Dear Quanah, OpenLDAPs,

Herewith the proof that slapd is listening on port 389.
I also included the slapd.conf, /etc/sysconfig/slapd and ldap.conf files.

Regards,
Thierry

# netstat -ltn
  Active Internet connections (only servers)
  Proto Recv-Q Send-Q Local Address           Foreign Address       State      
  tcp        0      0              0.0.0.0:389               0.0.0.0:*                     LISTEN    
  tcp        0      0              127.0.0.1:8080         0.0.0.0:*                    LISTEN    
  tcp        0      0              0.0.0.0:22                 0.0.0.0:*                    LISTEN    
  tcp6       0      0             :::389                        :::*                             LISTEN    
  tcp6       0      0             :::3306                      :::*                             LISTEN    
  tcp6       0      0             :::22                          :::*                             LISTEN    

# nc -zv 192.168.100.11 389
  Ncat: Version 7.50 ( https://nmap.org/ncat )
  Ncat: Connected to 192.168.100.11:389.
  Ncat: 0 bytes sent, 0 bytes received in 0.01 seconds.


# cat /etc/openldap/slapd.conf
  include /etc/openldap/schema/core.schema
  include /etc/openldap/schema/cosine.schema
  include /etc/openldap/schema/inetorgperson.schema
  include /etc/openldap/schema/nis.schema
  include     /etc/openldap/schema/ppolicy.schema
  allow bind_v2
  idletimeout 10
  pidfile /var/run/openldap/slapd.pid
  argsfile /var/run/openldap/slapd.args
  modulepath /usr/lib64/openldap
  moduleload ppolicy.la
  moduleload syncprov
  password-hash {CRYPT}
  password-crypt-salt-format "$6$%.86s"
  access to * by * read
  database bdb
  suffix "dc=be"
  rootdn "cn=Manager,dc=be"
  rootpw  {CRYPT}$6$DAn/HuEvv8oxXzht$4...k4ZUiJG4qUKzqUTCQVtuUY1
  directory /var/lib/ldap
  index objectClass                       eq,pres
  index ou,cn,mail,surname,givenname      eq,pres,sub
  index uidNumber,gidNumber,loginShell    eq,pres
  index uid,memberUid                     eq,pres,sub
  index nisMapName,nisMapEntry            eq,pres,sub
  overlay ppolicy
  ppolicy_default "cn=default,ou=policies,dc=be"
  ppolicy_use_lockout

# cat /etc/sysconfig/slapd
  SLAPD_URLS="ldapi:/// ldap:///"

# cat /etc/openldap/ldap.conf
   #TLS_CACERTDIR /etc/openldap/certs
   #TLS_CACERTDIR /etc/openldap/cacerts
   TLS_REQCERT never
   SASL_NOCANON on



Op di 10 mrt. 2020 om 19:42 schreef Quanah Gibson-Mount <quanah@symas.com>:
--On Tuesday, March 10, 2020 12:03 PM +0100 Thierry Debaene
<thierry.debaene@gmail.com> wrote:

># ldapsearch -x -H ldap://192.168.100.11 -D
># "uid=thierry,ou=People,ou=linux,dc=be" -w password -b ou=linux,dc=be
># -LLL memberUid -v
> ldap_initialize( ldap://192.168.100.11:389/??base )
> ldap_result: Can't contact LDAP server (-1)

Please provide evidence that slapd is listening to 192.168.100.11 on port
389 and that it can be accessed (i.e., no firewall etc blocking access).

For example on my local system:

nc -zv 10.2.0.74 389
Connection to 10.2.0.74 389 port [tcp/ldap] succeeded!

Regards,
Quanah

--

Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>