Norman,
did you try to provide a hostname in the URI?
ldapsearch -x -H 'ldap://<HOST>/dc=example,dc=net' '(cn=foo)'
instead of
ldapsearch -x -H 'ldap:///dc=example,dc=net' '(cn=foo)'
?
Regards,
Uwe
Am 20.02.23 um 14:19 schrieb Norman Gray:
Ede, hello.
On 20 Feb 2023, at 12:49, Ede Wolf wrote:
Just guessing by the error message, but your DNS Server does have a valid service record for that Base DN? As the error message suggests otherwise, but I may as well be completely off here.
A good thought -- thanks -- but yes, the SRV records are set up correctly, and I can make the query if the ',' in the dc= list are escaped (even though RFC 2396 doesn't require that).
Otherwise, but I am sure you know that, with only two "/" you can alway use the hostname, in case the DNS serive record is missing:
ldapsearch -H ldap://server.example.net -b dc=example,dc=net" 'cn=foo'
Indeed, and that's what I do most of the time. In fact, this is a case where a sequence of host+port LDAP URIs is useful.
Best wishes,
Norman