[Date Prev][Date Next] [Chronological] [Thread] [Top]

LDAP Server listener issue



Much appreciated if someone may give us some advice on
this ldap listener problem ! 

(This is an update from yesterday email entitled "slapd listener/bind
error",
we apparently solve the slapd stopped problem - due to running slapd twice
)

We've a ldap client and server machines connected direclty
with hub with openldap 2.0 & Redhat linux 7.x installed.
Both machine can ping & telnet to each other. Our problem is 
that the ldap clinent can't perform and lapdsearch/ldapadd 
towards the Server machine. The error message says "ldap_bind error :
can't connect to server". The following is the trace
results :

We did the trace with both "slapd -d " and ethereal,
we see the "slap -d" command genetates the following 
messages :

>daemon : init : listen on ldap :///
>daemon : init : 1 listeners to open
>ldap_url_parse_ext( ldap :///)
>daemon : socket() failed errno=97 (Address family not supported by
protocol)
>daemon : initialized ldap:///
>daemon_init : 1 listeners opened
>slapd init : initiated server
>slap_sasl_iniot : initialize

For ethereal monitor, when we type :"lapdsearch..." in Client machine,
the Server machine's ethereal shows the following trace :

	Source Address  Destination Adddress    Scr Port   Dest port

>TCP  192.168.1.3		192.168.1.2			1124
389

>ICMP 192.168.1.2		192.168.1.3	 (Type : 3 destination
unreachable, 
	`					  Code : 3 Port Unreachable
) 		


Performing a "netstat -a" yields :

proto		rec-q	send-q	local adr	foreign adr
state
tcp 		0 	0 		*:ldap  	*:*
listen
tcp		0	0		*:telnet	*:*
listen


Our etc/services file does have "ldap 389/tcp" and "ldap 389/udp" defined. 

Is the slapd listening on port 389 ? If so, why the ICMP packets is
generated by the Server in response to a ldap client's "lapsearch" ?


(By the way, we can use the "ldapsearch" or "ldapadd" on the server 
machine to do ldap operations via loopback address 127.0.0.1. AS we turn on 
debug by "slapd -d", we see a lot of trace when we perform such localhost
query.
However, when remote client performs "ldapsearch", no trace is produced by
the server's slapd - this sounds like the slapd is not receiving the query.
) 

Thanks.

regards,

Yet Chang