# DHCP 4.3.x cannot contact LDAP Server

## TopGun_61

Hi all,

After updating the DHCP Server from version 4.2.x to 4.3.4 I got the following error by starting dhcpd:

```
 * dhcpd has detected a syntax error in your configuration files:

Internet Systems Consortium DHCP Server 4.3.4 Gentoo-r0

Copyright 2004-2016 Internet Systems Consortium.

All rights reserved.

For info, please visit https://www.isc.org/software/dhcp/

LDAPS session successfully enabled to ldapm.foss-group.int:636

Error: Cannot login into ldap server ldapm.foss-group.int:636: Can't contact LDAP server

Configuration file errors encountered -- exiting

If you think you have received this message due to a bug rather

than a configuration issue please read the section on submitting

bugs on either our web page at www.isc.org or in the README file

before submitting a bug.  These pages explain the proper

process and the information we find helpful for debugging..

exiting.

 * ERROR: dhcpd failed to start
```

DHCP is successfully contacting the LDAP Server but the login fails.

The configuration which was working with DHCP 4.2.x:

/etc/dhcp/dhcpd.conf

```

ldap-server "ldapm.domain.local";

ldap-port 636;

ldap-ssl ldaps;

ldap-tls-ca-file "/etc/ssl/certs/FOSS-Cloud_CA.cert.pem";

ldap-username "cn=dhcp,ou=services,ou=administration,dc=foss-cloud,dc=org";

ldap-password "XXXXXX&#";

ldap-base-dn "ou=dhcp,ou=networks,ou=virtualization,ou=services,dc=foss-cloud,dc=org";

ldap-dhcp-server-cn "dhcp-01";

ldap-method dynamic;
```

If I replace the domain with the IP address, it works.

```

ldap-server "10.1.130.8";

ldap-port 636;

ldap-ssl ldaps;

ldap-tls-ca-file "/etc/ssl/certs/FOSS-Cloud_CA.cert.pem";

ldap-username "cn=dhcp,ou=services,ou=administration,dc=foss-cloud,dc=org";

ldap-password "dV3YNa&#";

ldap-base-dn "ou=dhcp,ou=networks,ou=virtualization,ou=services,dc=foss-cloud,dc=org";

ldap-dhcp-server-cn "dhcp-01";

ldap-method dynamic;
```

/etc/hosts

```

# IPv4 and IPv6 localhost aliases

127.0.0.1       localhost

::1             localhost

192.168.1.8  single.domain.local

10.1.130.8 ldapm.domain.local

```

We need the domainname in dhcpd.conf. Does somebody has any idea?

Thank you!

----------

## Waishon

Hi,

I'm also a member of the foss-community and read the e-mail with the issue.

This seems to be a common issue with the newer versions of isc-dhcp-server.

What I found out is that the dhcp server ignores the /etc/hosts file, so it will send a request to the DNS server "Hey give me the ip of foss-cloud.int", but there is no A-Record for this address available, so it give you the "Can't contact LDAP server" instantaneously. When you now try another address that contains a valid A-Record e.g. foss-cloud.org or google.de the DHCP service waits for an answer until it receives a timeout. 

But if you now use a domain with an A-Record that points to 127.0.0.1 e.g localtest.me everything works as expected. Using an ip there is never a DNS request, so this also works fine.

The question is, how to solve this issue? Using "localhost" isn't a workaround?

Maybe we should write a bug report to the isc community

----------

