Problem:DHCP Pool Statements - Object class violation: attribute dhcpStatements not allowed

Knowledge Base Community
, , , , ,
1

Problem

If DHCP Pool is configured in UCS and separate DHCP Statements should be configured for this, these cannot be used because the LDAP schema for DHCP Pool does not contain the extension for dhcpStatements.

Error message: Object class violation: attribute dhcpStatements not allowed

Screenshot from 2025-05-29 00-00-24
Screenshot from 2025-05-29 00-00-24610×187 10.8 KB

Root Cause Bug 58191

Investigation

In /usr/share/univention-ldap/schema/univention-dhcp.schema

# SUP dhcpPool
objectclass ( 1.3.6.1.4.1.10176.1193
        NAME 'univentionDhcpPool'
        DESC 'This stores configuration information about a pool.'
        SUP top
        MUST ( cn $ dhcpRange )
        MAY (dhcpClassesDN $ dhcpPermitList $ dhcpLeasesDN $ dhcpOptionsDN $
                univentionDhcpFailoverPeer)
        X-NDS_CONTAINMENT ('dhcpSubnet' 'dhcpSharedNetwork') )

Solution

The schema file can be adapted and extended with the missing dhcpStatements. By restarting the slapd.service, the adapted schema file is adopted and the adaptation can be used. Statements for a DHCP pool can then be configured and saved.

  1. Use an editor of your choice and open the schema file
    /usr/share/univention-ldap/schema/univention-dhcp.schema

  2. Add the missing dhcpStatements in the DHCP Pool section.

# SUP dhcpPool
objectclass ( 1.3.6.1.4.1.10176.1193
        NAME 'univentionDhcpPool'
        DESC 'This stores configuration information about a pool.'
        SUP top
        MUST ( cn $ dhcpRange )
        MAY (dhcpClassesDN $ dhcpPermitList $ dhcpLeasesDN $ dhcpOptionsDN $
                univentionDhcpFailoverPeer $ dhcpStatements)
        X-NDS_CONTAINMENT ('dhcpSubnet' 'dhcpSharedNetwork') )
  1. Restart the slapd.service so that the changes are applied.
    /etc/init.d/slapd restart

Result

DN: cn=DHCP-Test,cn=10.200.30.0,cn=mejneschool2,cn=dhcp,ou=mejneschool2,dc=ucs5schoolhejne,dc=intranet
  all_clients: None
  dynamic_bootp_clients: None
  failover_peer: None
  known_clients: None
  name: DHCP-Test
  range: 10.200.30.10 10.200.30.100
  statements: subnet 10.200.30.128 netmask 255.255.255.192 {
  range 10.200.30.129 10.200.30.191;
  option routers 10.200.30.1;
  option domain-name-servers 8.8.8.8, 1.1.1.1;
  option domain-name "ucs5schoolhejne.intranet";
  default-lease-time 600;
  max-lease-time 7200;
} 
  unknown_clients: None