On Mon, 2005-09-05 at 13:57 -0400, Thomas E Dukes wrote:
How are you trying to connect to the ldap service? Are you trying to connect via ldapsearch? or just telnet hostname 389 ?
If you do an
lsof -p 1928
(assuming slapd is still 1928 :) does it show it listening on any TCP ports?
Hello Sean,
Here's the output from lsof -p 1928:
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME slapd 1928 ldap cwd DIR 3,2 4096 2 / slapd 1928 ldap rtd DIR 3,2 4096 2 / slapd 1928 ldap txt REG 3,2 1290940 637712 /usr/sbin/slapd slapd 1928 ldap mem REG 3,2 221792 229136 /lib/libssl.so.0.9.7a slapd 1928 ldap mem REG 3,2 53654 229201 /lib/libcrypt-2.3.4.so slapd 1928 ldap mem REG 3,2 485961 277480 /lib/tls/i486/libpthread-2.3.4.so slapd 1928 ldap mem REG 3,2 28504 377263 /usr/lib/libwrap.so.0.7.6 slapd 1928 ldap mem REG 3,2 15216 571286 /usr/lib/sasl2/libcrammd5.so.2.0.19 slapd 1928 ldap mem REG 3,2 13392 571319 /usr/lib/sasl2/libplain.so.2.0.19 slapd 1928 ldap mem REG 3,2 998912 229121 /lib/libcrypto.so.0.9.7a slapd 1928 ldap mem REG 3,2 427444 377412 /usr/lib/libkrb5.so.3.2 slapd 1928 ldap mem REG 3,2 140140 378154 /usr/lib/libk5crypto.so.3.0 slapd 1928 ldap mem REG 3,2 230500 229168 /lib/libnss_nisplus-2.3.4.so slapd 1928 ldap mem REG 3,2 783456 571274 /usr/lib/sasl2/libsasldb.so.2.0.19 slapd 1928 ldap mem REG 3,2 21348 577260 /usr/lib/sasl2/libsql.so.2.0.19 slapd 1928 ldap mem REG 3,2 534768 277479 /lib/tls/i486/libm-2.3.4.so slapd 1928 ldap mem REG 3,2 82320 1910146 /usr/lib/libsasl2.so.2.0.19 slapd 1928 ldap mem REG 3,2 1046360 505949 /usr/lib/mysql/libmysqlclient.so.14.0.0 slapd 1928 ldap mem REG 3,2 58211 229158 /lib/libnss_dns-2.3.4.so slapd 1928 ldap mem REG 3,2 86532 377520 /usr/lib/libgssapi_krb5.so.2.2 slapd 1928 ldap mem REG 3,2 65580 378295 /usr/lib/libz.so.1.2.1.2 slapd 1928 ldap mem REG 3,2 13264 571315 /usr/lib/sasl2/liblogin.so.2.0.19 slapd 1928 ldap mem REG 3,2 411410 228487 /lib/libnsl-2.3.4.so slapd 1928 ldap mem REG 3,2 783484 572022 /usr/lib/tls/libslapd_db-4.2.so slapd 1928 ldap mem REG 3,2 519365 228485 /lib/ld-2.3.4.so slapd 1928 ldap mem REG 3,2 108396 228489 /lib/libdl-2.3.4.so slapd 1928 ldap mem REG 3,2 22292 577256 /usr/lib/sasl2/libgssapiv2.so.2.0.19 slapd 1928 ldap mem REG 3,2 113876 376534 /usr/lib/libpq.so.3.1 slapd 1928 ldap mem REG 3,2 42964 571290 /usr/lib/sasl2/libdigestmd5.so.2.0.19 slapd 1928 ldap mem REG 3,2 29104 577248 /usr/lib/sasl2/libntlm.so.2.0.19 slapd 1928 ldap mem REG 3,2 5620585 277447 /lib/tls/i486/libc-2.3.4.so slapd 1928 ldap mem REG 3,2 7168 229119 /lib/libcom_err.so.2.1 slapd 1928 ldap mem REG 3,2 264753 229144 /lib/libresolv-2.3.4.so slapd 1928 ldap mem REG 3,2 186343 229234 /lib/libnss_files-2.3.4.so slapd 1928 ldap mem REG 3,2 12852 571270 /usr/lib/sasl2/libanonymous.so.2.0.19 slapd 1928 ldap mem REG 3,2 16384 1731793 /var/lib/ldap/__db.001 slapd 1928 ldap 0u CHR 1,3 1401 /dev/null slapd 1928 ldap 1u CHR 1,3 1401 /dev/null slapd 1928 ldap 2u CHR 1,3 1401 /dev/null slapd 1928 ldap 3u unix 0xd7639b80 4289 socket slapd 1928 ldap 4r FIFO 0,7 4290 pipe slapd 1928 ldap 5w FIFO 0,7 4290 pipe slapd 1928 ldap 6u sock 0,4 4293 can't identify protocol slapd 1928 ldap 7u sock 0,4 4294 can't identify protocol
From the above, I don't see it listening to port 389, but I'm not really
sure what its telling me. :-)
Have you tried telnet localhost 389 (to rule out any firewall oddities)?
Yes, it won't connect to port 389. I also tried 25 and 110. I can telnet to these ports fine. I use the same ruleset to open those ports.
If you just try the following it should at the very least connect and ask you for a password.
ldapsearch -v -v -H ldap://localhost
When I run the above, I get:
ldap_initialize( ldap://localhost ) ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1)
Eddie-
It doesn't look like the slapd is opening up a TCP port. It only appears to have opened unix sockets. Running lsof on working slapd, I see the following in addition to stuff you reported:
slapd 2511 ldap 6u IPv6 7136316 TCP *:ldap (LISTEN) slapd 2511 ldap 7u IPv4 7136317 TCP *:ldap (LISTEN) slapd 2511 ldap 8u IPv6 7136320 TCP *:ldaps (LISTEN) slapd 2511 ldap 9u IPv4 7136321 TCP *:ldaps (LISTEN)
I think there might be an issue with your slapd.conf.