Yeaaaahh, we have a problem ...
There are actually two possibilities that I see now: (i) implementation
of getaddrinfo() in your distro is buggy, or (ii) OL does not use
getaddrinfo() properly.
I personally would do following now to identify the problem:
Assuming that you are trying OL from a linux distro, I would get instead
sources from latest stable OL release and compile it myself. If problem
will be gone, I would send a polite email to that distro team. If
problem persists, I would look in www.openldap.org "Issue Tracking
System" or ITS if there is a known issue regarding getaddrinfo(). I have
found following there:
From: Kurt Zeilenga <openldap-its@OpenLDAP.org>
To: mehall@us.ibm.com
Subject: Re: OpenLDAP 2.2.13, 2.2.15 communication failure (ITS#3279)
Date: Fri Aug 27 20:43:31 2004
Based on various followups, I suggest setting
ac_cv_func_getaddrinfo to no before running ./configure.
That is,
env ac_cv_func_getaddrinfo=no ./configure ...
(seems AIX's getaddrinfo(3) doesn't conform to the latest IETF API
specifications, something you might want to report to AIX developers at IBM.)
Regards, Kurt
I assume you are not struggling with AIX, but it would be still interesting to tell configure,
that it does not have getaddrinfo() at all. I hope in this case you will get ldap
your ldap things running.
I would also try to write a little test program calling getaddrinfo()
the way how OL does it, and report result to the list, and see what
happens.
Good luck, vadim tarassov.
On Wed, 2005-08-10 at 09:18 +0100, Arif Ali wrote:
This is what I get, not sure what this is suppose to mean, or what is wrong
ldap_create
ldap_url_parse_ext(ldap://localhost/)
ldap_bind_s
ldap_simple_bind_s
ldap_sasl_bind_s
ldap_sasl_bind
ldap_send_initial_request
ldap_new_connection
ldap_int_open_connection
ldap_connect_to_host: TCP localhost:389
ldap_connect_to_host: getaddrinfo failed: invalid flags
ldap_perror
ldap_bind: Can't contact LDAP server (-1)
vadim wrote:
Can you try ldapsearch with -d -1?
On Tue, 2005-08-09 at 17:08 +0100, Arif Ali wrote:
I get nothing at all, when I issue the command
vadim wrote:
What is about "-d -1"? There is actually no point of sending log to me.
If slapd will write something meaningful you will notice it yourself.
Otherwise it must be something related to your particular linux box,
where I hardly can help you, because I don't have enough know-how in
this area. Sorry for this.
On Tue, 2005-08-09 at 16:50 +0100, Arif Ali wrote:
How detailed do you want them, I can restart it with "-d 255" and send
the whole log to you if you want to see where the problem is, but I
don't seem to see anything in the logs for this
vadim wrote:
Does slapd produces any log?
On Tue, 2005-08-09 at 16:40 +0100, Arif Ali wrote:
when I put in 0.0.0.0 into the ldap file in /etc/init.d, I get following
# netstat -ant | grep 389
tcp 0 0 0.0.0.0:389 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:52534 127.0.0.1:389 TIME_WAIT
tcp 1 0 127.0.0.1:52334 127.0.0.1:389 CLOSE_WAIT
and still get the same error message i.e.
ldap_bind: Can't contact LDAP server (-1)
when I leave the ldap file as is then I get
# netstat -ant | grep 389
tcp 0 0 0.0.0.0:389 0.0.0.0:* LISTEN
tcp 1 0 127.0.0.1:52334 127.0.0.1:389 CLOSE_WAIT
tcp 0 0 :::389 :::* LISTEN
any more ideas would be appreciated,
thanks
Arif
vadim wrote:
It looks like your slapd is not listening on 127.0.0.1! Somewhere
in /etc/init.d should be script executing slapd. What is value of the -h
command line option? Make sure that it is "0.0.0.0:389". In such case
slapd will listen on all ip addresses. Or I am totally wrong?
On Tue, 2005-08-09 at 16:15 +0100, Arif Ali wrote:
eeek sorry about that;
the error message is
ldap_bind: Can't contact LDAP server (-1)
I have tried the following; from the local machine with no success
ldapsearch -H ldap://localhost/ -w secret -x -b
ou=Users,ou=OxObjects,dc=ocf,dc=co,dc=uk -D dc=ocf,dc=co,dc=uk uid=*
uidNumber
ldapsearch -H ldap://127.0.0.1/ -w secret -x -b
ou=Users,ou=OxObjects,dc=ocf,dc=co,dc=uk -D dc=ocf,dc=co,dc=uk uid=*
uidNumber
ldapsearch -H ldap://mailserver-linux/ -w secret -x -b
ou=Users,ou=OxObjects,dc=ocf,dc=co,dc=uk -D dc=ocf,dc=co,dc=uk uid=*
uidNumber
ldapsearch -H ldap://195.62.2.26/ -w secret -x -b
ou=Users,ou=OxObjects,dc=ocf,dc=co,dc=uk -D dc=ocf,dc=co,dc=uk uid=*
uidNumber
if I do the following
ldapsearch -H localhost -w secret -x -b
ou=Users,ou=OxObjects,dc=ocf,dc=co,dc=uk -D dc=ocf,dc=co,dc=uk uid=*
uidNumber
I get
Could not create LDAP session handle (3): Time limit exceeded
thanks again
Arif
vadim wrote:
and what message do you get from ldapsearch when trying localhost?
On Tue, 2005-08-09 at 14:12 +0100, Arif Ali wrote:
Hi all,
I have been trying to install ldap on one of our servers to do various
things, but with any install I am never able to to get a ldapsearch
workin on localhost, but when I do a ldapsearch from a machione on the
network pointing to the ip address of the server, I get a result.
iptables is turned off, nothing in hosts.deny or hosts.allow, would
there be anything else on FC3 which will not allow localhost ldap
searches. I am able to view/edit the ldap tree structure using luma from
localhost.
any help would be appreciated,
thanks
--
Arif Ali
Software Engineer
OCF plc
Mob: +44 (0)7970 148122
Office: +44 (0)114 2572200
Fax: +44 (0)114 2570022
Web: http://www.ocf.co.uk
This email including any attachments to it is confidential and intended solely for the use of the individual to whom it is addressed. Its contents may be protected by copyright. If you are not the intended recipient, please be advised that you have received this email in error and that you should delete it from your system and not copy its contents or disclose them to any other person. If you have received this email in error please notify OCF plc by telephone on 0845 702 3829
We do not accept responsibility for viruses; you must scan for these.