1 |
dmorgan |
16733 |
|
2 |
|
|
|
3 |
|
|
|
4 |
|
|
|
5 |
|
|
|
6 |
|
|
Network Working Group M. Meredith, |
7 |
|
|
Internet Draft V. Nanjundaswamy, |
8 |
|
|
Document: <draft-ietf-dhc-ldap-schema-00.txt> M. Hinckley |
9 |
|
|
Category: Proposed Standard Novell Inc. |
10 |
|
|
Expires: 15th December 2001 16th June 2001 |
11 |
|
|
|
12 |
|
|
|
13 |
|
|
LDAP Schema for DHCP |
14 |
|
|
|
15 |
|
|
Status of this Memo |
16 |
|
|
|
17 |
|
|
This document is an Internet-Draft and is in full conformance with all |
18 |
|
|
provisions of Section 10 of RFC2026 [ ]. |
19 |
|
|
|
20 |
|
|
Internet-Drafts are working documents of the Internet Engineering Task |
21 |
|
|
Force (IETF), its areas, and its working groups. Note that other groups |
22 |
|
|
may also distribute working documents as Internet-Drafts. Internet- |
23 |
|
|
Drafts are draft documents valid for a maximum of six months and may be |
24 |
|
|
updated, replaced, or obsolete by other documents at any time. It is |
25 |
|
|
inappropriate to use Internet-Drafts as reference material or to cite |
26 |
|
|
them other than as "work in progress." The list of current Internet- |
27 |
|
|
Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt The |
28 |
|
|
list of Internet-Draft Shadow Directories can be accessed at |
29 |
|
|
http://www.ietf.org/shadow.html. |
30 |
|
|
|
31 |
|
|
1. Abstract |
32 |
|
|
|
33 |
|
|
This document defines a schema for representing DHCP configuration in an |
34 |
|
|
LDAP directory. It can be used to represent the DHCP Service |
35 |
|
|
configuration(s) for an entire enterprise network, a subset of the |
36 |
|
|
network, or even a single server. Representing DHCP configuration in an |
37 |
|
|
LDAP directory enables centralized management of DHCP services offered |
38 |
|
|
by one or more DHCP Servers within the enterprise. |
39 |
|
|
|
40 |
|
|
2. Conventions used in this document |
41 |
|
|
|
42 |
|
|
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", |
43 |
|
|
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this |
44 |
|
|
document are to be interpreted as described in RFC-2119 [ ]. |
45 |
|
|
|
46 |
|
|
In places where different sets of terminology are commonly used to |
47 |
|
|
represent similar DHCP concepts, this schema uses the terminology of the |
48 |
|
|
Internet Software Consortium's DHCP server reference implementation. |
49 |
|
|
For more information see www.isc.org. |
50 |
|
|
|
51 |
|
|
3. Design Considerations |
52 |
|
|
|
53 |
|
|
The DHCP LDAP schema is designed to be a simple multi-server schema. The |
54 |
|
|
|
55 |
|
|
|
56 |
|
|
|
57 |
|
|
M. Meredith et al. Expires December 2001 [Page 1] |
58 |
|
|
|
59 |
|
|
|
60 |
|
|
|
61 |
|
|
|
62 |
|
|
|
63 |
|
|
INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001 |
64 |
|
|
|
65 |
|
|
|
66 |
|
|
intent of this schema is to provide a basic framework for representing |
67 |
|
|
the most common elements used in the configuration of DHCP Server. This |
68 |
|
|
should allow other network services to obtain and use basic DHCP |
69 |
|
|
configuration information in a server-independent but knowledgeable way. |
70 |
|
|
|
71 |
|
|
It is expected that some implementations may need to extend the schema |
72 |
|
|
objects, in order to implement all of their features or needs. It is |
73 |
|
|
recommended that you use the schema defined in this draft to represent |
74 |
|
|
DHCP configuration information in an LDAP directory. Conforming to a |
75 |
|
|
standard schema improves interoperability between DHCP implementations |
76 |
|
|
from different vendors. |
77 |
|
|
|
78 |
|
|
Some implementations may choose not to support all of the objects |
79 |
|
|
defined here. |
80 |
|
|
|
81 |
|
|
Two decisions are explicitly left up to each implementation: |
82 |
|
|
|
83 |
|
|
First, implementations may choose not to store the lease information in |
84 |
|
|
the directory, so those objects would not be used. |
85 |
|
|
|
86 |
|
|
Second, implementations may choose not to implement the auditing |
87 |
|
|
information. |
88 |
|
|
|
89 |
|
|
It is up to the implementation to determine if the data in the directory |
90 |
|
|
is considered "authoritative", or if it is simply a copy of data from an |
91 |
|
|
authoritative source. Validity of the information if used as a copy is |
92 |
|
|
to be ensured by the implementation. |
93 |
|
|
|
94 |
|
|
Primarily two types of applications will use the information in this |
95 |
|
|
schema: 1. DHCP servers (for loading their configuration) 2. Management |
96 |
|
|
Interfaces (for defining/editing configurations). |
97 |
|
|
|
98 |
|
|
The schema should be efficient for the needs of both types of |
99 |
|
|
applications. The schema is designed to allow objects managed by DHCP |
100 |
|
|
(such as computers, subnets, etc) to be present anywhere in a directory |
101 |
|
|
hierarchy (to allow those objects to be placed in the directory for |
102 |
|
|
managing administrative control and access to the objects). |
103 |
|
|
|
104 |
|
|
The schema uses a few naming conventions - all object classes and |
105 |
|
|
attributes are prefixed with "dhcp" to decrease the chance that object |
106 |
|
|
classes and attributes will have the same name. The schema also uses |
107 |
|
|
standard naming attributes ("cn", "ou", etc) for all objects. |
108 |
|
|
|
109 |
|
|
4. Common DHCP Configuration Attributes |
110 |
|
|
|
111 |
|
|
Although DHCP manages several different types of objects, the |
112 |
|
|
configuration of those objects is often similar. Consequently, most of |
113 |
|
|
these objects have a common set of attributes, which are defined below. |
114 |
|
|
|
115 |
|
|
|
116 |
|
|
|
117 |
|
|
M. Meredith et al. Expires December 2001 [Page 2] |
118 |
|
|
|
119 |
|
|
|
120 |
|
|
|
121 |
|
|
|
122 |
|
|
|
123 |
|
|
INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001 |
124 |
|
|
|
125 |
|
|
|
126 |
|
|
4.1. Attributes Definitions |
127 |
|
|
|
128 |
|
|
The schema definitions listed below are for readability. The LDIF |
129 |
|
|
layout for this schema will follow in section 8. |
130 |
|
|
|
131 |
|
|
Name: dhcpPrimaryDN Description: The Distinguished Name of the |
132 |
|
|
dhcpServer object, which is the primary server for the configuration. |
133 |
|
|
Syntax: DN Flags: SINGLE-VALUE |
134 |
|
|
|
135 |
|
|
Named: dhcpSecondaryDN Description: The Distinguished Name(s) of the |
136 |
|
|
dhcpServer object(s), which are secondary servers for the configuration. |
137 |
|
|
Syntax: DN |
138 |
|
|
|
139 |
|
|
Name: dhcpStatements Description: Flexible storage for representing any |
140 |
|
|
specific data depending on the object to which it is attached. Examples |
141 |
|
|
include conditional statements, Server parameters, etc. This also |
142 |
|
|
serves as a 'catch-all' attribute that allows the standard to evolve |
143 |
|
|
without needing to update the schema. Syntax: IA5String |
144 |
|
|
|
145 |
|
|
Name: dhcpRange Description: The starting and ending IP Addresses in the |
146 |
|
|
range (inclusive), separated by a hyphen; if the range only contains one |
147 |
|
|
address, then just the address can be specified with no hyphen. Each |
148 |
|
|
range is defined as a separate value. Syntax: IA5String |
149 |
|
|
|
150 |
|
|
Name: dhcpPermitList Description: This attribute contains the permit |
151 |
|
|
lists associated with a pool. Each permit list is defined as a separate |
152 |
|
|
value. Syntax: IA5String |
153 |
|
|
|
154 |
|
|
Name: dhcpNetMask Description: The subnet mask length for the subnet. |
155 |
|
|
The mask can be easily computed from this length. Syntax: Integer |
156 |
|
|
Flags: SINGLE-VALUE |
157 |
|
|
|
158 |
|
|
Name: dhcpOption Description: Encoded option values to be sent to |
159 |
|
|
clients. Each value represents a single option and contains (OptionTag, |
160 |
|
|
Length, OptionData) encoded in the format used by DHCP. For more |
161 |
|
|
information see [DHCPOPT]. Syntax: OctetString |
162 |
|
|
|
163 |
|
|
Name: dhcpClassData Description: Encoded text string or list of bytes |
164 |
|
|
expressed in hexadecimal, separated by colons. Clients match subclasses |
165 |
|
|
based on matching the class data with the results of a 'match' or 'spawn |
166 |
|
|
with' statement in the class name declarations. Syntax: IA5String |
167 |
|
|
Flags: SINGLE-VALUE |
168 |
|
|
|
169 |
|
|
Name: dhcpSubclassesDN Description: List of subclasses, these are the |
170 |
|
|
actual DN of each subclass object. Syntax: DN |
171 |
|
|
|
172 |
|
|
Name: dhcpClassesDN Description: List of classes, these are the actual |
173 |
|
|
DN of each class object. Syntax: DN |
174 |
|
|
|
175 |
|
|
|
176 |
|
|
|
177 |
|
|
M. Meredith et al. Expires December 2001 [Page 3] |
178 |
|
|
|
179 |
|
|
|
180 |
|
|
|
181 |
|
|
|
182 |
|
|
|
183 |
|
|
INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001 |
184 |
|
|
|
185 |
|
|
|
186 |
|
|
Name: dhcpSubnetDN Description: List of subnets, these are the actual DN |
187 |
|
|
of each subnet object. Syntax: DN |
188 |
|
|
|
189 |
|
|
Name: dhcpPoolDN Description: List of pools, these are the actual DN of |
190 |
|
|
each Pool object. Syntax: DN |
191 |
|
|
|
192 |
|
|
Name: dhcpOptionsDN Description: List of options, these are the actual |
193 |
|
|
DN of each Options object. Syntax: DN |
194 |
|
|
|
195 |
|
|
Name: dhcpHostDN Description: List of hosts, these are the actual DN of |
196 |
|
|
each host object. Syntax: DN |
197 |
|
|
|
198 |
|
|
Name: dhcpSharedNetworkDN Description: List of shared networks, these |
199 |
|
|
are the actual DN of each shared network object. Syntax: DN |
200 |
|
|
|
201 |
|
|
Name: dhcpGroupDN Description: List of groups, these are the actual DN |
202 |
|
|
of each Group object. Syntax: DN |
203 |
|
|
|
204 |
|
|
Name: dhcpLeaseDN Description: Single Lease DN. A dhcpHost configuration |
205 |
|
|
uses this attribute to identify a static IP address assignment. Syntax: |
206 |
|
|
DN Flags: SINGLE-VALUE |
207 |
|
|
|
208 |
|
|
Name: dhcpLeasesDN Description: List of leases, these are the actual DN |
209 |
|
|
of each lease object. Syntax: DN |
210 |
|
|
|
211 |
|
|
Name: dhcpServiceDN Description: The DN of dhcpService object(s)which |
212 |
|
|
contain the configuration information. Each dhcpServer object has this |
213 |
|
|
attribute identifying the DHCP configuration(s) that the server is |
214 |
|
|
associated with. Syntax: DN |
215 |
|
|
|
216 |
|
|
Name: dhcpHWAddress Description: The hardware address of the client |
217 |
|
|
associated with a lease Syntax: OctetString Flags: SINGLE-VALUE |
218 |
|
|
|
219 |
|
|
Name: dhcpVersion Description: This is the version identified for the |
220 |
|
|
object that this attribute is part of. In case of the dhcpServer object, |
221 |
|
|
this represents the DHCP software version. Syntax: IA5String Flags: |
222 |
|
|
SINGLE-VALUE |
223 |
|
|
|
224 |
|
|
Name: dhcpImplementation Description: DHCP Server implementation |
225 |
|
|
description e.g. DHCP Vendor information. Syntax: IA5String Flags: |
226 |
|
|
SINGLE-VALUE |
227 |
|
|
|
228 |
|
|
Name: dhcpHashBucketAssignment Description: HashBucketAssignment bit map |
229 |
|
|
for the DHCP Server, as defined in DHC Load Balancing Algorithm [RFC |
230 |
|
|
3074]. Syntax: Octet String Flags: SINGLE-VALUE |
231 |
|
|
|
232 |
|
|
Name: dhcpDelayedServiceParameter Description: Delay in seconds |
233 |
|
|
corresponding to Delayed Service Parameter configuration, as defined in |
234 |
|
|
|
235 |
|
|
|
236 |
|
|
|
237 |
|
|
M. Meredith et al. Expires December 2001 [Page 4] |
238 |
|
|
|
239 |
|
|
|
240 |
|
|
|
241 |
|
|
|
242 |
|
|
|
243 |
|
|
INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001 |
244 |
|
|
|
245 |
|
|
|
246 |
|
|
DHC Load Balancing Algorithm [RFC 3074]. Syntax: Integer Flags: SINGLE- |
247 |
|
|
VALUE |
248 |
|
|
|
249 |
|
|
Name: dhcpMaxClientLeadTime Description: Maximum Client Lead Time |
250 |
|
|
configuration in seconds, as defined in DHCP Failover Protocol [FAILOVR] |
251 |
|
|
Syntax: Integer Flags: SINGLE-VALUE |
252 |
|
|
|
253 |
|
|
Name: dhcpFailOverEndpointState Description: Server (Failover Endpoint) |
254 |
|
|
state, as defined in DHCP Failover Protocol [FAILOVR] Syntax: IA5String |
255 |
|
|
Flags: SINGLE-VALUE |
256 |
|
|
|
257 |
|
|
5. Configurations and Services |
258 |
|
|
|
259 |
|
|
The schema definitions below are for readability the LDIF layout for |
260 |
|
|
this schema will follow in section 8. |
261 |
|
|
|
262 |
|
|
The DHC working group is currently considering several proposals for |
263 |
|
|
fail-over and redundancy of DHCP servers. These may require sharing of |
264 |
|
|
configuration information between servers. This schema provides a |
265 |
|
|
generalized mechanism for supporting any of these proposals, by |
266 |
|
|
separating the definition of a server from the definition of |
267 |
|
|
configuration service provided by the server. |
268 |
|
|
|
269 |
|
|
Separating the DHCP Server (dhcpServer) and the DHCP Configuration |
270 |
|
|
(dhcpService) representations allows a configuration service to be |
271 |
|
|
provided by one or more servers. Similarly, a server may provide one or |
272 |
|
|
more configurations. The schema allows a server to be configured as |
273 |
|
|
either a primary or secondary provider of a DHCP configuration. |
274 |
|
|
|
275 |
|
|
Configurations are also defined so that one configuration can include |
276 |
|
|
some of the objects that are defined in another configuration. This |
277 |
|
|
allows for sharing and/or a hierarchy of related configuration items. |
278 |
|
|
|
279 |
|
|
Name: dhcpService Description: Service object that represents the |
280 |
|
|
actual DHCP Service configuration. This will be a container with the |
281 |
|
|
following attributes. Must: cn, dhcpPrimaryDN May: dhcpSecondaryDN, |
282 |
|
|
dhcpSharedNetworkDN, dhcpSubnetDN, dhcpGroupDN, dhcpHostDN, |
283 |
|
|
dhcpClassesDN, dhcpOptionsDN, dhcpStatements |
284 |
|
|
|
285 |
|
|
The following objects could exist inside the dhcpService container: |
286 |
|
|
dhcpSharedNetwork, dhcpSubnet, dhcpGroup, dhcpHost, dhcpClass, |
287 |
|
|
dhcpOptions, dhcpLog |
288 |
|
|
|
289 |
|
|
Name: dhcpServer Description: Server object that the DHCP server will |
290 |
|
|
login as. The configuration information is in the dhcpService container |
291 |
|
|
that the dhcpServiceDN points to. Must: cn, dhcpServiceDN May: |
292 |
|
|
dhcpVersion, dhcpImplementation, dhcpHashBucketAssignment, |
293 |
|
|
dhcpDelayedServiceParameter, dhcpMaxClientLeadTime, |
294 |
|
|
|
295 |
|
|
|
296 |
|
|
|
297 |
|
|
M. Meredith et al. Expires December 2001 [Page 5] |
298 |
|
|
|
299 |
|
|
|
300 |
|
|
|
301 |
|
|
|
302 |
|
|
|
303 |
|
|
INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001 |
304 |
|
|
dhcpFailOverEndpointState, dhcpStatements |
305 |
|
|
|
306 |
|
|
5.1. DHCP Declaration related classes: |
307 |
|
|
|
308 |
|
|
Name: dhcpSharedNetwork Description: Shared Network class will list what |
309 |
|
|
pools and subnets are in this network. |
310 |
|
|
|
311 |
|
|
This will be a container with the following attributes. Must: cn May: |
312 |
|
|
dhcpSubnetDN, dhcpPoolDN, dhcpOptionsDN, dhcpStatements |
313 |
|
|
|
314 |
|
|
The following objects can exist within a dhcpSharedNetwork container: |
315 |
|
|
dhcpSubnet, dhcpPool, dhcpOptions, dhcpLog |
316 |
|
|
|
317 |
|
|
Name: dhcpSubnet Description: Subnet object will include configuration |
318 |
|
|
information associated with a subnet, including a range and a net mask. |
319 |
|
|
|
320 |
|
|
This will be a container with the following attributes. Must: cn |
321 |
|
|
(Subnet address), dhcpNetMask May: dhcpRange, dhcpPoolDN, dhcpGroupDN, |
322 |
|
|
dhcpHostDN, dhcpClassesDN, dhcpLeasesDN, dhcpOptionsDN, dhcpStatements |
323 |
|
|
|
324 |
|
|
The following objects can exist within a dhcpSubnet container: dhcpPool, |
325 |
|
|
dhcpGroup, dhcpHost, dhcpClass, dhcpOptions, dhcpLease, dhcpLog |
326 |
|
|
|
327 |
|
|
Name: dhcpGroup Description: Group object will have configuration |
328 |
|
|
information associated with a group. |
329 |
|
|
|
330 |
|
|
This will be a container with the following attributes. Must: cn May: |
331 |
|
|
dhcpHostDN, dhcpOptionsDN, dhcpStatements |
332 |
|
|
|
333 |
|
|
The following objects can exist within a dhcpGroup container: dhcpHost, |
334 |
|
|
dhcpOptions |
335 |
|
|
|
336 |
|
|
Name: dhcpHost Description: The host object includes DHCP host |
337 |
|
|
declarations to assign a static IP address or declare the client as |
338 |
|
|
known or specify statements for a specific client. Must: cn May: |
339 |
|
|
dhcpLeaseDN, dhcpHWAddress, dhcpOptionsDN, dhcpStatements |
340 |
|
|
|
341 |
|
|
The following objects can exist within a dhcpHost container: dhcpLease, |
342 |
|
|
dhcpOptions |
343 |
|
|
|
344 |
|
|
Name: dhcpOptions Description: The options class is for option space |
345 |
|
|
declarations, it contains a list of options. Must: cn, dhcpOption |
346 |
|
|
|
347 |
|
|
Name: dhcpClass Description: This is a class to group clients together |
348 |
|
|
based on matching rules. |
349 |
|
|
|
350 |
|
|
This will be a container with the following attributes. Must: cn May: |
351 |
|
|
dhcpSubClassesDN, dhcpOptionsDN, dhcpStatements |
352 |
|
|
|
353 |
|
|
The following object can exist within a dhcpClass container: |
354 |
|
|
dhcpSubclass, dhcpOptions |
355 |
|
|
|
356 |
|
|
|
357 |
|
|
|
358 |
|
|
M. Meredith et al. Expires December 2001 [Page 6] |
359 |
|
|
|
360 |
|
|
|
361 |
|
|
|
362 |
|
|
|
363 |
|
|
|
364 |
|
|
INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001 |
365 |
|
|
|
366 |
|
|
|
367 |
|
|
Name: dhcpSubClass Description: This includes configuration information |
368 |
|
|
for a subclass associated with a class. The dhcpSubClass object will |
369 |
|
|
always be contained within the corresponding class container object. |
370 |
|
|
Must: cn May: dhcpClassData, dhcpOptionsDN, dhcpStatements |
371 |
|
|
|
372 |
|
|
Name: dhcpPool Description: This contains configuration for a pool that |
373 |
|
|
will have the range of addresses, permit lists and point to classes and |
374 |
|
|
leases that are members of this pool. |
375 |
|
|
|
376 |
|
|
This will be a container that could be contained by dhcpSubnet or a |
377 |
|
|
dhcpSharedNetwork. Must: cn, dhcpRange May: dhcpClassesDN, |
378 |
|
|
dhcpPermitList, dhcpLeasesDN, dhcpOptionsDN, dhcpStatements |
379 |
|
|
|
380 |
|
|
The following objects can exist within a dhcpPool container: dhcpClass, |
381 |
|
|
dhcpOptions, dhcpLease, dhcpLog |
382 |
|
|
|
383 |
|
|
6. Tracking Address Assignments |
384 |
|
|
|
385 |
|
|
The behavior of a DHCP server is influenced by two factors - it's |
386 |
|
|
configuration and the current state of the addresses that have been |
387 |
|
|
assigned to clients. This schema defines a set of objects for |
388 |
|
|
representing the DHCP configuration associated with a server. The |
389 |
|
|
following object classes provide the ability to record how addresses are |
390 |
|
|
used including maintaining history (audit log) on individual leases. |
391 |
|
|
Recording lease information in a directory could result in a significant |
392 |
|
|
performance impact and is therefore optional. Implementations supporting |
393 |
|
|
logging of leases need to consider the performance impact. |
394 |
|
|
|
395 |
|
|
6.1. dhcpLeases Attribute Definitions |
396 |
|
|
|
397 |
|
|
The schema definitions below are for readability the LDIF layout for |
398 |
|
|
this schema will follow in section 8. |
399 |
|
|
|
400 |
|
|
Name: dhcpAddressState Description: This stores information about the |
401 |
|
|
current binding-status of an address. For dynamic addresses managed by |
402 |
|
|
DHCP, the values should be restricted to the states defined in the DHCP |
403 |
|
|
Failover Protocol draft [FAILOVR]: 'FREE', 'ACTIVE', 'EXPIRED', |
404 |
|
|
'RELEASED', 'RESET', 'ABANDONED', 'BACKUP'. For more information on |
405 |
|
|
these states see [FAILOVR]. For other addresses, it SHOULD be one of |
406 |
|
|
the following: 'UNKNOWN', 'RESERVED' (an address that is managed by DHCP |
407 |
|
|
that is reserved for a specific client), 'RESERVED-ACTIVE' (same as |
408 |
|
|
reserved, but address is currently in use), 'ASSIGNED' (assigned |
409 |
|
|
manually or by some other mechanism), 'UNASSIGNED', 'NOTASSIGNABLE'. |
410 |
|
|
Syntax: IA5String Flags: SINGLE-VALUE |
411 |
|
|
|
412 |
|
|
Name: dhcpExpirationTime Description: This is the time the current lease |
413 |
|
|
for an address expires. Syntax: DateTime Flags: SINGLE-VALUE |
414 |
|
|
|
415 |
|
|
|
416 |
|
|
|
417 |
|
|
|
418 |
|
|
M. Meredith et al. Expires December 2001 [Page 7] |
419 |
|
|
|
420 |
|
|
|
421 |
|
|
|
422 |
|
|
|
423 |
|
|
|
424 |
|
|
INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001 |
425 |
|
|
|
426 |
|
|
|
427 |
|
|
Name: dhcpStartTimeOfState Description: This is the time of the last |
428 |
|
|
state change for a leased address. Syntax: DateTime Flags: SINGLE-VALUE |
429 |
|
|
|
430 |
|
|
Name: dhcpLastTransactionTime Description: This is the last time a valid |
431 |
|
|
DHCP packet was received from the client. Syntax: DateTime Flags: |
432 |
|
|
SINGLE-VALUE |
433 |
|
|
|
434 |
|
|
Name: dhcpBootpFlag Description: This indicates whether the address was |
435 |
|
|
assigned via BOOTP Syntax: Boolean Flags: SINGLE-VALUE |
436 |
|
|
|
437 |
|
|
Name: dhcpDomainName Description: This is the name of the domain sent to |
438 |
|
|
the client by the server. It is essentially the same as the value for |
439 |
|
|
DHCP option 15 sent to the client, and represents only the domain - not |
440 |
|
|
the full FQDN. To obtain the full FQDN assigned to the client you must |
441 |
|
|
prepend the "dhcpAssignedHostName" to this value with a ".". Syntax: |
442 |
|
|
IA5String Flags: SINGLE-VALUE |
443 |
|
|
|
444 |
|
|
Name: dhcpDnsStatus Description: This indicates the status of updating |
445 |
|
|
DNS resource records on behalf of the client by the DHCP server for this |
446 |
|
|
address. The value is a 16-bit bitmask that has the same values as |
447 |
|
|
specified by the Failover-DDNS option (see [FAILOVR]). Syntax: Integer |
448 |
|
|
Flags: SINGLE-VALUE |
449 |
|
|
|
450 |
|
|
Name: dhcpRequestedHostName Description: This is the hostname that was |
451 |
|
|
requested by the client. Syntax: IA5String Flags: SINGLE-VALUE |
452 |
|
|
|
453 |
|
|
Name: dhcpAssignedHostName Description: This is the actual hostname that |
454 |
|
|
was assigned to a client. It may not be the name that was requested by |
455 |
|
|
the client. The fully qualified domain name can be determined by |
456 |
|
|
appending the value of "dhcpDomainName" (with a dot separator) to this |
457 |
|
|
name. Syntax: IA5String Flags: SINGLE-VALUE |
458 |
|
|
|
459 |
|
|
Name: dhcpReservedForClient Description: This is the distinguished name |
460 |
|
|
of the "dhcpHost" that an address is reserved for. This may not be the |
461 |
|
|
same as the "dhcpAssignedToClient" attribute if the address is being |
462 |
|
|
reassigned but the current lease has not yet expired. Syntax: DN Flags: |
463 |
|
|
SINGLE-VALUE |
464 |
|
|
|
465 |
|
|
Name: dhcpAssignedToClient Description: This is the distinguished name |
466 |
|
|
of a "dhcpHost" that an address is currently assigned to. This |
467 |
|
|
attribute is only present in the class when the address is leased. |
468 |
|
|
Syntax: DN Flags: SINGLE-VALUE |
469 |
|
|
|
470 |
|
|
Name: dhcpRelayAgentInfo Description: If the client request was received |
471 |
|
|
via a relay agent, this contains information about the relay agent that |
472 |
|
|
was available from the DHCP request. This is a hex-encoded option |
473 |
|
|
value. Syntax: OctetString Flags: SINGLE-VALUE |
474 |
|
|
|
475 |
|
|
Name: dhcpErrorLog Description: Generic error log attribute that allows |
476 |
|
|
logging error conditions within a dhcpService or a dhcpSubnet, like no IP |
477 |
|
|
addresses available for lease. Syntax: IA5String |
478 |
|
|
|
479 |
|
|
M. Meredith et al. Expires December 2001 [Page 8] |
480 |
|
|
|
481 |
|
|
|
482 |
|
|
|
483 |
|
|
|
484 |
|
|
|
485 |
|
|
INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001 |
486 |
|
|
|
487 |
|
|
|
488 |
|
|
6.2. dhcpLeases Object Class |
489 |
|
|
|
490 |
|
|
This class represents an IP address. It may or may not be leaseable, |
491 |
|
|
and the object may exist even though a lease is not currently active for |
492 |
|
|
the associated IP address. |
493 |
|
|
|
494 |
|
|
It is recommended that all Lease objects for a single DHCP Service be |
495 |
|
|
centrally located within a single container. This ensures that the lease |
496 |
|
|
objects and the corresponding logs do not have to be relocated, when |
497 |
|
|
address ranges allocated to individual DHCP subnets and/or pools change. |
498 |
|
|
|
499 |
|
|
The schema definitions below are for readability the LDIF layout for |
500 |
|
|
this schema will follow in section 8. |
501 |
|
|
|
502 |
|
|
Name: dhcpLeases Description: This is the object that holds state |
503 |
|
|
information about an IP address. The cn (which is the IP address), and |
504 |
|
|
the current address-state are mandatory attributes. If the address is |
505 |
|
|
assigned then, some of the optional attributes will have valid data. |
506 |
|
|
Must: cn, dhcpAddressState May: dhcpExpirationTime, |
507 |
|
|
dhcpStartTimeOfState, dhcpLastTransactionTime, dhcpBootpFlag, |
508 |
|
|
dhcpDomainName, dhcpDnsStatus, dhcpRequestedHostName, |
509 |
|
|
dhcpAssignedHostName, dhcpReservedForClient, dhcpAssignedToClient, |
510 |
|
|
dhcpRelayAgentInfo, dhcpHWAddress |
511 |
|
|
|
512 |
|
|
6.3 Audit Log Information |
513 |
|
|
|
514 |
|
|
A dhcpLog object is created whenever a lease is assigned or released. |
515 |
|
|
This object is intended to be created under the corresponding dhcpLeases |
516 |
|
|
container, or dhcpPool, dhcpSubnet, dhcpSharedNetwork or dhcpService |
517 |
|
|
containers. |
518 |
|
|
|
519 |
|
|
The log information under the dhcpLeases container would be for |
520 |
|
|
addresses matching that lease information. The log information in the |
521 |
|
|
other containers could be used for errors, i.e. when a pool or subnet is |
522 |
|
|
out our addresses or if a server is not able to assign any more |
523 |
|
|
addresses for a particular dhcpService. |
524 |
|
|
|
525 |
|
|
Name: dhcpLog Description: This is the object that holds past |
526 |
|
|
information about an IP address. The cn is the time/date stamp when the |
527 |
|
|
address was assigned or released, the address state at the time, if the |
528 |
|
|
address was assigned or released. Must: cn May: dhcpAddressState, |
529 |
|
|
dhcpExpirationTime, dhcpStartTimeOfState, dhcpLastTransactionTime, |
530 |
|
|
dhcpBootpFlag, dhcpDomainName, dhcpDnsStatus, dhcpRequestedHostName, |
531 |
|
|
dhcpAssignedHostName, dhcpReservedForClient, dhcpAssignedToClient, |
532 |
|
|
dhcpRelayAgentInfo, dhcpHWAddress, dhcpErrorLog |
533 |
|
|
|
534 |
|
|
|
535 |
|
|
|
536 |
|
|
|
537 |
|
|
|
538 |
|
|
|
539 |
|
|
M. Meredith et al. Expires December 2001 [Page 9] |
540 |
|
|
|
541 |
|
|
|
542 |
|
|
|
543 |
|
|
|
544 |
|
|
|
545 |
|
|
INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001 |
546 |
|
|
|
547 |
|
|
|
548 |
|
|
7. Determining settings |
549 |
|
|
|
550 |
|
|
The dhcpStatements attribute is the key to DHC enhancements that may |
551 |
|
|
come along, and the different key words that a particular server |
552 |
|
|
implementation may use. This attribute can be used to hold conditional |
553 |
|
|
DHCP Statements and DHCP server parameters. Having a generic settings |
554 |
|
|
attribute that is just a string, allows this schema to be extensible and |
555 |
|
|
easy to configure. |
556 |
|
|
|
557 |
|
|
All of the attributes that end with DN are references to the class that |
558 |
|
|
precedes the DN e.g. the dhcpPrimaryDN and dhcpSecondaryDN attributes |
559 |
|
|
hold the Distinguished Names of the dhcpServer objects that are |
560 |
|
|
associated with the dhcpService object. |
561 |
|
|
|
562 |
|
|
8. LDIF format for attributes and classes. |
563 |
|
|
|
564 |
|
|
# Attributes |
565 |
|
|
|
566 |
|
|
( 2.16.840.1.113719.1.203.4.1 NAME 'dhcpPrimaryDN' DESC |
567 |
|
|
'The DN of the dhcpServer which is the primary server for the |
568 |
|
|
configuration.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE ) |
569 |
|
|
|
570 |
|
|
( 2.16.840.1.113719.1.203.4.2 NAME 'dhcpSecondaryDN' DESC 'The DN of |
571 |
|
|
dhcpServer(s) which provide backup service for the configuration.' |
572 |
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) |
573 |
|
|
|
574 |
|
|
( 2.16.840.1.113719.1.203.4.3 NAME 'dhcpStatements' DESC 'Flexible |
575 |
|
|
storage for specific data depending on what object this exists in. Like |
576 |
|
|
conditional statements, server parameters, etc. This allows the standard |
577 |
|
|
to evolve without needing to adjust the schema.' SYNTAX |
578 |
|
|
1.3.6.1.4.1.1466.115.121.1.26 ) |
579 |
|
|
|
580 |
|
|
( 2.16.840.1.113719.1.203.4.4 NAME 'dhcpRange' DESC 'The starting & |
581 |
|
|
ending IP Addresses in the range (inclusive), separated by a hyphen; if |
582 |
|
|
the range only contains one address, then just the address can be |
583 |
|
|
specified with no hyphen. Each range is defined as a separate value.' |
584 |
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) |
585 |
|
|
|
586 |
|
|
( 2.16.840.1.113719.1.203.4.5 NAME 'dhcpPermitList' DESC 'This attribute |
587 |
|
|
contains the permit lists associated with a pool. Each permit list is |
588 |
|
|
defined as a separate value.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) |
589 |
|
|
|
590 |
|
|
( 2.16.840.1.113719.1.203.4.6 NAME 'dhcpNetMask' DESC 'The subnet mask |
591 |
|
|
length for the subnet. The mask can be easily computed from this |
592 |
|
|
length.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) |
593 |
|
|
|
594 |
|
|
( 2.16.840.1.113719.1.203.4.7 NAME 'dhcpOption' DESC 'Encoded option |
595 |
|
|
values to be sent to clients. Each value represents a single option and |
596 |
|
|
contains (OptionTag, Length, OptionValue) encoded in the format used by |
597 |
|
|
DHCP.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 ) |
598 |
|
|
|
599 |
|
|
M. Meredith et al. Expires December 2001 [Page 10] |
600 |
|
|
|
601 |
|
|
|
602 |
|
|
|
603 |
|
|
|
604 |
|
|
|
605 |
|
|
INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001 |
606 |
|
|
|
607 |
|
|
|
608 |
|
|
( 2.16.840.1.113719.1.203.4.8 NAME 'dhcpClassData' DESC 'Encoded text |
609 |
|
|
string or list of bytes expressed in hexadecimal, separated by colons. |
610 |
|
|
Clients match subclasses based on matching the class data with the |
611 |
|
|
results of match or spawn with statements in the class name |
612 |
|
|
declarations.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) |
613 |
|
|
|
614 |
|
|
( 2.16.840.1.113719.1.203.4.9 NAME 'dhcpOptionsDN' DESC 'The |
615 |
|
|
distinguished name(s) of the dhcpOption objects containing the |
616 |
|
|
configuration options provided by the server.' SYNTAX |
617 |
|
|
1.3.6.1.4.1.1466.115.121.1.12 ) |
618 |
|
|
|
619 |
|
|
( 2.16.840.1.113719.1.203.4.10 NAME 'dhcpHostDN' DESC 'the distinguished |
620 |
|
|
name(s) of the dhcpHost objects.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) |
621 |
|
|
|
622 |
|
|
( 2.16.840.1.113719.1.203.4.11 NAME 'dhcpPoolDN' DESC 'The distinguished |
623 |
|
|
name(s) of pools.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) |
624 |
|
|
|
625 |
|
|
( 2.16.840.1.113719.1.203.4.12 NAME 'dhcpGroupDN' DESC 'The |
626 |
|
|
distinguished name(s) of the groups.' SYNTAX |
627 |
|
|
1.3.6.1.4.1.1466.115.121.1.12 ) |
628 |
|
|
|
629 |
|
|
( 2.16.840.1.113719.1.203.4.13 NAME 'dhcpSubnetDN' DESC 'The |
630 |
|
|
distinguished name(s) of the subnets.' SYNTAX |
631 |
|
|
1.3.6.1.4.1.1466.115.121.1.12 ) |
632 |
|
|
|
633 |
|
|
( 2.16.840.1.113719.1.203.4.14 NAME 'dhcpLeaseDN' DESC 'The |
634 |
|
|
distinguished name of a client address.' SYNTAX |
635 |
|
|
1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE) |
636 |
|
|
|
637 |
|
|
( 2.16.840.1.113719.1.203.4.15 NAME 'dhcpLeasesDN' DESC 'The |
638 |
|
|
distinguished name(s) client addresses.' SYNTAX |
639 |
|
|
1.3.6.1.4.1.1466.115.121.1.12 ) |
640 |
|
|
|
641 |
|
|
( 2.16.840.1.113719.1.203.4.16 NAME 'dhcpClassesDN' DESC 'The |
642 |
|
|
distinguished name(s) of a class(es) in a subclass.' SYNTAX |
643 |
|
|
1.3.6.1.4.1.1466.115.121.1.12 ) |
644 |
|
|
|
645 |
|
|
( 2.16.840.1.113719.1.203.4.17 NAME 'dhcpSubclassesDN' DESC 'The |
646 |
|
|
distinguished name(s) of subclass(es).' SYNTAX |
647 |
|
|
1.3.6.1.4.1.1466.115.121.1.12 ) |
648 |
|
|
|
649 |
|
|
( 2.16.840.1.113719.1.203.4.18 NAME 'dhcpSharedNetworkDN' DESC 'The |
650 |
|
|
distinguished name(s) of sharedNetworks.' SYNTAX |
651 |
|
|
1.3.6.1.4.1.1466.115.121.1.12 ) |
652 |
|
|
|
653 |
|
|
( 2.16.840.1.113719.1.203.4.19 NAME 'dhcpServiceDN' DESC 'The DN of |
654 |
|
|
dhcpService object(s)which contain the configuration information. Each |
655 |
|
|
dhcpServer object has this attribute identifying the DHCP |
656 |
|
|
|
657 |
|
|
|
658 |
|
|
|
659 |
|
|
M. Meredith et al. Expires December 2001 [Page 11] |
660 |
|
|
|
661 |
|
|
|
662 |
|
|
|
663 |
|
|
|
664 |
|
|
|
665 |
|
|
INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001 |
666 |
|
|
|
667 |
|
|
|
668 |
|
|
configuration(s) that the server is associated with.' SYNTAX |
669 |
|
|
1.3.6.1.4.1.1466.115.121.1.12 ) |
670 |
|
|
|
671 |
|
|
( 2.16.840.1.113719.1.203.4.20 NAME 'dhcpVersion' DESC 'The version |
672 |
|
|
attribute of this object.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE- |
673 |
|
|
VALUE ) |
674 |
|
|
|
675 |
|
|
( 2.16.840.1.113719.1.203.4.21 NAME 'dhcpImplementation' DESC |
676 |
|
|
'Description of the DHCP Server implementation e.g. DHCP Server's |
677 |
|
|
vendor.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) |
678 |
|
|
|
679 |
|
|
( 2.16.840.1.113719.1.203.4.22 NAME 'dhcpAddressState' DESC 'This stores |
680 |
|
|
information about the current binding-status of an address. For dynamic |
681 |
|
|
addresses managed by DHCP, the values should be restricted to the |
682 |
|
|
following: "FREE", "ACTIVE", "EXPIRED", "RELEASED", "RESET", |
683 |
|
|
"ABANDONED", "BACKUP". For other addresses, it SHOULD be one of the |
684 |
|
|
following: "UNKNOWN", "RESERVED" (an address that is managed by DHCP |
685 |
|
|
that is reserved for a specific client), "RESERVED-ACTIVE" (same as |
686 |
|
|
reserved, but address is currently in use), "ASSIGNED" (assigned |
687 |
|
|
manually or by some other mechanism), "UNASSIGNED", "NOTASSIGNABLE".' |
688 |
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) |
689 |
|
|
|
690 |
|
|
( 2.16.840.1.113719.1.203.4.23 NAME 'dhcpExpirationTime' DESC 'This is |
691 |
|
|
the time the current lease for an address expires.' SYNTAX |
692 |
|
|
1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE ) |
693 |
|
|
|
694 |
|
|
( 2.16.840.1.113719.1.203.4.24 NAME 'dhcpStartTimeOfState' DESC 'This is |
695 |
|
|
the time of the last state change for a leased address.' SYNTAX |
696 |
|
|
1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE ) |
697 |
|
|
|
698 |
|
|
( 2.16.840.1.113719.1.203.4.25 NAME 'dhcpLastTransactionTime' DESC 'This |
699 |
|
|
is the last time a valid DHCP packet was received from the client.' |
700 |
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE ) |
701 |
|
|
|
702 |
|
|
( 2.16.840.1.113719.1.203.4.26 NAME 'dhcpBootpFlag' DESC 'This indicates |
703 |
|
|
whether the address was assigned via BOOTP.' SYNTAX |
704 |
|
|
1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE ) |
705 |
|
|
|
706 |
|
|
( 2.16.840.1.113719.1.203.4.27 NAME 'dhcpDomainName' DESC 'This is the |
707 |
|
|
name of the domain sent to the client by the server. It is essentially |
708 |
|
|
the same as the value for DHCP option 15 sent to the client, and |
709 |
|
|
represents only the domain - not the full FQDN. To obtain the full FQDN |
710 |
|
|
assigned to the client you must prepend the "dhcpAssignedHostName" to |
711 |
|
|
this value with a ".".' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE- |
712 |
|
|
VALUE ) |
713 |
|
|
|
714 |
|
|
( 2.16.840.1.113719.1.203.4.28 NAME 'dhcpDnsStatus' DESC 'This indicates |
715 |
|
|
the status of updating DNS resource records on behalf of the client by |
716 |
|
|
|
717 |
|
|
|
718 |
|
|
|
719 |
|
|
M. Meredith et al. Expires December 2001 [Page 12] |
720 |
|
|
|
721 |
|
|
|
722 |
|
|
|
723 |
|
|
|
724 |
|
|
|
725 |
|
|
INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001 |
726 |
|
|
|
727 |
|
|
|
728 |
|
|
the DHCP server for this address. The value is a 16-bit bitmask.' |
729 |
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) |
730 |
|
|
|
731 |
|
|
( 2.16.840.1.113719.1.203.4.29 NAME 'dhcpRequestedHostName' DESC 'This |
732 |
|
|
is the hostname that was requested by the client.' SYNTAX |
733 |
|
|
1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) |
734 |
|
|
|
735 |
|
|
( 2.16.840.1.113719.1.203.4.30 NAME 'dhcpAssignedHostName' DESC 'This is |
736 |
|
|
the actual hostname that was assigned to a client. It may not be the |
737 |
|
|
name that was requested by the client. The fully qualified domain name |
738 |
|
|
can be determined by appending the value of "dhcpDomainName" (with a dot |
739 |
|
|
separator) to this name.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE- |
740 |
|
|
VALUE ) |
741 |
|
|
|
742 |
|
|
( 2.16.840.1.113719.1.203.4.31 NAME 'dhcpReservedForClient' DESC 'The |
743 |
|
|
distinguished name of a "dhcpClient" that an address is reserved for. |
744 |
|
|
This may not be the same as the "dhcpAssignedToClient" attribute if the |
745 |
|
|
address is being reassigned but the current lease has not yet expired.' |
746 |
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE ) |
747 |
|
|
|
748 |
|
|
( 2.16.840.1.113719.1.203.4.32 NAME 'dhcpAssignedToClient' DESC 'This is |
749 |
|
|
the distinguished name of a "dhcpClient" that an address is currently |
750 |
|
|
assigned to. This attribute is only present in the class when the |
751 |
|
|
address is leased.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE ) |
752 |
|
|
|
753 |
|
|
( 2.16.840.1.113719.1.203.4.33 NAME 'dhcpRelayAgentInfo' DESC 'If the |
754 |
|
|
client request was received via a relay agent, this contains information |
755 |
|
|
about the relay agent that was available from the DHCP request. This is |
756 |
|
|
a hex-encoded option value.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 |
757 |
|
|
SINGLE-VALUE ) |
758 |
|
|
|
759 |
|
|
( 2.16.840.1.113719.1.203.4.34 NAME 'dhcpHWAddress' DESC 'The clients |
760 |
|
|
hardware address that requested this IP address.' SYNTAX |
761 |
|
|
1.3.6.1.4.1.1466.115.121.1.40 SINGLE-VALUE ) |
762 |
|
|
|
763 |
|
|
( 2.16.840.1.113719.1.203.4.35 NAME 'dhcpHashBucketAssignment' DESC |
764 |
|
|
'HashBucketAssignment bit map for the DHCP Server, as defined in DHC |
765 |
|
|
Load Balancing Algorithm [RFC 3074].' SYNTAX |
766 |
|
|
1.3.6.1.4.1.1466.115.121.1.40 SINGLE-VALUE ) |
767 |
|
|
|
768 |
|
|
( 2.16.840.1.113719.1.203.4.36 NAME 'dhcpDelayedServiceParameter' DESC |
769 |
|
|
'Delay in seconds corresponding to Delayed Service Parameter |
770 |
|
|
configuration, as defined in DHC Load Balancing Algorithm [RFC 3074]. ' |
771 |
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) |
772 |
|
|
|
773 |
|
|
( 2.16.840.1.113719.1.203.4.37 NAME 'dhcpMaxClientLeadTime' DESC |
774 |
|
|
'Maximum Client Lead Time configuration in seconds, as defined in DHCP |
775 |
|
|
Failover Protocol [FAILOVR]' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 |
776 |
|
|
|
777 |
|
|
|
778 |
|
|
|
779 |
|
|
M. Meredith et al. Expires December 2001 [Page 13] |
780 |
|
|
|
781 |
|
|
|
782 |
|
|
|
783 |
|
|
|
784 |
|
|
|
785 |
|
|
INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001 |
786 |
|
|
|
787 |
|
|
|
788 |
|
|
SINGLE-VALUE ) |
789 |
|
|
|
790 |
|
|
( 2.16.840.1.113719.1.203.4.38 NAME 'dhcpFailOverEndpointState' DESC |
791 |
|
|
'Server (Failover Endpoint) state, as defined in DHCP Failover Protocol |
792 |
|
|
[FAILOVR]' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) |
793 |
|
|
|
794 |
|
|
( 2.16.840.1.113719.1.203.4.39 NAME 'dhcpErrorLog' DESC |
795 |
|
|
Generic error log attribute that allows logging error conditions within a |
796 |
|
|
dhcpService or a dhcpSubnet, like no IP addresses available for lease. |
797 |
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) |
798 |
|
|
|
799 |
|
|
#Classes |
800 |
|
|
|
801 |
|
|
( 2.16.840.1.113719.1.203.6.1 NAME 'dhcpService' DESC ' Service object |
802 |
|
|
that represents the actual DHCP Service configuration. This is a |
803 |
|
|
container object.' SUP top MUST (cn $ dhcpPrimaryDN) MAY |
804 |
|
|
(dhcpSecondaryDN $ dhcpSharedNetworkDN $ dhcpSubnetDN $ dhcpGroupDN $ |
805 |
|
|
dhcpHostDN $ dhcpClassesDN $ dhcpOptionsDN $ dhcpStatements ) ) |
806 |
|
|
|
807 |
|
|
( 2.16.840.1.113719.1.203.6.2 NAME 'dhcpSharedNetwork' DESC 'This stores |
808 |
|
|
configuration information for a shared network.' SUP top MUST cn MAY |
809 |
|
|
(dhcpSubnetDN $ dhcpPoolDN $ dhcpOptionsDN $ dhcpStatements) X- |
810 |
|
|
NDS_CONTAINMENT ('dhcpService' ) ) |
811 |
|
|
|
812 |
|
|
( 2.16.840.1.113719.1.203.6.3 NAME 'dhcpSubnet' DESC 'This class defines |
813 |
|
|
a subnet. This is a container object.' SUP top MUST ( cn $ dhcpNetMask ) |
814 |
|
|
MAY (dhcpRange $ dhcpPoolDN $ dhcpGroupDN $ dhcpHostDN $ dhcpClassesDN $ |
815 |
|
|
dhcpLeasesDN $ dhcpOptionsDN $ dhcpStatements) X-NDS_CONTAINMENT |
816 |
|
|
('dhcpService' 'dhcpSharedNetwork') ) |
817 |
|
|
|
818 |
|
|
( 2.16.840.1.113719.1.203.6.4 NAME 'dhcpPool' DESC 'This stores |
819 |
|
|
configuration information about a pool.' SUP top MUST ( cn $ dhcpRange ) |
820 |
|
|
MAY (dhcpClassesDN $ dhcpPermitList $ dhcpLeasesDN $ dhcpOptionsDN $ |
821 |
|
|
dhcpStatements) X-NDS_CONTAINMENT ('dhcpSubnet' 'dhcpSharedNetwork') ) |
822 |
|
|
|
823 |
|
|
( 2.16.840.1.113719.1.203.6.5 NAME 'dhcpGroup' DESC 'Group object that |
824 |
|
|
lists host DNs and parameters. This is a container object.' SUP top MUST |
825 |
|
|
cn MAY ( dhcpHostDN $ dhcpOptionsDN $ dhcpStatements ) X-NDS_CONTAINMENT |
826 |
|
|
('dhcpSubnet' 'dhcpService' ) ) |
827 |
|
|
|
828 |
|
|
( 2.16.840.1.113719.1.203.6.6 NAME 'dhcpHost' DESC 'This represents |
829 |
|
|
information about a particular client' SUP top MUST cn MAY (dhcpLeaseDN |
830 |
|
|
$ dhcpHWAddress $ dhcpOptionsDN $ dhcpStatements) X-NDS_CONTAINMENT |
831 |
|
|
('dhcpService' 'dhcpSubnet' 'dhcpGroup') ) |
832 |
|
|
|
833 |
|
|
( 2.16.840.1.113719.1.203.6.7 NAME 'dhcpClass' DESC 'Represents |
834 |
|
|
information about a collection of related clients.' SUP top MUST cn MAY |
835 |
|
|
(dhcpSubClassesDN $ dhcpOptionsDN $ dhcpStatements) X-NDS_CONTAINMENT |
836 |
|
|
('dhcpService' 'dhcpSubnet' ) ) |
837 |
|
|
|
838 |
|
|
( 2.16.840.1.113719.1.203.6.8 NAME 'dhcpSubClass' DESC 'Represents |
839 |
|
|
information about a collection of related classes.' SUP top MUST cn MAY |
840 |
|
|
(dhcpClassData $ dhcpOptionsDN $ dhcpStatements) X-NDS_CONTAINMENT |
841 |
|
|
|
842 |
|
|
|
843 |
|
|
|
844 |
|
|
M. Meredith et al. Expires December 2001 [Page 14] |
845 |
|
|
|
846 |
|
|
|
847 |
|
|
|
848 |
|
|
|
849 |
|
|
|
850 |
|
|
INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001 |
851 |
|
|
|
852 |
|
|
|
853 |
|
|
'dhcpClass' ) |
854 |
|
|
|
855 |
|
|
( 2.16.840.1.113719.1.203.6.9 NAME 'dhcpOptions' DESC 'Represents |
856 |
|
|
information about a collection of options defined.' SUP top MUST cn MAY |
857 |
|
|
( dhcpOption ) X-NDS_CONTAINMENT ('dhcpService' 'dhcpSharedNetwork' |
858 |
|
|
'dhcpSubnet' 'dhcpPool' 'dhcpGroup' 'dhcpHost' 'dhcpClass' ) |
859 |
|
|
|
860 |
|
|
( 2.16.840.1.113719.1.203.6.10 NAME 'dhcpLeases' DESC 'This class |
861 |
|
|
represents an IP Address, which may or may not have been leased.' SUP |
862 |
|
|
top MUST ( cn $ dhcpAddressState ) MAY ( dhcpExpirationTime $ |
863 |
|
|
dhcpStartTimeOfState $ dhcpLastTransactionTime $ dhcpBootpFlag $ |
864 |
|
|
dhcpDomainName $ dhcpDnsStatus $ dhcpRequestedHostName $ |
865 |
|
|
dhcpAssignedHostName $ dhcpReservedForClient $ dhcpAssignedToClient $ |
866 |
|
|
dhcpRelayAgentInfo $ dhcpHWAddress ) X-NDS_CONTAINMENT ( 'dhcpService' |
867 |
|
|
'dhcpSubnet' 'dhcpPool') ) |
868 |
|
|
|
869 |
|
|
( 2.16.840.1.113719.1.203.6.11 NAME 'dhcpLog' DESC 'This is the object |
870 |
|
|
that holds past information about the IP address. The cn is the |
871 |
|
|
time/date stamp when the address was assigned or released, the address |
872 |
|
|
state at the time, if the address was assigned or released.' SUP top |
873 |
|
|
MUST ( cn ) MAY ( dhcpAddressState $ dhcpExpirationTime $ |
874 |
|
|
dhcpStartTimeOfState $ dhcpLastTransactionTime $ dhcpBootpFlag $ |
875 |
|
|
dhcpDomainName $ dhcpDnsStatus $ dhcpRequestedHostName $ |
876 |
|
|
dhcpAssignedHostName $ dhcpReservedForClient $ dhcpAssignedToClient $ |
877 |
|
|
dhcpRelayAgentInfo $ dhcpHWAddress $ dhcpErrorLog) X-NDS_CONTAINMENT |
878 |
|
|
('dhcpLeases' 'dhcpPool' 'dhcpSubnet' 'dhcpSharedNetwork' 'dhcpService' ) ) |
879 |
|
|
|
880 |
|
|
( 2.16.840.1.113719.1.203.6.12 NAME 'dhcpServer' DESC 'DHCP Server |
881 |
|
|
Object' SUP top MUST (cn, dhcpServiceDN) MAY (dhcpVersion $ |
882 |
|
|
dhcpImplementation $ dhcpHashBucketAssignment $ |
883 |
|
|
dhcpDelayedServiceParameter $ dhcpMaxClientLeadTime $ |
884 |
|
|
dhcpFailOverEndpointState $ dhcpStatements) X-NDS_CONTAINMENT ('O' 'OU' |
885 |
|
|
'dc') ) |
886 |
|
|
|
887 |
|
|
9. Security Considerations |
888 |
|
|
|
889 |
|
|
Since the DHCP Configuration information is stored in a directory, the |
890 |
|
|
security of the information is limited to the security offered by the |
891 |
|
|
directory including the security of the objects within that directory. |
892 |
|
|
|
893 |
|
|
10. Intellectual Property Rights Notices |
894 |
|
|
|
895 |
|
|
The IETF takes no position regarding the validity or scope of any |
896 |
|
|
intellectual property or other rights that might be claimed to pertain |
897 |
|
|
to the implementation or use of the technology described in this |
898 |
|
|
document or the extent to which any license under such rights might or |
899 |
|
|
might not be available; neither does it represent that it has made any |
900 |
|
|
effort to identify any such rights. Information on the IETF's |
901 |
|
|
procedures with respect to rights in standards-track and standards- |
902 |
|
|
|
903 |
|
|
|
904 |
|
|
|
905 |
|
|
M. Meredith et al. Expires December 2001 [Page 15] |
906 |
|
|
|
907 |
|
|
|
908 |
|
|
|
909 |
|
|
|
910 |
|
|
|
911 |
|
|
INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001 |
912 |
|
|
|
913 |
|
|
|
914 |
|
|
related documentation can be found in BCP-11. Copies of claims of |
915 |
|
|
rights made available for publication and any assurances of licenses to |
916 |
|
|
be made available, or the result of an attempt made to obtain a general |
917 |
|
|
license or permission for the use of such proprietary rights by |
918 |
|
|
implementors or users of this specification can be obtained from the |
919 |
|
|
IETF Secretariat. |
920 |
|
|
|
921 |
|
|
The IETF invites any interested party to bring to its attention any |
922 |
|
|
copyrights, patents or patent applications, or other proprietary rights |
923 |
|
|
which may cover technology that may be required to practice this |
924 |
|
|
standard. Please address the information to the IETF Executive |
925 |
|
|
Director. |
926 |
|
|
|
927 |
|
|
11. Full Copyright Statement |
928 |
|
|
|
929 |
|
|
Copyright (C) The Internet Society (2001). All Rights Reserved. |
930 |
|
|
|
931 |
|
|
This document and translations of it may be copied and furnished to |
932 |
|
|
others, and derivative works that comment on or otherwise explain it or |
933 |
|
|
assist in its implementation may be prepared, copied, published and |
934 |
|
|
distributed, in whole or in part, without restriction of any kind, |
935 |
|
|
provided that the above copyright notice and this paragraph are included |
936 |
|
|
on all such copies and derivative works. However, this document itself |
937 |
|
|
may not be modified in any way, such as by removing the copyright notice |
938 |
|
|
or references to the Internet Society or other Internet organizations, |
939 |
|
|
except as needed for the purpose of developing Internet standards in |
940 |
|
|
which case the procedures for copyrights defined in the Internet |
941 |
|
|
Standards process must be followed, or as required to translate it into |
942 |
|
|
languages other than English. |
943 |
|
|
|
944 |
|
|
The limited permissions granted above are perpetual and will not be |
945 |
|
|
revoked by the Internet Society or its successors or assigns. |
946 |
|
|
|
947 |
|
|
This document and the information contained herein is provided on an "AS |
948 |
|
|
IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK |
949 |
|
|
FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT |
950 |
|
|
LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT |
951 |
|
|
INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR |
952 |
|
|
FITNESS FOR A PARTICULAR PURPOSE. |
953 |
|
|
|
954 |
|
|
12. References |
955 |
|
|
|
956 |
|
|
[RFC2131] Droms, R., "Dynamic Host Configuration Protocol", RFC 2131, |
957 |
|
|
March 1997. |
958 |
|
|
|
959 |
|
|
[RFC2132] Alexander, S., Droms, R., "DHCP Options and BOOTP Vendor |
960 |
|
|
Extensions", RFC 2132, March 1997. |
961 |
|
|
|
962 |
|
|
|
963 |
|
|
|
964 |
|
|
|
965 |
|
|
M. Meredith et al. Expires December 2001 [Page 16] |
966 |
|
|
|
967 |
|
|
|
968 |
|
|
|
969 |
|
|
|
970 |
|
|
|
971 |
|
|
INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001 |
972 |
|
|
|
973 |
|
|
|
974 |
|
|
[MSDHCP] Gu, Y., Vyaghrapuri, R., "An LDAP Schema for Dynamic Host |
975 |
|
|
Configuration Protocol Service", Internet Draft <draft-gu-dhcp-ldap- |
976 |
|
|
schema-00.txt>, August 1998. |
977 |
|
|
|
978 |
|
|
[NOVDHCP] Miller, T., Patel, A., Rao, P., "Lightweight Directory Access |
979 |
|
|
Protocol (v3): Schema for Dynamic Host Configuration Protocol (DHCP)", |
980 |
|
|
Internet Draft <draft-miller-dhcp-ldap-schema-00.txt>, June 1998. |
981 |
|
|
|
982 |
|
|
[FAILOVR] Droms, R., Rabil, G., Dooley, M., Kapur, A., Gonczi, S., Volz, |
983 |
|
|
B., "DHCP Failover Protocol", Internet Draft <draft-ietf-dhc- |
984 |
|
|
failover-08.txt>, July 2000. |
985 |
|
|
|
986 |
|
|
[RFC 3074] Volz B., Gonczi S., Lemon T., Stevens R., "DHC Load Balancing |
987 |
|
|
Algorithm", February 2001 |
988 |
|
|
|
989 |
|
|
[AGENT] Patrick, M., "DHCP Relay Agent Information Option", Internet |
990 |
|
|
Draft <draft-ietf-dhc-agent-options-09.txt>, March 2000. |
991 |
|
|
|
992 |
|
|
[DHCPOPT] Carney, M., "New Option Review Guidelines and Additional |
993 |
|
|
Option Namespace", Internet Draft <draft-ietf-dhc- |
994 |
|
|
option_review_and_namespace-01.txt>, October 1999. |
995 |
|
|
|
996 |
|
|
[POLICY] Strassner, J., Elleson, E., Moore, B., "Policy Framework LDAP |
997 |
|
|
Core Schema", Internet Draft <draft-ietf-policy-core-schema-06.txt>, |
998 |
|
|
November 1999. |
999 |
|
|
|
1000 |
|
|
[RFC2251] Wahl, M., Howes, T., Kille, S., "Lightweight Directory Access |
1001 |
|
|
Protocol (v3)", RFC 2251, December 1997. |
1002 |
|
|
|
1003 |
|
|
[RFC2252] Wahl, M., Coulbeck, A., Howes, T., Kille, S., "Lightweight |
1004 |
|
|
Directory Access Protocol (v3) Attribute Syntax Definitions", RFC 2252, |
1005 |
|
|
December 1997. |
1006 |
|
|
|
1007 |
|
|
[RFC2255] Howes, T., Smith, M., "The LDAP URL Format", RFC 2255, |
1008 |
|
|
December 1997. |
1009 |
|
|
|
1010 |
|
|
[RFC951] Croft, B., Gilmore, J., "Bootstrap Protocol (BOOTP)", RFC 951, |
1011 |
|
|
September 1985. |
1012 |
|
|
|
1013 |
|
|
[RFC2119] Bradner, S. "Key words for use in RFCs to Indicate Requirement |
1014 |
|
|
Levels", RFC 2119, March 1997. |
1015 |
|
|
|
1016 |
|
|
13. Acknowledgments |
1017 |
|
|
|
1018 |
|
|
This work is partially based on a previous draft draft-ietf-dhc- |
1019 |
|
|
schema-02.doc. |
1020 |
|
|
|
1021 |
|
|
|
1022 |
|
|
|
1023 |
|
|
|
1024 |
|
|
|
1025 |
|
|
M. Meredith et al. Expires December 2001 [Page 17] |
1026 |
|
|
|
1027 |
|
|
|
1028 |
|
|
|
1029 |
|
|
|
1030 |
|
|
|
1031 |
|
|
INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001 |
1032 |
|
|
|
1033 |
|
|
|
1034 |
|
|
14. Author's Addresses |
1035 |
|
|
|
1036 |
|
|
Comments regarding this draft may be sent to the authors at the |
1037 |
|
|
following address: |
1038 |
|
|
|
1039 |
|
|
Mark Meredith |
1040 |
|
|
Mark Hinckley |
1041 |
|
|
Novell Inc. |
1042 |
|
|
1800 S. Novell Place |
1043 |
|
|
Provo, Utah 84606 |
1044 |
|
|
|
1045 |
|
|
Vijay K. Nanjundaswamy |
1046 |
|
|
Novell Software Development (I) Ltd |
1047 |
|
|
49/1 & 49/3, Garvebhavi Palya, |
1048 |
|
|
7th Mile, Hosur Road |
1049 |
|
|
Bangalore 560068 |
1050 |
|
|
|
1051 |
|
|
email: mark_meredith@novell.com |
1052 |
|
|
email: knvijay@novell.com |
1053 |
|
|
email: mhinckley@novell.com |
1054 |
|
|
|
1055 |
|
|
This Internet Draft expires December 16, 2001. |
1056 |
|
|
|
1057 |
|
|
|
1058 |
|
|
|
1059 |
|
|
|
1060 |
|
|
|
1061 |
|
|
|
1062 |
|
|
|
1063 |
|
|
|
1064 |
|
|
|
1065 |
|
|
|
1066 |
|
|
|
1067 |
|
|
|
1068 |
|
|
|
1069 |
|
|
|
1070 |
|
|
|
1071 |
|
|
|
1072 |
|
|
|
1073 |
|
|
|
1074 |
|
|
|
1075 |
|
|
|
1076 |
|
|
|
1077 |
|
|
|
1078 |
|
|
|
1079 |
|
|
|
1080 |
|
|
|
1081 |
|
|
|
1082 |
|
|
|
1083 |
|
|
|
1084 |
|
|
|
1085 |
|
|
M. Meredith et al. Expires December 2001 [Page 18] |
1086 |
|
|
|
1087 |
|
|
|
1088 |
|
|
|
1089 |
|
|
|