[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldap_bind: can't access LDAP server

To: "Barley" <barley@pacific.net>
Subject: Re: ldap_bind: can't access LDAP server
From: Jan-Michael Ong <jmong@adobe.com>
Date: Mon, 12 Nov 2001 14:34:45 -0800
Cc: openldap-software@OpenLDAP.org
In-reply-to: <MBBBIGCDEGFPNMKLGBOMGEJPDKAA.barley@pacific.net>

hmmm... try the following

* check permissions on your database make sure that slapd has same user/group access as the db * try /usr/local/bin/ldapsearch -h "localhost" -p "389" -D <root> -W -v -d 256 -b "<search_base>" <search_string>

that might help. there's no logging but here were steps i took to get the logging to work in solaris 2.7 sparc

good luck

jm


You must be root to do this:

1. Make copies of the lookup files (just in case you need them). Namely:
* /usr/local/etc/openldap/slapd.conf
* /etc/init.d/slapd
* /usr/sbin/syslogd
* /etc/syslog.conf

2. Move over the files we've copied from pinnacle to their respective places EXCEPT /usr/local/etc/openldap/slapd.conf. This is only for reference

3. Edit /etc/syslog.conf and add the following:

local4.emerg    /var/log/sldap.log
local4.alert    /var/log/sldap.log
local4.crit     /var/log/sldap.log
local4.err      /var/log/sldap.log
local4.warning  /var/log/sldap.log
local4.notice   /var/log/sldap.log
local4.info     /var/log/sldap.log
local4.debug    /var/log/sldap.log

Remember that the syslog.conf file takes the facility name <TAB> /path/to/log (one or more tabs)

4. cd to /var/log and touch sldap.log file. This should create the sldap.log file

6. Edit the /etc/init.d/slapd startup script file (again be wary of spaces and extra tabs) #! /bin/sh # start/stop the slapd daemon

case "$1" in

'start') # Start the slapd daemon if [ -f /usr/local/libexec/slapd ] ; then echo "starting slapd" /usr/local/libexec/slapd -p 389 -f /usr/local/etc/openldap/slapd.conf -s 256 -l local4 fi ;;

'stop')
        # Stop the slapd daemon
        echo "stopping slapd"
        kill -TERM `cat /usr/local/var/slapd.pid`
        ;;
esac

8. Double check the /usr/local/etc/openldap/slapd.conf file and it should match the first 18 lines (more or less): 1 # 2 # See slapd.conf(5) for details on configuration options. 3 # This file should NOT be world readable. 4 # .... 10 schemacheck on 11 sizelimit 500 12 #referral ldap://ldap.itd.umich.edu 13 14 pidfile /usr/local/var/slapd.pid 15 argsfile /usr/local/var/slapd.args 16 17 loglevel 256


9. Run the syslogd daemon if it isn't already by doing
cd /usr/sbin ; ./syslogd

10. Restart the syslogd daemon to have it re-read its configuration file
kill -1 `/bin/cat /etc/syslog.pid`

This might complain that the syslog.pid does not exist if so repeat step 9 and 10 again for about a couple times. If after a couple of times it still complains check to make sure that /bin/ps -ef | grep sl still reports something similar to the following:

# /bin/ps -ef | grep sl root 15940 1 0 08:10:43 ? 0:14 /usr/local/libexec/slapd -p 389 -f /usr/local/etc/openldap/slapd.conf -s 256 -l root 15791 1 0 07:41:57 ? 0:00 ./syslogd

10a. "Touch" a new file in /var/log
cd /var/log
touch slapd.log

11. restart the slapd daemon
/etc/init.d/slapd start

Assuming you got everything to work you should be able to view the log file via tail -f /var/log/sldap.log and get results similar to the following: May 24 09:17:46 lookup1.adobe.com slapd[15940]: conn=22 op=19 RESULT err=0 tag=101 nentries=1 May 24 09:18:12 lookup1.adobe.com slapd[15940]: conn=69 fd=23 connection from user-2injvqj.dsl.mindspring.com (165.121.255.83) accepted. May 24 09:18:12 lookup1.adobe.com slapd[15940]: conn=69 op=0 BIND dn="" method=128 May 24 09:18:12 lookup1.adobe.com slapd[15940]: unknown version 3 May 24 09:18:12 lookup1.adobe.com slapd[15940]: conn=69 op=0 RESULT err=2 tag=97 nentries=0

At 02:27 PM 11/12/2001 -0800, you wrote:

Just installed OpenLdap ver 1.2 on a RedHat 6.2 box via
rpms. I installed openldap, openldap-devel,
openldap-servers, and openldap-clients. I followed the Quick
Start guide in configuring slapd.conf. Then I tried to
connect to the server to verify it is running with
ldapsearch. No matter what search string I pass, it returns
ldap_bind: can't access LDAP server

ps aux shows a slapd process running. What sort of
problem/solution am I looking for? Can anyone point me to a
log file or something that might give me a clue. Sorry to
post such a basic question, but I'm very inexperienced at
this. Thanks!

Gregg

References:
- ldap_bind: can't access LDAP server
  - From: "Barley" <barley@pacific.net>

Prev by Date: ldap_bind: can't access LDAP server
Next by Date: Bind/Ldappasswd
Index(es):
- Chronological
- Thread