Dear Quanah, OpenLDAPs,
Herewith the proof that slapd is listening on port 389. I also included the slapd.conf, /etc/sysconfig/slapd and ldap.conf files.
Regards, Thierry
# netstat -ltn Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:389 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:8080 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN tcp6 0 0 :::389 :::* LISTEN tcp6 0 0 :::3306 :::* LISTEN tcp6 0 0 :::22 :::* LISTEN
# nc -zv 192.168.100.11 389 Ncat: Version 7.50 ( https://nmap.org/ncat ) Ncat: Connected to 192.168.100.11:389. Ncat: 0 bytes sent, 0 bytes received in 0.01 seconds.
# cat /etc/openldap/slapd.conf include /etc/openldap/schema/core.schema include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/inetorgperson.schema include /etc/openldap/schema/nis.schema include /etc/openldap/schema/ppolicy.schema allow bind_v2 idletimeout 10 pidfile /var/run/openldap/slapd.pid argsfile /var/run/openldap/slapd.args modulepath /usr/lib64/openldap moduleload ppolicy.la moduleload syncprov password-hash {CRYPT} password-crypt-salt-format "$6$%.86s" access to * by * read database bdb suffix "dc=be" rootdn "cn=Manager,dc=be" rootpw {CRYPT}$6$DAn/HuEvv8oxXzht$4...k4ZUiJG4qUKzqUTCQVtuUY1 directory /var/lib/ldap index objectClass eq,pres index ou,cn,mail,surname,givenname eq,pres,sub index uidNumber,gidNumber,loginShell eq,pres index uid,memberUid eq,pres,sub index nisMapName,nisMapEntry eq,pres,sub overlay ppolicy ppolicy_default "cn=default,ou=policies,dc=be" ppolicy_use_lockout
# cat /etc/sysconfig/slapd SLAPD_URLS="ldapi:/// ldap:///"
# cat /etc/openldap/ldap.conf #TLS_CACERTDIR /etc/openldap/certs #TLS_CACERTDIR /etc/openldap/cacerts TLS_REQCERT never SASL_NOCANON on
Op di 10 mrt. 2020 om 19:42 schreef Quanah Gibson-Mount quanah@symas.com:
--On Tuesday, March 10, 2020 12:03 PM +0100 Thierry Debaene thierry.debaene@gmail.com wrote:
# ldapsearch -x -H ldap://192.168.100.11 -D # "uid=thierry,ou=People,ou=linux,dc=be" -w password -b ou=linux,dc=be # -LLL memberUid -v ldap_initialize( ldap://192.168.100.11:389/??base ) ldap_result: Can't contact LDAP server (-1)
Please provide evidence that slapd is listening to 192.168.100.11 on port 389 and that it can be accessed (i.e., no firewall etc blocking access).
For example on my local system:
nc -zv 10.2.0.74 389 Connection to 10.2.0.74 389 port [tcp/ldap] succeeded!
Regards, Quanah
--
Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com