Dear Quanah, Herewith the ldapwhoami without and with -H ldap:/// to compare. Regards, Thierry
server# ldapwhoami -x -D "cn=Manager,dc=be" -w password -d -1 ldap_create ldap_sasl_bind ldap_send_initial_request ldap_new_connection 1 1 0 ldap_int_open_connection ldap_connect_to_host: TCP localhost:389 ldap_new_socket: 3 ldap_prepare_socket: 3 ldap_connect_to_host: Trying ::1 389 ldap_pvt_connect: fd: 3 tm: -1 async: 0 attempting to connect: connect success ldap_open_defconn: successful ldap_send_server_request ber_scanf fmt ({it) ber: ber_dump: buf=0x55c5863df610 ptr=0x55c5863df610 end=0x55c5863df636 len=38 0000: 30 24 02 01 01 60 1f 02 01 03 04 10 63 6e 3d 4d 0$...`......cn=M 0010: 61 6e 61 67 65 72 2c 64 63 3d 62 65 80 08 70 61 anager,dc=be..pa 0020: 73 73 77 6f 72 64 ssword
ber_scanf fmt ({i) ber: ber_dump: buf=0x55c5863df610 ptr=0x55c5863df615 end=0x55c5863df636 len=33 0000: 60 1f 02 01 03 04 10 63 6e 3d 4d 61 6e 61 67 65 `......cn=Manage 0010: 72 2c 64 63 3d 62 65 80 08 70 61 73 73 77 6f 72 r,dc=be..passwor 0020: 64 d
ber_flush2: 38 bytes to sd 3 0000: 30 24 02 01 01 60 1f 02 01 03 04 10 63 6e 3d 4d 0$...`......cn=M 0010: 61 6e 61 67 65 72 2c 64 63 3d 62 65 80 08 70 61 anager,dc=be..pa 0020: 73 73 77 6f 72 64 ssword
ldap_write: want=38, written=38 0000: 30 24 02 01 01 60 1f 02 01 03 04 10 63 6e 3d 4d 0$...`......cn=M 0010: 61 6e 61 67 65 72 2c 64 63 3d 62 65 80 08 70 61 anager,dc=be..pa 0020: 73 73 77 6f 72 64 ssword
ldap_result ld 0x55c5863d6050 msgid 1 wait4msg ld 0x55c5863d6050 msgid 1 (infinite timeout) wait4msg continue ld 0x55c5863d6050 msgid 1 all 1 ** ld 0x55c5863d6050 Connections: * host: localhost port: 389 (default) refcnt: 2 status: Connected last used: Thu Mar 12 08:33:07 2020
** ld 0x55c5863d6050 Outstanding Requests: * msgid 1, origid 1, status InProgress outstanding referrals 0, parent count 0 ld 0x55c5863d6050 request count 1 (abandoned 0) ** ld 0x55c5863d6050 Response Queue: Empty ld 0x55c5863d6050 response count 0 ldap_chkResponseList ld 0x55c5863d6050 msgid 1 all 1 ldap_chkResponseList returns ld 0x55c5863d6050 NULL ldap_int_select read1msg: ld 0x55c5863d6050 msgid 1 all 1 ber_get_next ldap_read: want=8, got=8 0000: 30 0c 02 01 01 61 07 0a 0....a..
ldap_read: want=6, got=6 0000: 01 00 04 00 04 00 ......
ber_get_next: tag 0x30 len 12 contents: ber_dump: buf=0x55c5863e0a80 ptr=0x55c5863e0a80 end=0x55c5863e0a8c len=12 0000: 02 01 01 61 07 0a 01 00 04 00 04 00 ...a........
read1msg: ld 0x55c5863d6050 msgid 1 message type bind ber_scanf fmt ({eAA) ber: ber_dump: buf=0x55c5863e0a80 ptr=0x55c5863e0a83 end=0x55c5863e0a8c len=9 0000: 61 07 0a 01 00 04 00 04 00 a........
read1msg: ld 0x55c5863d6050 0 new referrals read1msg: mark request completed, ld 0x55c5863d6050 msgid 1 request done: ld 0x55c5863d6050 msgid 1 res_errno: 0, res_error: <>, res_matched: <> ldap_free_request (origid 1, msgid 1) ldap_parse_result ber_scanf fmt ({iAA) ber: ber_dump: buf=0x55c5863e0a80 ptr=0x55c5863e0a83 end=0x55c5863e0a8c len=9 0000: 61 07 0a 01 00 04 00 04 00 a........
ber_scanf fmt (}) ber: ber_dump: buf=0x55c5863e0a80 ptr=0x55c5863e0a8c end=0x55c5863e0a8c len=0
ldap_msgfree ldap_extended_operation ldap_send_initial_request ldap_send_server_request ber_scanf fmt ({it) ber: ber_dump: buf=0x55c5863df610 ptr=0x55c5863df610 end=0x55c5863df630 len=32 0000: 30 1e 02 01 02 77 19 80 17 31 2e 33 2e 36 2e 31 0....w...1.3.6.1 0010: 2e 34 2e 31 2e 34 32 30 33 2e 31 2e 31 31 2e 33 .4.1.4203.1.11.3 ber_scanf fmt ({) ber: ber_dump: buf=0x55c5863df610 ptr=0x55c5863df615 end=0x55c5863df630 len=27 0000: 77 19 80 17 31 2e 33 2e 36 2e 31 2e 34 2e 31 2e w...1.3.6.1.4.1. 0010: 34 32 30 33 2e 31 2e 31 31 2e 33 4203.1.11.3
ber_flush2: 32 bytes to sd 3 0000: 30 1e 02 01 02 77 19 80 17 31 2e 33 2e 36 2e 31 0....w...1.3.6.1 0010: 2e 34 2e 31 2e 34 32 30 33 2e 31 2e 31 31 2e 33 .4.1.4203.1.11.3 ldap_write: want=32, written=32 0000: 30 1e 02 01 02 77 19 80 17 31 2e 33 2e 36 2e 31 0....w...1.3.6.1 0010: 2e 34 2e 31 2e 34 32 30 33 2e 31 2e 31 31 2e 33 .4.1.4203.1.11.3 ldap_result ld 0x55c5863d6050 msgid -1 wait4msg ld 0x55c5863d6050 msgid -1 (timeout 100000 usec) wait4msg continue ld 0x55c5863d6050 msgid -1 all 1 ** ld 0x55c5863d6050 Connections: * host: localhost port: 389 (default) refcnt: 2 status: Connected last used: Thu Mar 12 08:33:07 2020
** ld 0x55c5863d6050 Outstanding Requests: * msgid 2, origid 2, status InProgress outstanding referrals 0, parent count 0 ld 0x55c5863d6050 request count 1 (abandoned 0) ** ld 0x55c5863d6050 Response Queue: Empty ld 0x55c5863d6050 response count 0 ldap_chkResponseList ld 0x55c5863d6050 msgid -1 all 1 ldap_chkResponseList returns ld 0x55c5863d6050 NULL ldap_int_select read1msg: ld 0x55c5863d6050 msgid -1 all 1 ber_get_next ldap_read: want=8, got=8 0000: 30 21 02 01 02 78 1c 0a 0!...x..
ldap_read: want=27, got=27 0000: 01 00 04 00 04 00 8b 13 64 6e 3a 63 6e 3d 4d 61 ........dn:cn=Ma 0010: 6e 61 67 65 72 2c 64 63 3d 62 65 nager,dc=be
ber_get_next: tag 0x30 len 33 contents: ber_dump: buf=0x55c5863e0a80 ptr=0x55c5863e0a80 end=0x55c5863e0aa1 len=33 0000: 02 01 02 78 1c 0a 01 00 04 00 04 00 8b 13 64 6e ...x..........dn 0010: 3a 63 6e 3d 4d 61 6e 61 67 65 72 2c 64 63 3d 62 :cn=Manager,dc=b 0020: 65 e
read1msg: ld 0x55c5863d6050 msgid 2 message type extended-result ber_scanf fmt ({eAA) ber: ber_dump: buf=0x55c5863e0a80 ptr=0x55c5863e0a83 end=0x55c5863e0aa1 len=30 0000: 78 1c 0a 01 00 04 00 04 00 8b 13 64 6e 3a 63 6e x..........dn:cn 0010: 3d 4d 61 6e 61 67 65 72 2c 64 63 3d 62 65 =Manager,dc=be
read1msg: ld 0x55c5863d6050 0 new referrals read1msg: mark request completed, ld 0x55c5863d6050 msgid 2 request done: ld 0x55c5863d6050 msgid 2 res_errno: 0, res_error: <>, res_matched: <> ldap_free_request (origid 2, msgid 2) ldap_parse_result ber_scanf fmt ({iAA) ber: ber_dump: buf=0x55c5863e0a80 ptr=0x55c5863e0a83 end=0x55c5863e0aa1 len=30 0000: 78 1c 0a 01 00 04 00 04 00 8b 13 64 6e 3a 63 6e x..........dn:cn 0010: 3d 4d 61 6e 61 67 65 72 2c 64 63 3d 62 65 =Manager,dc=be
ber_scanf fmt (x) ber: ber_dump: buf=0x55c5863e0a80 ptr=0x55c5863e0a8c end=0x55c5863e0aa1 len=21 0000: 8b 13 64 6e 3a 63 6e 3d 4d 61 6e 61 67 65 72 2c ..dn:cn=Manager, 0010: 64 63 3d 62 65 dc=be
ber_scanf fmt (}) ber: ber_dump: buf=0x55c5863e0a80 ptr=0x55c5863e0aa1 end=0x55c5863e0aa1 len=0
ldap_parse_extended_result ber_scanf fmt ({eAA) ber: ber_dump: buf=0x55c5863e0a80 ptr=0x55c5863e0a83 end=0x55c5863e0aa1 len=30 0000: 78 1c 0a 01 00 04 00 04 00 8b 13 64 6e 3a 63 6e x..........dn:cn 0010: 3d 4d 61 6e 61 67 65 72 2c 64 63 3d 62 65 =Manager,dc=be
ber_scanf fmt (O) ber: ber_dump: buf=0x55c5863e0a80 ptr=0x55c5863e0a8c end=0x55c5863e0aa1 len=21 0000: 8b 13 64 6e 3a 63 6e 3d 4d 61 6e 61 67 65 72 2c ..dn:cn=Manager, 0010: 64 63 3d 62 65 dc=be
dn:cn=Manager,dc=be ldap_msgfree ldap_free_connection 1 1 ldap_send_unbind ber_flush2: 7 bytes to sd 3 0000: 30 05 02 01 03 42 00 0....B.
ldap_write: want=7, written=7 0000: 30 05 02 01 03 42 00 0....B.
ldap_free_connection: actually freed
server# ldapwhoami -x -H ldap://192.168.100.11/ -D "cn=Manager,dc=be" -w password -d -1 ldap_url_parse_ext(ldap://192.168.100.11/) ldap_create ldap_url_parse_ext(ldap://192.168.100.11:389/??base) ldap_sasl_bind ldap_send_initial_request ldap_new_connection 1 1 0 ldap_int_open_connection ldap_connect_to_host: TCP 192.168.100.11:389 ldap_new_socket: 3 ldap_prepare_socket: 3 ldap_connect_to_host: Trying 192.168.100.11:389 ldap_pvt_connect: fd: 3 tm: -1 async: 0 attempting to connect: connect success ldap_open_defconn: successful ldap_send_server_request ber_scanf fmt ({it) ber: ber_dump: buf=0x559745d846c0 ptr=0x559745d846c0 end=0x559745d846e6 len=38 0000: 30 24 02 01 01 60 1f 02 01 03 04 10 63 6e 3d 4d 0$...`......cn=M 0010: 61 6e 61 67 65 72 2c 64 63 3d 62 65 80 08 70 61 anager,dc=be..pa 0020: 73 73 77 6f 72 64 ssword
ber_scanf fmt ({i) ber: ber_dump: buf=0x559745d846c0 ptr=0x559745d846c5 end=0x559745d846e6 len=33 0000: 60 1f 02 01 03 04 10 63 6e 3d 4d 61 6e 61 67 65 `......cn=Manage 0010: 72 2c 64 63 3d 62 65 80 08 70 61 73 73 77 6f 72 r,dc=be..passwor 0020: 64 d
ber_flush2: 38 bytes to sd 3 0000: 30 24 02 01 01 60 1f 02 01 03 04 10 63 6e 3d 4d 0$...`......cn=M 0010: 61 6e 61 67 65 72 2c 64 63 3d 62 65 80 08 70 61 anager,dc=be..pa 0020: 73 73 77 6f 72 64 ssword
ldap_write: want=38, written=38 0000: 30 24 02 01 01 60 1f 02 01 03 04 10 63 6e 3d 4d 0$...`......cn=M 0010: 61 6e 61 67 65 72 2c 64 63 3d 62 65 80 08 70 61 anager,dc=be..pa 0020: 73 73 77 6f 72 64 ssword
ldap_result ld 0x559745d7b070 msgid 1 wait4msg ld 0x559745d7b070 msgid 1 (infinite timeout) wait4msg continue ld 0x559745d7b070 msgid 1 all 1 ** ld 0x559745d7b070 Connections: * host: 192.168.100.11 port: 389 (default) refcnt: 2 status: Connected last used: Wed Mar 11 20:54:07 2020
** ld 0x559745d7b070 Outstanding Requests: * msgid 1, origid 1, status InProgress outstanding referrals 0, parent count 0 ld 0x559745d7b070 request count 1 (abandoned 0) ** ld 0x559745d7b070 Response Queue: Empty ld 0x559745d7b070 response count 0 ldap_chkResponseList ld 0x559745d7b070 msgid 1 all 1 ldap_chkResponseList returns ld 0x559745d7b070 NULL ldap_int_select read1msg: ld 0x559745d7b070 msgid 1 all 1 ber_get_next ldap_read: want=8, got=0
ber_get_next failed. ldap_err2string ldap_result: Can't contact LDAP server (-1) ldap_free_request (origid 1, msgid 1) ldap_free_connection 1 1 ldap_free_connection: actually freed
Op do 12 mrt. 2020 om 00:04 schreef Quanah Gibson-Mount quanah@symas.com:
--On Wednesday, March 11, 2020 9:59 PM +0100 Thierry Debaene thierry.debaene@gmail.com wrote:
ldap_chkResponseList returns ld 0x55bbbd3ec070 NULL ldap_int_select read1msg: ld 0x55bbbd3ec070 msgid 1 all 1 ber_get_next ldap_read: want=8, got=0
It successfully connected to port 389 on that IP address, but got no response back from whatever is listening to that port on that IP address. I'd suggest comparing the output to the same command with no -H option specified.
--Quanah
Dear Quanah, OpenLDAPs,
Problem solved. I thought because the debug logs showed 'connect success' that something in slapd was refusing the LDAP information retrieval but no it wasn't. It appeared, that our supplier configured the TCP-wrapper on our LDAP-server which I wasn't aware of. So, I added 'slapd: ALL' to the /etc/hosts.allow file and now all LDAP information retrievals from my LAN machines work as expected. Next step will be to restrict the access and move to TSL.
Thanks for your help and pointing me into the rigth direction Quanah !
Kind Regards, Thierry
Op do 12 mrt. 2020 om 08:37 schreef Thierry Debaene < thierry.debaene@gmail.com>:
Dear Quanah, Herewith the ldapwhoami without and with -H ldap:/// to compare. Regards, Thierry
server# ldapwhoami -x -D "cn=Manager,dc=be" -w password -d -1 ldap_create ldap_sasl_bind ldap_send_initial_request ldap_new_connection 1 1 0 ldap_int_open_connection ldap_connect_to_host: TCP localhost:389 ldap_new_socket: 3 ldap_prepare_socket: 3 ldap_connect_to_host: Trying ::1 389 ldap_pvt_connect: fd: 3 tm: -1 async: 0 attempting to connect: connect success ldap_open_defconn: successful ldap_send_server_request ber_scanf fmt ({it) ber: ber_dump: buf=0x55c5863df610 ptr=0x55c5863df610 end=0x55c5863df636 len=38 0000: 30 24 02 01 01 60 1f 02 01 03 04 10 63 6e 3d 4d 0$...`......cn=M 0010: 61 6e 61 67 65 72 2c 64 63 3d 62 65 80 08 70 61 anager,dc=be..pa 0020: 73 73 77 6f 72 64 ssword
ber_scanf fmt ({i) ber: ber_dump: buf=0x55c5863df610 ptr=0x55c5863df615 end=0x55c5863df636 len=33 0000: 60 1f 02 01 03 04 10 63 6e 3d 4d 61 6e 61 67 65 `......cn=Manage 0010: 72 2c 64 63 3d 62 65 80 08 70 61 73 73 77 6f 72 r,dc=be..passwor 0020: 64 d
ber_flush2: 38 bytes to sd 3 0000: 30 24 02 01 01 60 1f 02 01 03 04 10 63 6e 3d 4d 0$...`......cn=M 0010: 61 6e 61 67 65 72 2c 64 63 3d 62 65 80 08 70 61 anager,dc=be..pa 0020: 73 73 77 6f 72 64 ssword
ldap_write: want=38, written=38 0000: 30 24 02 01 01 60 1f 02 01 03 04 10 63 6e 3d 4d 0$...`......cn=M 0010: 61 6e 61 67 65 72 2c 64 63 3d 62 65 80 08 70 61 anager,dc=be..pa 0020: 73 73 77 6f 72 64 ssword
ldap_result ld 0x55c5863d6050 msgid 1 wait4msg ld 0x55c5863d6050 msgid 1 (infinite timeout) wait4msg continue ld 0x55c5863d6050 msgid 1 all 1 ** ld 0x55c5863d6050 Connections:
- host: localhost port: 389 (default) refcnt: 2 status: Connected last used: Thu Mar 12 08:33:07 2020
** ld 0x55c5863d6050 Outstanding Requests:
- msgid 1, origid 1, status InProgress outstanding referrals 0, parent count 0
ld 0x55c5863d6050 request count 1 (abandoned 0) ** ld 0x55c5863d6050 Response Queue: Empty ld 0x55c5863d6050 response count 0 ldap_chkResponseList ld 0x55c5863d6050 msgid 1 all 1 ldap_chkResponseList returns ld 0x55c5863d6050 NULL ldap_int_select read1msg: ld 0x55c5863d6050 msgid 1 all 1 ber_get_next ldap_read: want=8, got=8 0000: 30 0c 02 01 01 61 07 0a 0....a..
ldap_read: want=6, got=6 0000: 01 00 04 00 04 00 ......
ber_get_next: tag 0x30 len 12 contents: ber_dump: buf=0x55c5863e0a80 ptr=0x55c5863e0a80 end=0x55c5863e0a8c len=12 0000: 02 01 01 61 07 0a 01 00 04 00 04 00 ...a........
read1msg: ld 0x55c5863d6050 msgid 1 message type bind ber_scanf fmt ({eAA) ber: ber_dump: buf=0x55c5863e0a80 ptr=0x55c5863e0a83 end=0x55c5863e0a8c len=9 0000: 61 07 0a 01 00 04 00 04 00 a........
read1msg: ld 0x55c5863d6050 0 new referrals read1msg: mark request completed, ld 0x55c5863d6050 msgid 1 request done: ld 0x55c5863d6050 msgid 1 res_errno: 0, res_error: <>, res_matched: <> ldap_free_request (origid 1, msgid 1) ldap_parse_result ber_scanf fmt ({iAA) ber: ber_dump: buf=0x55c5863e0a80 ptr=0x55c5863e0a83 end=0x55c5863e0a8c len=9 0000: 61 07 0a 01 00 04 00 04 00 a........
ber_scanf fmt (}) ber: ber_dump: buf=0x55c5863e0a80 ptr=0x55c5863e0a8c end=0x55c5863e0a8c len=0
ldap_msgfree ldap_extended_operation ldap_send_initial_request ldap_send_server_request ber_scanf fmt ({it) ber: ber_dump: buf=0x55c5863df610 ptr=0x55c5863df610 end=0x55c5863df630 len=32 0000: 30 1e 02 01 02 77 19 80 17 31 2e 33 2e 36 2e 31 0....w...1.3.6.1 0010: 2e 34 2e 31 2e 34 32 30 33 2e 31 2e 31 31 2e 33 .4.1.4203.1.11.3 ber_scanf fmt ({) ber: ber_dump: buf=0x55c5863df610 ptr=0x55c5863df615 end=0x55c5863df630 len=27 0000: 77 19 80 17 31 2e 33 2e 36 2e 31 2e 34 2e 31 2e w...1.3.6.1.4.1. 0010: 34 32 30 33 2e 31 2e 31 31 2e 33 4203.1.11.3
ber_flush2: 32 bytes to sd 3 0000: 30 1e 02 01 02 77 19 80 17 31 2e 33 2e 36 2e 31 0....w...1.3.6.1 0010: 2e 34 2e 31 2e 34 32 30 33 2e 31 2e 31 31 2e 33 .4.1.4203.1.11.3 ldap_write: want=32, written=32 0000: 30 1e 02 01 02 77 19 80 17 31 2e 33 2e 36 2e 31 0....w...1.3.6.1 0010: 2e 34 2e 31 2e 34 32 30 33 2e 31 2e 31 31 2e 33 .4.1.4203.1.11.3 ldap_result ld 0x55c5863d6050 msgid -1 wait4msg ld 0x55c5863d6050 msgid -1 (timeout 100000 usec) wait4msg continue ld 0x55c5863d6050 msgid -1 all 1 ** ld 0x55c5863d6050 Connections:
- host: localhost port: 389 (default) refcnt: 2 status: Connected last used: Thu Mar 12 08:33:07 2020
** ld 0x55c5863d6050 Outstanding Requests:
- msgid 2, origid 2, status InProgress outstanding referrals 0, parent count 0
ld 0x55c5863d6050 request count 1 (abandoned 0) ** ld 0x55c5863d6050 Response Queue: Empty ld 0x55c5863d6050 response count 0 ldap_chkResponseList ld 0x55c5863d6050 msgid -1 all 1 ldap_chkResponseList returns ld 0x55c5863d6050 NULL ldap_int_select read1msg: ld 0x55c5863d6050 msgid -1 all 1 ber_get_next ldap_read: want=8, got=8 0000: 30 21 02 01 02 78 1c 0a 0!...x..
ldap_read: want=27, got=27 0000: 01 00 04 00 04 00 8b 13 64 6e 3a 63 6e 3d 4d 61 ........dn:cn=Ma 0010: 6e 61 67 65 72 2c 64 63 3d 62 65 nager,dc=be
ber_get_next: tag 0x30 len 33 contents: ber_dump: buf=0x55c5863e0a80 ptr=0x55c5863e0a80 end=0x55c5863e0aa1 len=33 0000: 02 01 02 78 1c 0a 01 00 04 00 04 00 8b 13 64 6e ...x..........dn 0010: 3a 63 6e 3d 4d 61 6e 61 67 65 72 2c 64 63 3d 62 :cn=Manager,dc=b 0020: 65 e
read1msg: ld 0x55c5863d6050 msgid 2 message type extended-result ber_scanf fmt ({eAA) ber: ber_dump: buf=0x55c5863e0a80 ptr=0x55c5863e0a83 end=0x55c5863e0aa1 len=30 0000: 78 1c 0a 01 00 04 00 04 00 8b 13 64 6e 3a 63 6e x..........dn:cn 0010: 3d 4d 61 6e 61 67 65 72 2c 64 63 3d 62 65 =Manager,dc=be
read1msg: ld 0x55c5863d6050 0 new referrals read1msg: mark request completed, ld 0x55c5863d6050 msgid 2 request done: ld 0x55c5863d6050 msgid 2 res_errno: 0, res_error: <>, res_matched: <> ldap_free_request (origid 2, msgid 2) ldap_parse_result ber_scanf fmt ({iAA) ber: ber_dump: buf=0x55c5863e0a80 ptr=0x55c5863e0a83 end=0x55c5863e0aa1 len=30 0000: 78 1c 0a 01 00 04 00 04 00 8b 13 64 6e 3a 63 6e x..........dn:cn 0010: 3d 4d 61 6e 61 67 65 72 2c 64 63 3d 62 65 =Manager,dc=be
ber_scanf fmt (x) ber: ber_dump: buf=0x55c5863e0a80 ptr=0x55c5863e0a8c end=0x55c5863e0aa1 len=21 0000: 8b 13 64 6e 3a 63 6e 3d 4d 61 6e 61 67 65 72 2c ..dn:cn=Manager, 0010: 64 63 3d 62 65 dc=be
ber_scanf fmt (}) ber: ber_dump: buf=0x55c5863e0a80 ptr=0x55c5863e0aa1 end=0x55c5863e0aa1 len=0
ldap_parse_extended_result ber_scanf fmt ({eAA) ber: ber_dump: buf=0x55c5863e0a80 ptr=0x55c5863e0a83 end=0x55c5863e0aa1 len=30 0000: 78 1c 0a 01 00 04 00 04 00 8b 13 64 6e 3a 63 6e x..........dn:cn 0010: 3d 4d 61 6e 61 67 65 72 2c 64 63 3d 62 65 =Manager,dc=be
ber_scanf fmt (O) ber: ber_dump: buf=0x55c5863e0a80 ptr=0x55c5863e0a8c end=0x55c5863e0aa1 len=21 0000: 8b 13 64 6e 3a 63 6e 3d 4d 61 6e 61 67 65 72 2c ..dn:cn=Manager, 0010: 64 63 3d 62 65 dc=be
dn:cn=Manager,dc=be ldap_msgfree ldap_free_connection 1 1 ldap_send_unbind ber_flush2: 7 bytes to sd 3 0000: 30 05 02 01 03 42 00 0....B.
ldap_write: want=7, written=7 0000: 30 05 02 01 03 42 00 0....B.
ldap_free_connection: actually freed
server# ldapwhoami -x -H ldap://192.168.100.11/ -D "cn=Manager,dc=be" -w password -d -1 ldap_url_parse_ext(ldap://192.168.100.11/) ldap_create ldap_url_parse_ext(ldap://192.168.100.11:389/??base) ldap_sasl_bind ldap_send_initial_request ldap_new_connection 1 1 0 ldap_int_open_connection ldap_connect_to_host: TCP 192.168.100.11:389 ldap_new_socket: 3 ldap_prepare_socket: 3 ldap_connect_to_host: Trying 192.168.100.11:389 ldap_pvt_connect: fd: 3 tm: -1 async: 0 attempting to connect: connect success ldap_open_defconn: successful ldap_send_server_request ber_scanf fmt ({it) ber: ber_dump: buf=0x559745d846c0 ptr=0x559745d846c0 end=0x559745d846e6 len=38 0000: 30 24 02 01 01 60 1f 02 01 03 04 10 63 6e 3d 4d 0$...`......cn=M 0010: 61 6e 61 67 65 72 2c 64 63 3d 62 65 80 08 70 61 anager,dc=be..pa 0020: 73 73 77 6f 72 64 ssword
ber_scanf fmt ({i) ber: ber_dump: buf=0x559745d846c0 ptr=0x559745d846c5 end=0x559745d846e6 len=33 0000: 60 1f 02 01 03 04 10 63 6e 3d 4d 61 6e 61 67 65 `......cn=Manage 0010: 72 2c 64 63 3d 62 65 80 08 70 61 73 73 77 6f 72 r,dc=be..passwor 0020: 64 d
ber_flush2: 38 bytes to sd 3 0000: 30 24 02 01 01 60 1f 02 01 03 04 10 63 6e 3d 4d 0$...`......cn=M 0010: 61 6e 61 67 65 72 2c 64 63 3d 62 65 80 08 70 61 anager,dc=be..pa 0020: 73 73 77 6f 72 64 ssword
ldap_write: want=38, written=38 0000: 30 24 02 01 01 60 1f 02 01 03 04 10 63 6e 3d 4d 0$...`......cn=M 0010: 61 6e 61 67 65 72 2c 64 63 3d 62 65 80 08 70 61 anager,dc=be..pa 0020: 73 73 77 6f 72 64 ssword
ldap_result ld 0x559745d7b070 msgid 1 wait4msg ld 0x559745d7b070 msgid 1 (infinite timeout) wait4msg continue ld 0x559745d7b070 msgid 1 all 1 ** ld 0x559745d7b070 Connections:
- host: 192.168.100.11 port: 389 (default) refcnt: 2 status: Connected last used: Wed Mar 11 20:54:07 2020
** ld 0x559745d7b070 Outstanding Requests:
- msgid 1, origid 1, status InProgress outstanding referrals 0, parent count 0
ld 0x559745d7b070 request count 1 (abandoned 0) ** ld 0x559745d7b070 Response Queue: Empty ld 0x559745d7b070 response count 0 ldap_chkResponseList ld 0x559745d7b070 msgid 1 all 1 ldap_chkResponseList returns ld 0x559745d7b070 NULL ldap_int_select read1msg: ld 0x559745d7b070 msgid 1 all 1 ber_get_next ldap_read: want=8, got=0
ber_get_next failed. ldap_err2string ldap_result: Can't contact LDAP server (-1) ldap_free_request (origid 1, msgid 1) ldap_free_connection 1 1 ldap_free_connection: actually freed
Op do 12 mrt. 2020 om 00:04 schreef Quanah Gibson-Mount <quanah@symas.com
:
--On Wednesday, March 11, 2020 9:59 PM +0100 Thierry Debaene thierry.debaene@gmail.com wrote:
ldap_chkResponseList returns ld 0x55bbbd3ec070 NULL ldap_int_select read1msg: ld 0x55bbbd3ec070 msgid 1 all 1 ber_get_next ldap_read: want=8, got=0
It successfully connected to port 389 on that IP address, but got no response back from whatever is listening to that port on that IP address. I'd suggest comparing the output to the same command with no -H option specified.
--Quanah
openldap-technical@openldap.org