Description Philipp Hahn 2013-11-12 13:28:52 CET

The ISC-DHCP-server used the UCRV "dhcpd/ldap/base" to define its search base, which defaults to "cn=dhcp,$ldap_base" when unset.

Since UCS-3.0 the UCRV is only used to find the dhcpServer-entry matching the node name. That LDAP entry has the *multi-valued* dhcpServiceDN entry, which links to the dhcpService entries. These entries are the top-level containers for all further DHCP related entries and define the search base.
server/ldap.c:2504
    for (curr = ldap_service_dn_head; ...
        ret = ldap_search_ext_s (ld, curr->dn, LDAP_SCOPE_SUBTREE, ...

In UCS-2.4 the search for dhcpHost-entries is different: it does not support multiple services and always used the value of the UCRV "dhcp/ldap/base":
server/ldap.c:1446
  if ((ret = ldap_search_ext_s (ld, ldap_base_dn, LDAP_SCOPE_SUBTREE, ....


With Bug #31650 the documentation was clarified, that any DHCP server can provide only one DHCP service. This is not 100% correct, as the ISC-DHCP implementation can provide multiple services per server, but UDM currently limits it to only one service per server.

This change breaks updates from UCS-2.4 to UCS-3.x, since now dhcpHost entries outside the dhcpService are no longer found.
The dhcpServiceDN can't be changed to point to "something higher in the tree", since it mist point to a dhcpService entry which is used to generate the initial configuration.

Currently the out-of-dhcpService-dhcpHost entries must be moved into a surrounding dhcpService, which is served by at least one dhcpServer.
As dhcpGroup is currently not available through UDM, this cannot be easily done, when - for example - the previous extra-service-construct was used to apply policies to a group of related hosts, e.g. OPSI installation.

1. Would should think about allowing multiple dhcpServices per dhcpHost by removing the restriction from UDM.
2. We should add support for dhcpGroup.