[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: ldap_bind: can't access LDAP server
hmmm... try the following
* check permissions on your database make sure that slapd has same
user/group access as the db
* try
/usr/local/bin/ldapsearch -h "localhost" -p "389" -D <root> -W -v -d 256 -b
"<search_base>" <search_string>
that might help. there's no logging but here were steps i took to get the
logging to work in solaris 2.7 sparc
good luck
jm
You must be root to do this:
1. Make copies of the lookup files (just in case you need them). Namely:
* /usr/local/etc/openldap/slapd.conf
* /etc/init.d/slapd
* /usr/sbin/syslogd
* /etc/syslog.conf
2. Move over the files we've copied from pinnacle to their respective
places EXCEPT /usr/local/etc/openldap/slapd.conf. This is only for reference
3. Edit /etc/syslog.conf and add the following:
local4.emerg /var/log/sldap.log
local4.alert /var/log/sldap.log
local4.crit /var/log/sldap.log
local4.err /var/log/sldap.log
local4.warning /var/log/sldap.log
local4.notice /var/log/sldap.log
local4.info /var/log/sldap.log
local4.debug /var/log/sldap.log
Remember that the syslog.conf file takes the facility name <TAB>
/path/to/log (one or more tabs)
4. cd to /var/log and touch sldap.log file. This should create the
sldap.log file
6. Edit the /etc/init.d/slapd startup script file (again be wary of spaces
and extra tabs)
#! /bin/sh
# start/stop the slapd daemon
case "$1" in
'start')
# Start the slapd daemon
if [ -f /usr/local/libexec/slapd ] ; then
echo "starting slapd"
/usr/local/libexec/slapd -p 389 -f
/usr/local/etc/openldap/slapd.conf -s 256 -l local4
fi
;;
'stop')
# Stop the slapd daemon
echo "stopping slapd"
kill -TERM `cat /usr/local/var/slapd.pid`
;;
esac
8. Double check the /usr/local/etc/openldap/slapd.conf file and it should
match the first 18 lines (more or less):
1 #
2 # See slapd.conf(5) for details on configuration options.
3 # This file should NOT be world readable.
4 #
....
10 schemacheck on
11 sizelimit 500
12 #referral ldap://ldap.itd.umich.edu
13
14 pidfile /usr/local/var/slapd.pid
15 argsfile /usr/local/var/slapd.args
16
17 loglevel 256
9. Run the syslogd daemon if it isn't already by doing
cd /usr/sbin ; ./syslogd
10. Restart the syslogd daemon to have it re-read its configuration file
kill -1 `/bin/cat /etc/syslog.pid`
This might complain that the syslog.pid does not exist if so repeat step 9
and 10 again for about a couple times. If after a couple of times it still
complains check to make sure that /bin/ps -ef | grep sl still reports
something similar to the following:
# /bin/ps -ef | grep sl
root 15940 1 0 08:10:43 ? 0:14 /usr/local/libexec/slapd -p
389 -f /usr/local/etc/openldap/slapd.conf -s 256 -l
root 15791 1 0 07:41:57 ? 0:00 ./syslogd
10a. "Touch" a new file in /var/log
cd /var/log
touch slapd.log
11. restart the slapd daemon
/etc/init.d/slapd start
Assuming you got everything to work you should be able to view the log file
via tail -f /var/log/sldap.log
and get results similar to the following:
May 24 09:17:46 lookup1.adobe.com slapd[15940]: conn=22 op=19 RESULT err=0
tag=101 nentries=1
May 24 09:18:12 lookup1.adobe.com slapd[15940]: conn=69 fd=23 connection
from user-2injvqj.dsl.mindspring.com (165.121.255.83) accepted.
May 24 09:18:12 lookup1.adobe.com slapd[15940]: conn=69 op=0 BIND dn=""
method=128
May 24 09:18:12 lookup1.adobe.com slapd[15940]: unknown version 3
May 24 09:18:12 lookup1.adobe.com slapd[15940]: conn=69 op=0 RESULT err=2
tag=97 nentries=0
At 02:27 PM 11/12/2001 -0800, you wrote:
Just installed OpenLdap ver 1.2 on a RedHat 6.2 box via
rpms. I installed openldap, openldap-devel,
openldap-servers, and openldap-clients. I followed the Quick
Start guide in configuring slapd.conf. Then I tried to
connect to the server to verify it is running with
ldapsearch. No matter what search string I pass, it returns
ldap_bind: can't access LDAP server
ps aux shows a slapd process running. What sort of
problem/solution am I looking for? Can anyone point me to a
log file or something that might give me a clue. Sorry to
post such a basic question, but I'm very inexperienced at
this. Thanks!
Gregg