Don, As Howard pointed out it will be easier to just bypass syslog and manual start slapd with debug so you will get the information printed out on screen.
<path to slapd>/slapd -d <debug level> -f <path to slapd.conf>/slapd.conf
This should highlight what is failing at startup.
--Kris
________________________________ From: openldap-technical-bounces+kris.burton=acision.com@OpenLDAP.org [mailto:openldap-technical-bounces+kris.burton=acision.com@OpenLDAP.org] On Behalf Of Donny George Sent: Wednesday, November 19, 2008 6:12 PM To: Howard Chu Cc: openldap-technical@openldap.org Subject: Re: cont contact server since 3 days+please help
hello howard
i tried to make sense form the manpage but being a new comer to linux i was unable to do so
after going through various forums , i realised that i should edit the /etc/syslog.conf but i am not sure how i should edit it so that i can view log files for debugging ldap
am i in the right direction ?
please help
thanks in advance don
On Wed, Nov 19, 2008 at 1:50 PM, Howard Chu <hyc@symas.commailto:hyc@symas.com> wrote: Starting slapd with debug flags is always more useful for diagnostics than trying to chase down where the syslogs are going to. Read the slapd(8) manpage.
Burton, Kris - Acision wrote: From the results below it looks like your server is not even coming up. This would explain why you are not able to search or add entries. Next thing to look at is to see if you are getting any useful information in the slapd.log. This should be in /var/log/slapd.log. If you don't know where it is located then try using the locate command I think ubuntu should have that or something equivalent.
If you don't find one then you might need to enable the log in /etc/syslog.conf.
I use RH so I assume something similar is available on ubuntu.
I added the list back to the CC so others that might know more about ubuntu specifics can help and so they can assist you as well.
--Kris
------------------------------------------------------------------------
*From:* Donny George [mailto:donny008@gmail.commailto:donny008@gmail.com] *Sent:* Wednesday, November 19, 2008 3:13 PM *To:* Burton, Kris - Acision *Subject:* Re: cont contact server since 3 days+please help
hello kris
this are the results that i get when i try to listen , guess this is not wat u were expecting
root@ubuntu:/home/administrator# ps -eaf | grep slapd root 14183 14172 0 22:07 pts/0 00:00:00 grep slapd root@ubuntu:/home/administrator# netstat -na | grep 389 root@ubuntu:/home/administrator# telnet 10.4.139.5http://10.4.139.5 http://10.4.139.5 389
Trying 10.4.139.5... telnet: Unable to connect to remote host: Connection refused
i tried the earlier steps like ldapsearch -d 255 after reading different forums of ldap but please dont misunderstand me to be an expert in openldap
could you tell me how to establish the connectivity or where did i go wrong
thanking you don
On Wed, Nov 19, 2008 at 10:16 AM, Burton, Kris - Acision <kris.burton@acision.commailto:kris.burton@acision.com <mailto:kris.burton@acision.commailto:kris.burton@acision.com>> wrote:
Have you on the server side verified that LDAP is up and listening on the proper port?
ps -eaf | grep slapd
netstat -na | grep 389 tcp 0 0 0.0.0.0:389http://0.0.0.0:389 http://0.0.0.0:389 0.0.0.0:* LISTEN
If the above come back and indicate it is up and listening see if you can telnet to the <ip> 389 and get something back.
Also you could check to see if you are getting errors on server startup by checking the slapd.log on the server side and see if it is reporting any errors.
If you are using the command line search are you specifying the remote server using the -h option?
Most of the errors seem to indicate there is nothing listening on the server to handle the search request.
--Kris Burton
------------------------------------------------------------------------
*From:* openldap-technical-bounces+kris.burton=acision.comhttp://acision.com http://acision.com@OpenLDAP.org
[mailto:openldap-technical-bounces+kris.burtonmailto:openldap-technical-bounces%2Bkris.burton <mailto:openldap-technical-bounces%2Bkris.burtonmailto:openldap-technical-bounces%252Bkris.burton>=acision.comhttp://acision.com http://acision.com@OpenLDAP.org] *On Behalf Of *Donny George
*Sent:* Wednesday, November 19, 2008 8:47 AM *To:* openldap-technical@openldap.orgmailto:openldap-technical@openldap.org <mailto:openldap-technical@openldap.orgmailto:openldap-technical@openldap.org>
*Subject:* cont contact server since 3 days+please help
hello all
i am a beginner with openldap and installed a server and a client with ldap(both machines ubuntu 8.04)
but once i tried to populate the database at the server it gave the error that it couldnt contact the server. i cudnt connect to the server frmo the client either.
i ran the command ldapsearch -d 255 to debug and heres the result
ldap_create ldap_pvt_sasl_getmech ldap_search put_filter: "(objectclass=*)" put_filter: simple put_simple_filter: "objectclass=*" ldap_build_search_req ATTRS: supportedSASLMechanisms ldap_send_initial_request ldap_new_connection 1 1 0 ldap_int_open_connection ldap_connect_to_host: TCP 10.4.139.5:389http://10.4.139.5:389 http://10.4.139.5:389
ldap_new_socket: 3 ldap_prepare_socket: 3 ldap_connect_to_host: Trying 10.4.139.5:389http://10.4.139.5:389 http://10.4.139.5:389
ldap_pvt_connect: fd: 3 tm: -1 async: 0 ldap_close_socket: 3 ldap_err2string ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1)
and if i run ldapsearch -x it gives the message
ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)
please someone help, i dont know where i cud start to solve this error.
-- Donny George
This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you.
-- Donny George
This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you.
-- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
-- Donny George
This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you.