[CentOS] LDAP/iptables

Sean O'Connell oconnell at soe.ucsd.edu
Mon Sep 5 16:57:12 UTC 2005


On Mon, 2005-09-05 at 08:06 -0400, Thomas E Dukes wrote:
> Hello Sean,
> 
> Here's the output for ps -ef | grep slapd:
> 
> ldap      1928     1  0 00:03 ?        00:00:00 /usr/sbin/slapd -u ldap -h
> ldap:///
> root     15066 15003  0 07:29 tty1     00:00:00 grep slapd
> > 
> > (or pgrep -l slapd). You can also use service slapd status 
> > (though, this isn't always 100% reliable).
> > 
> > The openldap server, outputs to syslog on local4 by default. 
> > It's possible that there are errors or issues with your 
> > /etc/openldap/slapd.conf that are causing slapd to fail to start.
> > You can edit /etc/syslog.conf and add a few lines like
> > 
> > local4.*		/var/log/ldap.log
> > 
> > Then run service syslog restart (or HUP syslogd) to pickup 
> > the changes.
> 
> Here's the output to ldap.log after adding the above to syslog:
> 
> Sep  5 07:43:43 palmettodomains slapd[15571]: @(#) $OpenLDAP: slapd 2.2.13
> (Apr 28 2005 19:30:08) $
> buildsys at bob:/home/buildsys/rpmbuild/BUILD/openldap-2.2.13/openldap-2.2.13/b
> uild-servers/servers/slapd 
> Sep  5 07:43:43 palmettodomains slapd[15571]: bdb_initialize: Sleepycat
> Software: Berkeley DB 4.2.52: (December  3, 2003) 
> Sep  5 07:43:43 palmettodomains slapd[15571]: bdb_initialize: Sleepycat
> Software: Berkeley DB 4.2.52: (December  3, 2003) 
> Sep  5 07:43:43 palmettodomains slapd[15571]: bdb_db_init: Initializing BDB
> database 
> 
> I think everthing is running but I can't connect to port 389.
> 
> Can you think of anything els?

How are you trying to connect to the ldap service? Are you trying to
connect via ldapsearch? or just telnet hostname 389 ?

If you do an

lsof -p 1928

(assuming slapd is still 1928 :) does it show it listening on any TCP
ports?

Have you tried telnet localhost 389 (to rule out any firewall oddities)?
If you just try the following it should at the very least connect and
ask you for a password.

ldapsearch -v -v -H ldap://localhost


-- 
Sean




More information about the CentOS mailing list