Bug#1039966: isc-dhcp-server.service: Could not get Tjener LDAP object (but it exists).

To: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>, 1039966@bugs.debian.org
Subject: Bug#1039966: isc-dhcp-server.service: Could not get Tjener LDAP object (but it exists).
From: Daniel Teichmann <daniel.teichmann@das-netzwerkteam.de>
Date: Mon, 3 Jul 2023 13:18:50 +0200
Message-id: <[🔎] 037bd950-aa11-fd20-3f93-f7d9ddda95c8@das-netzwerkteam.de>
Reply-to: Daniel Teichmann <daniel.teichmann@das-netzwerkteam.de>, 1039966@bugs.debian.org
In-reply-to: <[🔎] 20230701040518.Horde.g3EE_g4Di2bihbpla--GaYy@mail.das-netzwerkteam.de>
References: <[🔎] 20230701040518.Horde.g3EE_g4Di2bihbpla--GaYy@mail.das-netzwerkteam.de> <168811667732.280506.8349732919446408721.reportbug@nwt-03-daniel>

Hey Mike,

I think, you misunderstood the problem (I didn't communicate it clearlyenough).The problem is not resolving ldap(.intern) on TJENER or clients. Thatsworking.


---
locadm@tjener:~$ ping ldap.intern
PING tjener.intern (10.0.2.2) 56(84) bytes of data.
64 bytes from tjener.intern (10.0.2.2): icmp_seq=1 ttl=64 time=0.056 ms
---

---
locadm@tjener:~$ ping ldap
PING tjener.intern (10.0.2.2) 56(84) bytes of data.
64 bytes from tjener.intern (10.0.2.2): icmp_seq=1 ttl=64 time=0.089 ms
---

isc-dhcp-server does not resolve 'ldap' (anymore?), therefore the 'Couldnot get Tjener LDAP object' error message.

I also couldn't find an extra search domain option. So maybe this is anupstream bug?

And the easiest fix would be using 'localhost' (like the dhcpd examplesare suggesting) or 'ldap.intern' for ldap-server.


Greetings, Daniel

Am 01.07.23 um 06:05 schrieb Mike Gabriel:

Control: tags -1 - pending

Hi Daniel,

On  Fr 30 Jun 2023 11:17:57 CEST, Daniel Teichmann wrote:
Package: debian-edu-config
Severity: important

Error messages popping up in syslog on newly installed systems..

gber (Guido Berhörster) can reproduce this issue.

less /var/log/syslog: ```
2023-06-30T10:02:21.863147+02:00 tjener dhcpd[138165]: Cannot findhost LDAP entry tjener (&(objectClass=dhcpServer)(cn=tjener))
```
I reverted your change for this as it does not address the underlyingproblem.
In a Debian Edu network, all hosts should be reachable via their shorthostname (rather than their FQDN).
This is: the underlying fix for this is finding out via

  ping ldap

fails whereas

  ping ldap.intern

does not.
I.e. we need to check /etc/resolv.conf and if there is a "searchintern" in it. And if not, we need to find out why it is not there:
```
nameserver 127.0.0.1
search intern
```

Please revisit and find the deeper solution to this problem. Thanks!

Mike


--

DAS-NETZWERKTEAM
Daniel Teichmann

GnuPG Key ID 0x8100A778
mail: daniel.teichmann@das-netzwerkteam.de, https://das-netzwerkteam.de

Attachment: OpenPGP_0xB500EFC78100A778.asc
Description: OpenPGP public key

Attachment: OpenPGP_signature
Description: OpenPGP digital signature

Reply to:

References:
- Bug#1039966: isc-dhcp-server.service: Could not get Tjener LDAP object (but it exists).
  - From: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>

Prev by Date: Content and translation status for the debian-edu-bullseye manual
Next by Date: Processed: debian-edu-artwork: leaves diversion dating back to squeeze: /usr/share/desktop-base/grub_background.sh
Previous by thread: Processed: Re: Bug#1039966: isc-dhcp-server.service: Could not get Tjener LDAP object (but it exists).
Next by thread: Processing of debian-edu-config_2.12.33_source.changes
Index(es):
- Date
- Thread