Hi all,

I'm playing with a redhat enterprise 4  that uses ldap, since a few days i've notice that the slapd daemon is not able to bind to the default port 389, i'm very new to this server so i could being doing something of very stupid!

[root@ myserver etc]# netstat -tuan | grep 389
[root@ myserver etc]# 

i was wondering if a run time file of the server hasn't been properly removed due to a brutal restart, and now the process isn't able to bind to any port, does that make sense? which files should i look for?

[root@ myserver etc]# ls /var/run/openldap/
[root@ myserver etc]# ls /var/lock/
dmraid  lvm  rpm  subsys
[root@ myserver etc]#

i've tried to reinstall/downgrade various packages but nothing:

[root@ myserver etc]# rpm -q openldap
openldap-2.2.13-12.el4_8.2
[root@ myserver etc]# rpm -q openldap-servers
openldap-servers-2.2.13-12.el4_8.2
[root@ myserver etc]# rpm -q openldap-clients 
openldap-clients-2.2.13-12.el4_8.2
[root@ myserver etc]# rpm -q nss_ldap
nss_ldap-253-7.el4
[root@ myserver etc]# 


Mar  1 08:03:24 myserver su[5988]: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server

Mar  1 08:03:24 myserver su[5988]: nss_ldap: could not search LDAP server - Server is unavailable

Mar  1 08:03:24 myserver su[5988]: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server

Mar  1 08:03:24 myserver su[5988]: nss_ldap: could not search LDAP server - Server is unavailable

Mar  1 08:03:46 myserver netstat: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server

Mar  1 08:03:46 myserver netstat: nss_ldap: could not search LDAP server - Server is unavailable

Mar  1 08:03:46 myserver netstat: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server

Mar  1 08:03:46 myserver netstat: nss_ldap: could not search LDAP server - Server is unavailable

Mar  1 08:11:32 myserver runuser: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server

Mar  1 08:11:32 myserver runuser: nss_ldap: could not search LDAP server - Server is unavailable

Mar  1 08:11:32 myserver runuser: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server

Mar  1 08:11:32 myserver runuser: nss_ldap: could not search LDAP server - Server is unavailable

Mar  1 08:11:32 myserver runuser: config file testing succeeded

Mar  1 08:11:32 myserver slapd[6476]: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server

Mar  1 08:11:32 myserver slapd[6476]: nss_ldap: could not search LDAP server - Server is unavailable

Mar  1 08:11:32 myserver slapd[6476]: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server

Mar  1 08:11:32 myserver slapd[6476]: nss_ldap: could not search LDAP server - Server is unavailable

Mar  1 08:13:23 myserver saslauthd[5038]: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server

Mar  1 08:13:23 myserver saslauthd[5038]: nss_ldap: could not search LDAP server - Server is unavailable

Mar  1 08:13:23 myserver saslauthd[5038]: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server

Mar  1 08:13:23 myserver saslauthd[5038]: nss_ldap: could not search LDAP server - Server is unavailable

Mar  1 08:13:23 myserver smtp(pam_unix)[5038]: check pass; user unknown

Mar  1 08:13:23 myserver smtp(pam_unix)[5038]: authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= 

Mar  1 08:13:23 myserver saslauthd[5038]: pam_ldap: ldap_simple_bind Can't contact LDAP server

Mar  1 08:13:26 myserver saslauthd[5038]: do_auth         : auth failure: [user=user] [service=smtp] [realm=] [mech=pam] [reason=PAM auth error]

Mar  1 08:13:29 myserver netstat: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server

Mar  1 08:13:29 myserver netstat: nss_ldap: could not search LDAP server - Server is unavailable

Mar  1 08:13:29 myserver netstat: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server

Mar  1 08:13:29 myserver netstat: nss_ldap: could not search LDAP server - Server is unavailable



configuration files:


/etc/ldap.conf


# @(#)$Id: ldap.conf,v 1.34 2004/09/16 23:32:02 lukeh Exp $

#

# This is the configuration file for the LDAP nameservice

# switch library and the LDAP PAM module.

#

#

host 127.0.0.1


dc=tfis,dc=domain,dc=org


# The port.

# Optional: default is 389.

port 389


timelimit 20


bind_timelimit 20


bind_policy soft


idle_timelimit 3600


ssl no

tls_cacertdir /etc/openldap/cacerts

pam_password md5

base dc=tfis,dc=domain,dc=org



/etc/openldap/ldap.conf


#

# LDAP Defaults

#


# See ldap.conf(5) for details

# This file should be world readable but not world writable.


BASE dc=tfis,dc=domain,dc=org

HOST 127.0.0.1

TLS_CACERTDIR /etc/openldap/cacerts

#URI ldap://ldap.example.com ldap://ldap-master.example.com:666


#SIZELIMIT 12

#TIMELIMIT 15

#DEREF never



/etc/openldap/slapd.conf


#

# See slapd.conf(5) for details on configuration options.

# This file should NOT be world readable.

#

include /etc/openldap/schema/core.schema

include /etc/openldap/schema/cosine.schema

include /etc/openldap/schema/inetorgperson.schema

include /etc/openldap/schema/nis.schema


pidfile /var/run/openldap/slapd.pid

argsfile /var/run/openldap/slapd.args


database bdb

suffix "dc=tfis, dc=domain, dc=org"

rootdn "cn=Manager,dc=tfis,dc=domain,dc=org"


directory /var/lib/ldap


# Indices to maintain for this database

index objectClass                       eq,pres

index ou,cn,mail,surname,givenname      eq,pres,sub

index uidNumber,gidNumber,loginShell    eq,pres

index uid,memberUid                     eq,pres,sub

index nisMapName,nisMapEntry            eq,pres,sub


thank you very much for some help!! i don't know where too look anymore, i've installed the same package on another redhat enterprise 4 and it correctly binds the default port, i'm thinking to move temporarily the ldap database on the other server which should be:


1) cp /usr/lib/ldap

2) cp configuration files

3) configure web application to use the new slapd server

am i missing something ? thanks ! 
kocisky

p.s. i've been googling around and there is something but no results : (