[CentOS] LDAP/iptables

Tue Sep 6 19:02:20 UTC 2005
Jeffrey D. Means <meaje at meanspc.com>

I just experienced what sounds like your problem...  My BDB file were
corrupted, so to fix the issue I simply deleted everything in the data
directory and then ran slapadd to restore and recreate the files.
Immediately my LDAP server started working again.  I hope this helps
you.  The only way I saw this was a problems was by running strace on
slapd and watching where it hung.

--Jeff
On Mon, 2005-09-05 at 22:13 -0700, Sean O'Connell wrote:
> On Mon, 2005-09-05 at 21:29 -0400, Thomas E Dukes wrote:
> > Hello Sean,
> > 
> > I uncommented rootpw				secret
> > commented out the sasl reference.  Still won't connect.  :-(
> > 
> > I have been working on this for a week.  Its beating the heck out of me.
> > 
> > Thanks for your help!!!!
> 
> OK. I took the slapd.conf that you had posted earlier, and I was able to
> get it to work on a CentOS 4.1 box without too much trouble (clean up a
> typo in the rootdn name and a cut and paste issue). I had to comment out
> some stuff in /etc/openldap/ldap.conf. Something truly odd is going on
> there. The fact that ldap is starting but not creating tcp sockets is
> quite weird.
> 
> Have you tried rebooting? (I know, I know :) Sometimes system updates
> can cause subtle issues from time to time. Maybe something is goofy with
> the network on your machine. Have you been starting and stopping the
> network service? Can you ping localhost? I have seen some linux boxes
> (been a while, though) forget about how to talk to localhost and it
> caused all sorts of weird behavior.  
> 
> As a shot in the dark, are you running with selinux enabled? It has
> caused many a subtle problem in which a configuration that should "just
> work" has failed to work. Try running setenforce 0 and then restarting
> ldap. I run my machines with selinux=0 on the kernel line in grub.conf
> 
-- 

Jeffrey D. Means                                   meaje at meanspc.com
Owner / CIO for MeansPC                       http://www.meanspc.com/
Custom Web Development For Your Needs.                 (970)308-1298

- The stupidity of a stupid person is exercised in a restricted
field; the stupidity of an intelligent individual has a much broader
diffusion, and far greater effect, aided  as it is by the element
of surprise.

- WTO + WIPO = DMCA? http://www.anti-dmca.org
- Fight Internet Censorship! http://www.eff.org
= This is not about Napster or DVDs. It's about your Freedom.
http://www.anti-dmca.org

My Public PGP Key ID is: 0x81F00126
and available via:  
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x81F00126
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://lists.centos.org/pipermail/centos/attachments/20050906/d067d0e0/attachment-0005.sig>