Hello I am aware that DHCP isn't currently supported but got felt like I had a chance after reading this thread.
https://lists.fedorahosted.org/archives/list/[email protected]/thread/ZBZSWTD3JAR3P7ASIZOBVQQINYRSPL6O/ I respect Alexander Bokovoy and his nudge was enough for me to try below project:- https://github.com/cabeljunky/freeipa-plugin-dhcp This is on fully update RHEL9 server with ipa-server-4.12.2-1.el9 and below command runs cleanly. ipa-server-install --setup-kra --setup-dns --setup-adtrust The plugin hasn't had any love for a long time, so was python2 based. I run 2to3 against the three python files and changed the location of python binary and it worked after that. When I run install.sh though, I get the error below. Everything before this point has run without an error. What would be the likely cause of this crash? Would the hostname sw-ipa-02.sw-lab.example.com cause this issue? Any pointer would be appreciated. Servers,cn=permissions,cn=pbac,dc=sw-lab,dc=example,dc=com";)'])] 2025-04-17T19:53:46Z DEBUG Updating managed permission: System: Modify DHCP Servers 2025-04-17T19:53:46Z DEBUG Updating ACI for managed permission: System: Modify DHCP Servers 2025-04-17T19:53:46Z DEBUG Adding ACI '(targetattr = "cn || dhcpcomments || dhcpoption || dhcpprimarydn || dhcpsecondarydn || dhcpservicedn || dhcpstatements || objectclass")(targetfilter = "(objectclass=dhcpserver)")(version 3.0;acl "permission:System: Modify DHCP Servers";allow (write) groupdn = "ldap:///cn=System: Modify DHCP Servers,cn=permissions,cn=pbac,dc=sw-lab,dc=example,dc=com";)' to cn=v4,cn=dhcp,dc=sw-lab,dc=example,dc=com 2025-04-17T19:53:46Z DEBUG update_entry modlist [(0, 'aci', [b'(targetattr = "cn || dhcpcomments || dhcpoption || dhcpprimarydn || dhcpsecondarydn || dhcpservicedn || dhcpstatements || objectclass")(targetfilter = "(objectclass=dhcpserver)")(version 3.0;acl "permission:System: Modify DHCP Servers";allow (write) groupdn = "ldap:///cn=System: Modify DHCP Servers,cn=permissions,cn=pbac,dc=sw-lab,dc=example,dc=com";)'])] 2025-04-17T19:53:46Z DEBUG Updating managed permission: System: Remove DHCP Servers 2025-04-17T19:53:46Z DEBUG Updating ACI for managed permission: System: Remove DHCP Servers 2025-04-17T19:53:46Z DEBUG Adding ACI '(targetfilter = "(objectclass=dhcpserver)")(version 3.0;acl "permission:System: Remove DHCP Servers";allow (delete) groupdn = "ldap:///cn=System: Remove DHCP Servers,cn=permissions,cn=pbac,dc=sw-lab,dc=example,dc=com";)' to cn=v4,cn=dhcp,dc=sw-lab,dc=example,dc=com 2025-04-17T19:53:46Z DEBUG update_entry modlist [(0, 'aci', [b'(targetfilter = "(objectclass=dhcpserver)")(version 3.0;acl "permission:System: Remove DHCP Servers";allow (delete) groupdn = "ldap:///cn=System: Remove DHCP Servers,cn=permissions,cn=pbac,dc=sw-lab,dc=example,dc=com";)'])] 2025-04-17T19:53:46Z DEBUG Updating managed permissions for dhcpservice 2025-04-17T19:53:46Z DEBUG Updating managed permission: System: Read DHCP Configuration 2025-04-17T19:53:46Z DEBUG Updating ACI for managed permission: System: Read DHCP Configuration 2025-04-17T19:53:46Z DEBUG Destroyed connection context.ldap2_140326465365328 2025-04-17T19:53:46Z DEBUG File "/usr/lib/python3.9/site-packages/ipapython/admintool.py", line 219, in execute return_value = self.run() File "/usr/lib/python3.9/site-packages/ipaserver/install/ipa_ldap_updater.py", line 150, in run modified = ld.update(self.files) or modified File "/usr/lib/python3.9/site-packages/ipaserver/install/ldapupdate.py", line 1041, in update self._run_updates(all_updates) File "/usr/lib/python3.9/site-packages/ipaserver/install/ldapupdate.py", line 992, in _run_updates self._run_update_plugin(update['plugin']) File "/usr/lib/python3.9/site-packages/ipaserver/install/ldapupdate.py", line 968, in _run_update_plugin restart_ds, updates = self.api.Updater[plugin_name]() File "/usr/lib/python3.9/site-packages/ipalib/frontend.py", line 1560, in __call__ return self.execute(**options) File "/usr/lib/python3.9/site-packages/ipaserver/install/plugins/update_managed_permissions.py", line 377, in execute self.update_permission(ldap, File "/usr/lib/python3.9/site-packages/ipaserver/install/plugins/update_managed_permissions.py", line 484, in update_permission permission_plugin.update_aci(entry) File "/usr/lib/python3.9/site-packages/ipaserver/plugins/permission.py", line 659, in update_aci return self._replace_aci(permission_entry, old_name, new_acistring) File "/usr/lib/python3.9/site-packages/ipaserver/plugins/permission.py", line 671, in _replace_aci acientry, acistring = self._get_aci_entry_and_string( File "/usr/lib/python3.9/site-packages/ipaserver/plugins/permission.py", line 731, in _get_aci_entry_and_string acientry = ldap.get_entry(location, ['aci']) File "/usr/lib/python3.9/site-packages/ipapython/ipaldap.py", line 1962, in get_entry return super(LDAPCache, self).get_entry( File "/usr/lib/python3.9/site-packages/ipapython/ipaldap.py", line 1660, in get_entry assert isinstance(dn, DN) 2025-04-17T19:53:46Z DEBUG The ipa-ldap-updater command failed, exception: AssertionError: 2025-04-17T19:53:46Z ERROR Unexpected error - see /var/log/ipaupgrade.log for details: AssertionError: 2025-04-17T19:53:46Z ERROR The ipa-ldap-updater command failed. See /var/log/ipaupgrade.log for more information Regards, William
-- _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
