[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: problems connect to ldap server from another machine

To: OpenLDAP-software@OpenLDAP.org
Subject: Re: problems connect to ldap server from another machine
From: Dwight Tovey <dwight@dtovey.net>
Date: 04 Mar 2003 15:50:46 -0700
In-reply-to: <se64b490.092@mtc.ca.gov>
Organization:
References: <se64b490.092@mtc.ca.gov>

On Tue, 2003-03-04 at 15:13, Joel Thompson wrote:
...
> I was able to do a ldap search from the same RH box on the command
> line:
> ldapsearch -x -b 'dc=example,dc=com' '(objectclass=*)' -h 10.1.1.77 -p
> 389
> and I can telnet 10.1.1.77 389 while on the RH box, and get connected.
>  
> But when I attempt to connect to it another machine it just hangs. I
> even
> tried telneting from another machine:
> C:\>telnet 10.1.1.77 389
> Connecting To 10.1.1.77...Could not open a connection to host on port
> 389 : Conn
> ect failed
> 

It sounds like you probably have an IP filter that is blocking port 389
on the RH machine.  Depending on if you have iptables or ipchains, run
'iptables -L' (or 'ipchains -L') and look for "ldap" (or port 389) in
the output.  If it's there, then you need to remove that filter.  Look
at the iptables or ipchains docs for the proper command for that.  As a
quick test, you could of course remove all filters (run 
'service iptables stop'), but that would leave you completely exposed. 
Use at your own risk.

	/dwight
-- 
Dwight N. Tovey
Email: dwight@dtovey.net
http://www.dtovey.net/dwight
---
Wrinkled Was Not One of the Things I Wanted to Be When I Grew Up

Follow-Ups:
- Re: problems connect to ldap server from another machine
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

References:
- problems connect to ldap server from another machine
  - From: "Joel Thompson" <jthompson@mtc.ca.gov>

Prev by Date: Re: [LDAP-SOFTWARE] ACLand regex (matching self)
Next by Date: RE: problems connect to ldap server from another machine
Index(es):
- Chronological
- Thread