[CentOS] LDAP/iptables

Mon Sep 5 23:31:40 UTC 2005
Sean O'Connell <oconnell at soe.ucsd.edu>

On Mon, 2005-09-05 at 19:23 -0400, Thomas E Dukes wrote:
>  
> > -----Original Message-----
> > From: centos-bounces at centos.org 
> > [mailto:centos-bounces at centos.org] On Behalf Of Sean O'Connell
> > Sent: Monday, September 05, 2005 6:20 PM
> > To: CentOS mailing list
> > Subject: RE: [CentOS] LDAP/iptables
> > 
> > On Mon, 2005-09-05 at 18:07 -0400, Thomas E Dukes wrote:
> > 
> > > Hi Craig,
> > > 
> > > ldap is running.  I seem not to be able to connect on port 389.  I 
> > > can't telnet there either.
> > 
> > Something is funny there. Have you tried backing out the sasl 
> > stuff in your slapd.conf and going with plain auth? I wonder 
> > if slapd does has some checks in it to not open up tcp unless 
> > it has a rootpw in the conf file. I would simplify things as 
> > much as possible and then add things back in.
> > 
> 
> Hi Sean,
> 
> No, I haven't done that.  Sorry.
> 
> What do I need to change?  How do I set it up with a plain password?  I have
> already added several users using saslpasswd2 -c 'username'.  I was just
> following the HowTo.  :-(

Change the rootdn entry to not use sasl (iirc, there was a reasonable
candidate that you had commented out) and add in a rootpw entry (needn't
be encrypted for this exercise). Comment out the line about sasl-regexp.

Stop and restart ldap service. Does this make any difference?

-- 
Sean