Hi Stefan,

can you please post the output from

rpm -qf $(which ldapsearch)

best regards Michael

Am Mittwoch, dem 05.07.2023 um 20:37 +0200 schrieb Stefan Kania:

Hi to all,

I just installed openSUSE 15.5 and the actual symas packages. After installing OpenLDAP I could start slapd but "ldapsearch -Y external - H ldapi:///" is giving me a "can't connect to ldapserver"

I found out that the ldap-socket on SUSE is (the same a on Debian systems) in /var/symas/run/ldapi and I can see:

ss -lp | grep slapd u_str LISTEN 0      2048                         /var/symas/run/ldapi 15214                         * 0    users:(("slapd",pid=1431,fd=9))

but doing a ldapsearch: provider01:~ # ldapmodify -Y EXTERNAL -H ldapi:/// -d 5 ldap_url_parse_ext(ldapi:///) ldap_create ldap_url_parse_ext(ldapi:///??base) ldap_sasl_interactive_bind: user selected: EXTERNAL ldap_int_sasl_bind: EXTERNAL ldap_new_connection 1 1 0 ldap_int_open_connection ldap_connect_to_path ldap_new_socket: 3 ldap_connect_to_path: Trying /run/slapd/ldapi ldap_connect_timeout: fd: 3 tm: -1 async: 0 ldap_ndelay_on: 3 ldap_close_socket: 3 ldap_msgfree ldap_err2string ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1)

You can see, that ldapsearch is looking in /run/slapd/ for the socket. How can I change this?

I tested with setting a link: ln -s /var/symas/run/ldapi /run/slapd/

and ldapseach wit "external" is working. But this was only a test. After rebooting the system the link is gone.

So how can I either change the behavior of the ldap-commands or changing the path where the socket will be stored?

Thank's for any help

Have you tried ldap.conf or ldaprc "URI" setting?

On 6/07/2023 4:37 am, Stefan Kania wrote:

Hi to all,

I just installed openSUSE 15.5 and the actual symas packages. After installing OpenLDAP I could start slapd but "ldapsearch -Y external -H ldapi:///" is giving me a "can't connect to ldapserver"

I found out that the ldap-socket on SUSE is (the same a on Debian systems) in /var/symas/run/ldapi and I can see:

ss -lp | grep slapd u_str LISTEN 0      2048 /var/symas/run/ldapi 15214                         * 0 users:(("slapd",pid=1431,fd=9))

but doing a ldapsearch: provider01:~ # ldapmodify -Y EXTERNAL -H ldapi:/// -d 5 ldap_url_parse_ext(ldapi:///) ldap_create ldap_url_parse_ext(ldapi:///??base) ldap_sasl_interactive_bind: user selected: EXTERNAL ldap_int_sasl_bind: EXTERNAL ldap_new_connection 1 1 0 ldap_int_open_connection ldap_connect_to_path ldap_new_socket: 3 ldap_connect_to_path: Trying /run/slapd/ldapi ldap_connect_timeout: fd: 3 tm: -1 async: 0 ldap_ndelay_on: 3 ldap_close_socket: 3 ldap_msgfree ldap_err2string ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1)

You can see, that ldapsearch is looking in /run/slapd/ for the socket. How can I change this?

I tested with setting a link: ln -s /var/symas/run/ldapi /run/slapd/

and ldapseach wit "external" is working. But this was only a test. After rebooting the system the link is gone.

So how can I either change the behavior of the ldap-commands or changing the path where the socket will be stored?

Thank's for any help

Am Wed, 5 Jul 2023 20:37:34 +0200 schrieb Stefan Kania stefan@kania-online.de:

Hi All, I'm still alive,

Hi to all,

I just installed openSUSE 15.5 and the actual symas packages. After installing OpenLDAP I could start slapd but "ldapsearch -Y external -H ldapi:///" is giving me a "can't connect to ldapserver"

I'm on Tumbleweed and use openldap2:

rpm -qi openldap2 Name : openldap2 Version : 2.6.4 Release : 2.1 Architecture: x86_64 Install Date: Do 29 Jun 2023 19:11:20 CEST

with regard to your questions:

ldapwhoami -Y gssapi -H ldapi:/// SASL/GSSAPI authentication started SASL username: dieter@avci.de SASL data security layer installed. [...]

ldapwhoami -Y external -H ldapi:/// SASL/EXTERNAL authentication started SASL username: [...]

-Dieter