list is
588 defined as a separate value.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
589
590 ( 2.16.840.1.113719.1.203.4.6 NAME 'dhcpNetMask' DESC 'The subnet mask
591 length for the subnet. The mask can be easily computed from this
592 length.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
593
594 ( 2.16.840.1.113719.1.203.4.7 NAME 'dhcpOption' DESC 'Encoded option
595 values to be sent to clients. Each value represents a single option and
596 contains (OptionTag, Length, OptionValue) encoded in the format used by
597 DHCP.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
598
599 M. Meredith et al. Expires December 2001 [Page 10]
600
601
602
603
604
605 INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001
606
607
608 ( 2.16.840.1.113719.1.203.4.8 NAME 'dhcpClassData' DESC 'Encoded text
609 string or list of bytes expressed in hexadecimal, separated by colons.
610 Clients match subclasses based on matching the class data with the
611 results of match or spawn with statements in the class name
612 declarations.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
613
614 ( 2.16.840.1.113719.1.203.4.9 NAME 'dhcpOptionsDN' DESC 'The
615 distinguished name(s) of the dhcpOption objects containing the
616 configuration options provided by the server.' SYNTAX
617 1.3.6.1.4.1.1466.115.121.1.12 )
618
619 ( 2.16.840.1.113719.1.203.4.10 NAME 'dhcpHostDN' DESC 'the distinguished
620 name(s) of the dhcpHost objects.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
621
622 ( 2.16.840.1.113719.1.203.4.11 NAME 'dhcpPoolDN' DESC 'The distinguished
623 name(s) of pools.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
624
625 ( 2.16.840.1.113719.1.203.4.12 NAME 'dhcpGroupDN' DESC 'The
626 distinguished name(s) of the groups.' SYNTAX
627 1.3.6.1.4.1.1466.115.121.1.12 )
628
629 ( 2.16.840.1.113719.1.203.4.13 NAME 'dhcpSubnetDN' DESC 'The
630 distinguished name(s) of the subnets.' SYNTAX
631 1.3.6.1.4.1.1466.115.121.1.12 )
632
633 ( 2.16.840.1.113719.1.203.4.14 NAME 'dhcpLeaseDN' DESC 'The
634 distinguished name of a client address.' SYNTAX
635 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE)
636
637 ( 2.16.840.1.113719.1.203.4.15 NAME 'dhcpLeasesDN' DESC 'The
638 distinguished name(s) client addresses.' SYNTAX
639 1.3.6.1.4.1.1466.115.121.1.12 )
640
641 ( 2.16.840.1.113719.1.203.4.16 NAME 'dhcpClassesDN' DESC 'The
642 distinguished name(s) of a class(es) in a subclass.' SYNTAX
643 1.3.6.1.4.1.1466.115.121.1.12 )
644
645 ( 2.16.840.1.113719.1.203.4.17 NAME 'dhcpSubclassesDN' DESC 'The
646 distinguished name(s) of subclass(es).' SYNTAX
647 1.3.6.1.4.1.1466.115.121.1.12 )
648
649 ( 2.16.840.1.113719.1.203.4.18 NAME 'dhcpSharedNetworkDN' DESC 'The
650 distinguished name(s) of sharedNetworks.' SYNTAX
651 1.3.6.1.4.1.1466.115.121.1.12 )
652
653 ( 2.16.840.1.113719.1.203.4.19 NAME 'dhcpServiceDN' DESC 'The DN of
654 dhcpService object(s)which contain the configuration information. Each
655 dhcpServer object has this attribute identifying the DHCP
656
657
658
659 M. Meredith et al. Expires December 2001 [Page 11]
660
661
662
663
664
665 INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001
666
667
668 configuration(s) that the server is associated with.' SYNTAX
669 1.3.6.1.4.1.1466.115.121.1.12 )
670
671 ( 2.16.840.1.113719.1.203.4.20 NAME 'dhcpVersion' DESC 'The version
672 attribute of this object.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-
673 VALUE )
674
675 ( 2.16.840.1.113719.1.203.4.21 NAME 'dhcpImplementation' DESC
676 'Description of the DHCP Server implementation e.g. DHCP Server's
677 vendor.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
678
679 ( 2.16.840.1.113719.1.203.4.22 NAME 'dhcpAddressState' DESC 'This stores
680 information about the current binding-status of an address. For dynamic
681 addresses managed by DHCP, the values should be restricted to the
682 following: "FREE", "ACTIVE", "EXPIRED", "RELEASED", "RESET",
683 "ABANDONED", "BACKUP". For other addresses, it SHOULD be one of the
684 following: "UNKNOWN", "RESERVED" (an address that is managed by DHCP
685 that is reserved for a specific client), "RESERVED-ACTIVE" (same as
686 reserved, but address is currently in use), "ASSIGNED" (assigned
687 manually or by some other mechanism), "UNASSIGNED", "NOTASSIGNABLE".'
688 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
689
690 ( 2.16.840.1.113719.1.203.4.23 NAME 'dhcpExpirationTime' DESC 'This is
691 the time the current lease for an address expires.' SYNTAX
692 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE )
693
694 ( 2.16.840.1.113719.1.203.4.24 NAME 'dhcpStartTimeOfState' DESC 'This is
695 the time of the last state change for a leased address.' SYNTAX
696 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE )
697
698 ( 2.16.840.1.113719.1.203.4.25 NAME 'dhcpLastTransactionTime' DESC 'This
699 is the last time a valid DHCP packet was received from the client.'
700 SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE )
701
702 ( 2.16.840.1.113719.1.203.4.26 NAME 'dhcpBootpFlag' DESC 'This indicates
703 whether the address was assigned via BOOTP.' SYNTAX
704 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE )
705
706 ( 2.16.840.1.113719.1.203.4.27 NAME 'dhcpDomainName' DESC 'This is the
707 name of the domain sent to the client by the server. It is essentially
708 the same as the value for DHCP option 15 sent to the client, and
709 represents only the domain - not the full FQDN. To obtain the full FQDN
710 assigned to the client you must prepend the "dhcpAssignedHostName" to
711 this value with a ".".' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-
712 VALUE )
713
714 ( 2.16.840.1.113719.1.203.4.28 NAME 'dhcpDnsStatus' DESC 'This indicates
715 the status of updating DNS resource records on behalf of the client by
716
717
718
719 M. Meredith et al. Expires December 2001 [Page 12]
720
721
722
723
724
725 INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001
726
727
728 the DHCP server for this address. The value is a 16-bit bitmask.'
729 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
730
731 ( 2.16.840.1.113719.1.203.4.29 NAME 'dhcpRequestedHostName' DESC 'This
732 is the hostname that was requested by the client.' SYNTAX
733 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
734
735 ( 2.16.840.1.113719.1.203.4.30 NAME 'dhcpAssignedHostName' DESC 'This is
736 the actual hostname that was assigned to a client. It may not be the
737 name that was requested by the client. The fully qualified domain name
738 can be determined by appending the value of "dhcpDomainName" (with a dot
739 separator) to this name.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-
740 VALUE )
741
742 ( 2.16.840.1.113719.1.203.4.31 NAME 'dhcpReservedForClient' DESC 'The
743 distinguished name of a "dhcpClient" that an address is reserved for.
744 This may not be the same as the "dhcpAssignedToClient" attribute if the
745 address is being reassigned but the current lease has not yet expired.'
746 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE )
747
748 ( 2.16.840.1.113719.1.203.4.32 NAME 'dhcpAssignedToClient' DESC 'This is
749 the distinguished name of a "dhcpClient" that an address is currently
750 assigned to. This attribute is only present in the class when the
751 address is leased.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE )
752
753 ( 2.16.840.1.113719.1.203.4.33 NAME 'dhcpRelayAgentInfo' DESC 'If the
754 client request was received via a relay agent, this contains information
755 about the relay agent that was available from the DHCP request. This is
756 a hex-encoded option value.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
757 SINGLE-VALUE )
758
759 ( 2.16.840.1.113719.1.203.4.34 NAME 'dhcpHWAddress' DESC 'The clients
760 hardware address that requested this IP address.' SYNTAX
761 1.3.6.1.4.1.1466.115.121.1.40 SINGLE-VALUE )
762
763 ( 2.16.840.1.113719.1.203.4.35 NAME 'dhcpHashBucketAssignment' DESC
764 'HashBucketAssignment bit map for the DHCP Server, as defined in DHC
765 Load Balancing Algorithm [RFC 3074].' SYNTAX
766 1.3.6.1.4.1.1466.115.121.1.40 SINGLE-VALUE )
767
768 ( 2.16.840.1.113719.1.203.4.36 NAME 'dhcpDelayedServiceParameter' DESC
769 'Delay in seconds corresponding to Delayed Service Parameter
770 configuration, as defined in DHC Load Balancing Algorithm [RFC 3074]. '
771 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
772
773 ( 2.16.840.1.113719.1.203.4.37 NAME 'dhcpMaxClientLeadTime' DESC
774 'Maximum Client Lead Time configuration in seconds, as defined in DHCP
775 Failover Protocol [FAILOVR]' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
776
777
778
779 M. Meredith et al. Expires December 2001 [Page 13]
780
781
782
783
784
785 INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001
786
787
788 SINGLE-VALUE )
789
790 ( 2.16.840.1.113719.1.203.4.38 NAME 'dhcpFailOverEndpointState' DESC
791 'Server (Failover Endpoint) state, as defined in DHCP Failover Protocol
792 [FAILOVR]' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
793
794 ( 2.16.840.1.113719.1.203.4.39 NAME 'dhcpErrorLog' DESC
795 Generic error log attribute that allows logging error conditions within a
796 dhcpService or a dhcpSubnet, like no IP addresses available for lease.
797 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
798
799 #Classes
800
801 ( 2.16.840.1.113719.1.203.6.1 NAME 'dhcpService' DESC ' Service object
802 that represents the actual DHCP Service configuration. This is a
803 container object.' SUP top MUST (cn $ dhcpPrimaryDN) MAY
804 (dhcpSecondaryDN $ dhcpSharedNetworkDN $ dhcpSubnetDN $ dhcpGroupDN $
805 dhcpHostDN $ dhcpClassesDN $ dhcpOptionsDN $ dhcpStatements ) )
806
807 ( 2.16.840.1.113719.1.203.6.2 NAME 'dhcpSharedNetwork' DESC 'This stores
808 configuration information for a shared network.' SUP top MUST cn MAY
809 (dhcpSubnetDN $ dhcpPoolDN $ dhcpOptionsDN $ dhcpStatements) X-
810 NDS_CONTAINMENT ('dhcpService' ) )
811
812 ( 2.16.840.1.113719.1.203.6.3 NAME 'dhcpSubnet' DESC 'This class defines
813 a subnet. This is a container object.' SUP top MUST ( cn $ dhcpNetMask )
814 MAY (dhcpRange $ dhcpPoolDN $ dhcpGroupDN $ dhcpHostDN $ dhcpClassesDN $
815 dhcpLeasesDN $ dhcpOptionsDN $ dhcpStatements) X-NDS_CONTAINMENT
816 ('dhcpService' 'dhcpSharedNetwork') )
817
818 ( 2.16.840.1.113719.1.203.6.4 NAME 'dhcpPool' DESC 'This stores
819 configuration information about a pool.' SUP top MUST ( cn $ dhcpRange )
820 MAY (dhcpClassesDN $ dhcpPermitList $ dhcpLeasesDN $ dhcpOptionsDN $
821 dhcpStatements) X-NDS_CONTAINMENT ('dhcpSubnet' 'dhcpSharedNetwork') )
822
823 ( 2.16.840.1.113719.1.203.6.5 NAME 'dhcpGroup' DESC 'Group object that
824 lists host DNs and parameters. This is a container object.' SUP top MUST
825 cn MAY ( dhcpHostDN $ dhcpOptionsDN $ dhcpStatements ) X-NDS_CONTAINMENT
826 ('dhcpSubnet' 'dhcpService' ) )
827
828 ( 2.16.840.1.113719.1.203.6.6 NAME 'dhcpHost' DESC 'This represents
829 information about a particular client' SUP top MUST cn MAY (dhcpLeaseDN
830 $ dhcpHWAddress $ dhcpOptionsDN $ dhcpStatements) X-NDS_CONTAINMENT
831 ('dhcpService' 'dhcpSubnet' 'dhcpGroup') )
832
833 ( 2.16.840.1.113719.1.203.6.7 NAME 'dhcpClass' DESC 'Represents
834 information about a collection of related clients.' SUP top MUST cn MAY
835 (dhcpSubClassesDN $ dhcpOptionsDN $ dhcpStatements) X-NDS_CONTAINMENT
836 ('dhcpService' 'dhcpSubnet' ) )
837
838 ( 2.16.840.1.113719.1.203.6.8 NAME 'dhcpSubClass' DESC 'Represents
839 information about a collection of related classes.' SUP top MUST cn MAY
840 (dhcpClassData $ dhcpOptionsDN $ dhcpStatements) X-NDS_CONTAINMENT
841
842
843
844 M. Meredith et al. Expires December 2001 [Page 14]
845
846
847
848
849
850 INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001
851
852
853 'dhcpClass' )
854
855 ( 2.16.840.1.113719.1.203.6.9 NAME 'dhcpOptions' DESC 'Represents
856 information about a collection of options defined.' SUP top MUST cn MAY
857 ( dhcpOption ) X-NDS_CONTAINMENT ('dhcpService' 'dhcpSharedNetwork'
858 'dhcpSubnet' 'dhcpPool' 'dhcpGroup' 'dhcpHost' 'dhcpClass' )
859
860 ( 2.16.840.1.113719.1.203.6.10 NAME 'dhcpLeases' DESC 'This class
861 represents an IP Address, which may or may not have been leased.' SUP
862 top MUST ( cn $ dhcpAddressState ) MAY ( dhcpExpirationTime $
863 dhcpStartTimeOfState $ dhcpLastTransactionTime $ dhcpBootpFlag $
864 dhcpDomainName $ dhcpDnsStatus $ dhcpRequestedHostName $
865 dhcpAssignedHostName $ dhcpReservedForClient $ dhcpAssignedToClient $
866 dhcpRelayAgentInfo $ dhcpHWAddress ) X-NDS_CONTAINMENT ( 'dhcpService'
867 'dhcpSubnet' 'dhcpPool') )
868
869 ( 2.16.840.1.113719.1.203.6.11 NAME 'dhcpLog' DESC 'This is the object
870 that holds past information about the IP address. The cn is the
871 time/date stamp when the address was assigned or released, the address
872 state at the time, if the address was assigned or released.' SUP top
873 MUST ( cn ) MAY ( dhcpAddressState $ dhcpExpirationTime $
874 dhcpStartTimeOfState $ dhcpLastTransactionTime $ dhcpBootpFlag $
875 dhcpDomainName $ dhcpDnsStatus $ dhcpRequestedHostName $
876 dhcpAssignedHostName $ dhcpReservedForClient $ dhcpAssignedToClient $
877 dhcpRelayAgentInfo $ dhcpHWAddress $ dhcpErrorLog) X-NDS_CONTAINMENT
878 ('dhcpLeases' 'dhcpPool' 'dhcpSubnet' 'dhcpSharedNetwork' 'dhcpService' ) )
879
880 ( 2.16.840.1.113719.1.203.6.12 NAME 'dhcpServer' DESC 'DHCP Server
881 Object' SUP top MUST (cn, dhcpServiceDN) MAY (dhcpVersion $
882 dhcpImplementation $ dhcpHashBucketAssignment $
883 dhcpDelayedServiceParameter $ dhcpMaxClientLeadTime $
884 dhcpFailOverEndpointState $ dhcpStatements) X-NDS_CONTAINMENT ('O' 'OU'
885 'dc') )
886
887 9. Security Considerations
888
889 Since the DHCP Configuration information is stored in a directory, the
890 security of the information is limited to the security offered by the
891 directory including the security of the objects within that directory.
892
893 10. Intellectual Property Rights Notices
894
895 The IETF takes no position regarding the validity or scope of any
896 intellectual property or other rights that might be claimed to pertain
897 to the implementation or use of the technology described in this
898 document or the extent to which any license under such rights might or
899 might not be available; neither does it represent that it has made any
900 effort to identify any such rights. Information on the IETF's
901 procedures with respect to rights in standards-track and standards-
902
903
904
905 M. Meredith et al. Expires December 2001 [Page 15]
906
907
908
909
910
911 INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001
912
913
914 related documentation can be found in BCP-11. Copies of claims of
915 rights made available for publication and any assurances of licenses to
916 be made available, or the result of an attempt made to obtain a general
917 license or permission for the use of such proprietary rights by
918 implementors or users of this specification can be obtained from the
919 IETF Secretariat.
920
921 The IETF invites any interested party to bring to its attention any
922 copyrights, patents or patent applications, or other proprietary rights
923 which may cover technology that may be required to practice this
924 standard. Please address the information to the IETF Executive
925 Director.
926
927 11. Full Copyright Statement
928
929 Copyright (C) The Internet Society (2001). All Rights Reserved.
930
931 This document and translations of it may be copied and furnished to
932 others, and derivative works that comment on or otherwise explain it or
933 assist in its implementation may be prepared, copied, published and
934 distributed, in whole or in part, without restriction of any kind,
935 provided that the above copyright notice and this paragraph are included
936 on all such copies and derivative works. However, this document itself
937 may not be modified in any way, such as by removing the copyright notice
938 or references to the Internet Society or other Internet organizations,
939 except as needed for the purpose of developing Internet standards in
940 which case the procedures for copyrights defined in the Internet
941 Standards process must be followed, or as required to translate it into
942 languages other than English.
943
944 The limited permissions granted above are perpetual and will not be
945 revoked by the Internet Society or its successors or assigns.
946
947 This document and the information contained herein is provided on an "AS
948 IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK
949 FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT
950 LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT
951 INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR
952 FITNESS FOR A PARTICULAR PURPOSE.
953
954 12. References
955
956 [RFC2131] Droms, R., "Dynamic Host Configuration Protocol", RFC 2131,
957 March 1997.
958
959 [RFC2132] Alexander, S., Droms, R., "DHCP Options and BOOTP Vendor
960 Extensions", RFC 2132, March 1997.
961
962
963
964
965 M. Meredith et al. Expires December 2001 [Page 16]
966
967
968
969
970
971 INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001
972
973
974 [MSDHCP] Gu, Y., Vyaghrapuri, R., "An LDAP Schema for Dynamic Host
975 Configuration Protocol Service", Internet Draft <draft-gu-dhcp-ldap-
976 schema-00.txt>, August 1998.
977
978 [NOVDHCP] Miller, T., Patel, A., Rao, P., "Lightweight Directory Access
979 Protocol (v3): Schema for Dynamic Host Configuration Protocol (DHCP)",
980 Internet Draft <draft-miller-dhcp-ldap-schema-00.txt>, June 1998.
981
982 [FAILOVR] Droms, R., Rabil, G., Dooley, M., Kapur, A., Gonczi, S., Volz,
983 B., "DHCP Failover Protocol", Internet Draft <draft-ietf-dhc-
984 failover-08.txt>, July 2000.
985
986 [RFC 3074] Volz B., Gonczi S., Lemon T., Stevens R., "DHC Load Balancing
987 Algorithm", February 2001
988
989 [AGENT] Patrick, M., "DHCP Relay Agent Information Option", Internet
990 Draft <draft-ietf-dhc-agent-options-09.txt>, March 2000.
991
992 [DHCPOPT] Carney, M., "New Option Review Guidelines and Additional
993 Option Namespace", Internet Draft <draft-ietf-dhc-
994 option_review_and_namespace-01.txt>, October 1999.
995
996 [POLICY] Strassner, J., Elleson, E., Moore, B., "Policy Framework LDAP
997 Core Schema", Internet Draft <draft-ietf-policy-core-schema-06.txt>,
998 November 1999.
999
1000 [RFC2251] Wahl, M., Howes, T., Kille, S., "Lightweight Directory Access
1001 Protocol (v3)", RFC 2251, December 1997.
1002
1003 [RFC2252] Wahl, M., Coulbeck, A., Howes, T., Kille, S., "Lightweight
1004 Directory Access Protocol (v3) Attribute Syntax Definitions", RFC 2252,
1005 December 1997.
1006
1007 [RFC2255] Howes, T., Smith, M., "The LDAP URL Format", RFC 2255,
1008 December 1997.
1009
1010 [RFC951] Croft, B., Gilmore, J., "Bootstrap Protocol (BOOTP)", RFC 951,
1011 September 1985.
1012
1013 [RFC2119] Bradner, S. "Key words for use in RFCs to Indicate Requirement
1014 Levels", RFC 2119, March 1997.
1015
1016 13. Acknowledgments
1017
1018 This work is partially based on a previous draft draft-ietf-dhc-
1019 schema-02.doc.
1020
1021
1022
1023
1024
1025 M. Meredith et al. Expires December 2001 [Page 17]
1026
1027
1028
1029
1030
1031 INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001
1032
1033
1034 14. Author's Addresses
1035
1036 Comments regarding this draft may be sent to the authors at the
1037 following address:
1038
1039 Mark Meredith
1040 Mark Hinckley
1041 Novell Inc.
1042 1800 S. Novell Place
1043 Provo, Utah 84606
1044
1045 Vijay K. Nanjundaswamy
1046 Novell Software Development (I) Ltd
1047 49/1 & 49/3, Garvebhavi Palya,
1048 7th Mile, Hosur Road
1049 Bangalore 560068
1050
1051 email: mark_meredith@novell.com
1052 email: knvijay@novell.com
1053 email: mhinckley@novell.com
1054
1055 This Internet Draft expires December 16, 2001.
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
1082
1083
1084
1085 M. Meredith et al. Expires December 2001 [Page 18]
1086
1087
1088
1089

Properties

Name Value
svn:eol-style native

  ViewVC Help
Powered by ViewVC 1.1.30