[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Can't contact Ldap server

I just added a line in the slapd.conf file to hope that it enable TLS service:
but it still getting the same error.


The Shell wrote:


I finally successfuly made the SASL workign with GSSAPI.
The following command verified that GSSAPI is supported in Openldap:
root@fbsd [2:02am] [/etc]# /usr/local/bin/ldapsearch -x -LLL -s "base" -b "" supportedSASLMechanisms
supportedSASLMechanisms: GSSAPI
supportedSASLMechanisms: OTP
supportedSASLMechanisms: DIGEST-MD5
supportedSASLMechanisms: CRAM-MD5

Then I tried to test the ldapsearch command:
root@fbsd [2:02am] [/etc]# /usr/local/bin/ldapsearch -Y GSSAPI -Z '(uid=root)' ldap_start_tls: Connect error (-11)
SASL/GSSAPI authentication started
ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1)
root@fbsd [2:02am] [/etc]#

It seems that the Ldap server is not running, but I looked the scanned result, the Sldap and Kerberos are running:
88/tcp open kerberos-sec 389/tcp open ldap 636/tcp open ldapssl 749/tcp open kerberos-adm the log file shown the following message which I don't really understand:
# tail -f /var/log/debug.log
Jun 4 02:08:23 fbsd slapd[36921]: conn=7 fd=14 ACCEPT from IP=::1 49160 (IP=:: 389)
Jun 4 02:08:23 fbsd slapd[36921]: conn=7 fd=14 closed

What might be wrong with this test?