[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: log errors regarding "can't contact ldap server"
- To: <mike.partyka@stonepath.com>, "OpenLDAP software list" <openldap-software@OpenLDAP.org>
- Subject: RE: log errors regarding "can't contact ldap server"
- From: "Tay, Gary" <Gary_Tay@platts.com>
- Date: Sat, 30 Oct 2004 09:47:36 +0800
- Content-class: urn:content-classes:message
- Thread-index: AcS+IE4abPvprUpOS7mNuegCoXPCEQAAOdnM
- Thread-topic: log errors regarding "can't contact ldap server"
if LDAP used = OpenLDAP
then
post more info here so that someone could tell if it is OpenLDAP issue
remember to indicate OS, OpenLDAP version, ...
always good to include server and client conf files
always good to include baseline test result, eg: "ldapsearch" result
always good to provide max. debug level "-d 255" output
else
post your question to the mailman sw maillist or nss_ldap maillist
or LDAP-InterOp maillist http://lists.fini.net/mailman/listinfo/ldap-interop <http://lists.fini.net/mailman/listinfo/ldap-interop>
endif
Gary
-----Original Message-----
From: owner-openldap-software@OpenLDAP.org on behalf of Mike Partyka
Sent: Sat 10/30/2004 5:36 AM
To: 'OpenLDAP software list'
Cc:
Subject: log errors regarding "can't contact ldap server"
Hello,
We have a working LDAP directory that is a piece of a SuSE mail server
product called Openexchange. It uses it's local ldap directory for
authentiction and is working but i am concerned about frequent and rapid
error's i see in the warn and messages logs. Here is a couple of them:
Oct 29 12:14:46 mailman lmtpd[16574]: nss_ldap: could not get LDAP result -
Can't contact LDAP server
Oct 29 12:14:46 mailman lmtpd[16574]: nss_ldap: could not get LDAP result -
Can't contact LDAP server
Oct 29 12:14:47 mailman lmtpd[17856]: nss_ldap: could not get LDAP result -
Can't contact LDAP serve
There are several hundred of these entries every day. I have read on one or
two sites that this could be caused by the IP address not being listed in
the ldap.conf file. When I look at that file the HOST parameter in this
file has only "localhost" listed. I could add the hostname or the IP
addresss to this parameter but i have also read that a LDAP directory can be
a security risk if available on the net. I am guessing that the HOST
parameter the way it is set right now will only respond to authentication
requests from the localhost. So by listing the IP address in this file i
could eliminate the error but make the server vulnerable to outside attack.
Can someone who is more knowledgable about LDAP tell me if i am on the right
track in resolving these errors? And maybe make a suggestion about how to
stop them?
Thanks,
Mike Partyka
Stonepath Logistics
Systems Administrator
(651)405-4300 Desk
(651)208-5734 Cell
(651)405-4342 Fax