With this I am able to issue just one ldap search on the socket. Subsequent queries fail with 'ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)'
socat -d -d OPENSSL:192.168.10.18:8443,cafile=/etc/openldap/cacerts/ca.crt,verify=0, keepalive,reuseaddr,ignoreeof UNIX-LISTEN:/var/run/ldapi,reuseaddr,type=1,ignoreeof
I am just wondering if this is even possible, maybe the tcp connections keeps an authorized session? Or ldapi communication is just different? If this ldapi communication is different from ldaps. I guess I am only left with the options like - connecting with some forwarded ssh session to the local ldapi server socket - maybe export ldapi with stunnel on the server, and capture it again with stunnel/socat - look into slapd proxy/meta