[389-users] Unable to get ldapsearch working with 389 on Fedora 19
Predrag Zecevic
predrag.zecevic at 2e-systems.com
Fri Oct 4 06:56:42 UTC 2013
Hi,
your /etc/openldap/ldap.conf is not set properly. Should be looking like
this:
---8<---
URI ldap://ldap-srv.your-domain.com/
BASE dc=your-domain,dc=com
...
---8<---
Localhost will now work in network environment, because it always point
to loclahost. That is why you get "Can't contact LDAP server" - your
client tries to get to localhost (or something else, depending on
/etc/openldap/ldap.conf set up. Woul dbe nice to have it).
You might need to use real names (or even fqdn ones if suitable)...
Regards.
Am 03.10.2013 22:03, schrieb Stephen Watt:
> Hi Folks
>
> I have 389 installed on F19 on a server with the hostname ldap-srv but I am unable to successfully query it using ldapsearch from another F19 server with the hostname ldap-client. I am an LDAP noob so its possible that this scenario isn't even meant to work. Essentially, I've set up a 389 server and I'm trying to use ldapsearch as a quick sniff test to make sure its working properly before I embark on figuring out how to configure some other F19 servers to use the 389 LDAP service for Authentication.
>
> I think ldap-srv is running correctly using the default configuration as I'm able to bring up the 389-console and create a few users and groups. I am also able to successfully run the following local ldapsearch query on ldap-srv:
>
> ldapsearch -x -s base -b "" "objectclass=*" which prints out a long list of results but ends in:
>
> vendorName: 389 Project
> vendorVersion: 389-Directory/1.3.1.7 B2013.240.2228
> dataversion: 020130920220244
> netscapemdsuffix: cn=ldap://dc=localhost,dc=localdomain:389
>
> # search result
> search: 2
> result: 0 Success
>
> # numResponses: 2
> # numEntries: 1
>
> However, when I try and run a similar query from my ldap-client server, I get the following:
>
> [root at ldap-client ~]# ldapsearch -x -h ldap-srv -s base -b "" "objectclass=*"
> ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)
>
> iptables are off on both machines.
>
> Regards
> Steve Watt
> --
> 389 users mailing list
> 389-users at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/389-users
>
--
Predrag Zecevic, Technical Support Analyst, 2e Systems GmbH
Telephone: +49 6196 9505 815, Facsimile: +49 6196 9505 894
Mobile: +49 174 3109 288, Skype: predrag.zecevic
E-mail: predrag.zecevic at 2e-systems.com
Headquarter: 2e Systems GmbH, Königsteiner Str. 87,
65812 Bad Soden am Taunus, Germany
Company registration: Amtsgericht Königstein (Germany), HRB 7303
Managing director: Phil Douglas
http://www.2e-systems.com/ - Making your business fly!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 261 bytes
Desc: OpenPGP digital signature
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20131004/f80a8f6b/attachment.sig>
More information about the 389-users
mailing list