[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: localhost ldapsearch[Scanned]
Yeaaaahh, we have a problem ...
There are actually two possibilities that I see now: (i) implementation
of getaddrinfo() in your distro is buggy, or (ii) OL does not use
getaddrinfo() properly.
I personally would do following now to identify the problem:
Assuming that you are trying OL from a linux distro, I would get instead
sources from latest stable OL release and compile it myself. If problem
will be gone, I would send a polite email to that distro team. If
problem persists, I would look in www.openldap.org "Issue Tracking
System" or ITS if there is a known issue regarding getaddrinfo(). I have
found following there:
From: Kurt Zeilenga <openldap-its@OpenLDAP.org>
To: mehall@us.ibm.com
Subject: Re: OpenLDAP 2.2.13, 2.2.15 communication failure (ITS#3279)
Date: Fri Aug 27 20:43:31 2004
Based on various followups, I suggest setting
ac_cv_func_getaddrinfo to no before running ./configure.
That is,
env ac_cv_func_getaddrinfo=no ./configure ...
(seems AIX's getaddrinfo(3) doesn't conform to the latest IETF API
specifications, something you might want to report to AIX developers at IBM.)
Regards, Kurt
I assume you are not struggling with AIX, but it would be still interesting to tell configure,
that it does not have getaddrinfo() at all. I hope in this case you will get ldap
your ldap things running.
I would also try to write a little test program calling getaddrinfo()
the way how OL does it, and report result to the list, and see what
happens.
Good luck, vadim tarassov.
On Wed, 2005-08-10 at 09:18 +0100, Arif Ali wrote:
> This is what I get, not sure what this is suppose to mean, or what is wrong
>
> ldap_create
> ldap_url_parse_ext(ldap://localhost/)
> ldap_bind_s
> ldap_simple_bind_s
> ldap_sasl_bind_s
> ldap_sasl_bind
> ldap_send_initial_request
> ldap_new_connection
> ldap_int_open_connection
> ldap_connect_to_host: TCP localhost:389
> ldap_connect_to_host: getaddrinfo failed: invalid flags
> ldap_perror
> ldap_bind: Can't contact LDAP server (-1)
>
> vadim wrote:
>
> >Can you try ldapsearch with -d -1?
> >
> >On Tue, 2005-08-09 at 17:08 +0100, Arif Ali wrote:
> >
> >
> >>I get nothing at all, when I issue the command
> >>
> >>vadim wrote:
> >>
> >>
> >>
> >>>What is about "-d -1"? There is actually no point of sending log to me.
> >>>If slapd will write something meaningful you will notice it yourself.
> >>>Otherwise it must be something related to your particular linux box,
> >>>where I hardly can help you, because I don't have enough know-how in
> >>>this area. Sorry for this.
> >>>
> >>>On Tue, 2005-08-09 at 16:50 +0100, Arif Ali wrote:
> >>>
> >>>
> >>>
> >>>
> >>>>How detailed do you want them, I can restart it with "-d 255" and send
> >>>>the whole log to you if you want to see where the problem is, but I
> >>>>don't seem to see anything in the logs for this
> >>>>
> >>>>vadim wrote:
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>>Does slapd produces any log?
> >>>>>
> >>>>>On Tue, 2005-08-09 at 16:40 +0100, Arif Ali wrote:
> >>>>>
> >>>>>
> >>>>>
> >>>>>
> >>>>>
> >>>>>
> >>>>>>when I put in 0.0.0.0 into the ldap file in /etc/init.d, I get following
> >>>>>>
> >>>>>># netstat -ant | grep 389
> >>>>>>
> >>>>>>tcp 0 0 0.0.0.0:389 0.0.0.0:* LISTEN
> >>>>>>
> >>>>>>tcp 0 0 127.0.0.1:52534 127.0.0.1:389 TIME_WAIT
> >>>>>>
> >>>>>>tcp 1 0 127.0.0.1:52334 127.0.0.1:389 CLOSE_WAIT
> >>>>>>
> >>>>>>
> >>>>>>and still get the same error message i.e.
> >>>>>>
> >>>>>>ldap_bind: Can't contact LDAP server (-1)
> >>>>>>
> >>>>>>
> >>>>>>when I leave the ldap file as is then I get
> >>>>>>
> >>>>>># netstat -ant | grep 389
> >>>>>>
> >>>>>>tcp 0 0 0.0.0.0:389 0.0.0.0:* LISTEN
> >>>>>>
> >>>>>>tcp 1 0 127.0.0.1:52334 127.0.0.1:389 CLOSE_WAIT
> >>>>>>
> >>>>>>tcp 0 0 :::389 :::* LISTEN
> >>>>>>
> >>>>>>any more ideas would be appreciated,
> >>>>>>
> >>>>>>thanks
> >>>>>>Arif
> >>>>>>
> >>>>>>vadim wrote:
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>>>It looks like your slapd is not listening on 127.0.0.1! Somewhere
> >>>>>>>in /etc/init.d should be script executing slapd. What is value of the -h
> >>>>>>>command line option? Make sure that it is "0.0.0.0:389". In such case
> >>>>>>>slapd will listen on all ip addresses. Or I am totally wrong?
> >>>>>>>
> >>>>>>>On Tue, 2005-08-09 at 16:15 +0100, Arif Ali wrote:
> >>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>>>>eeek sorry about that;
> >>>>>>>>
> >>>>>>>>the error message is
> >>>>>>>>
> >>>>>>>>ldap_bind: Can't contact LDAP server (-1)
> >>>>>>>>
> >>>>>>>>I have tried the following; from the local machine with no success
> >>>>>>>>
> >>>>>>>>ldapsearch -H ldap://localhost/ -w secret -x -b
> >>>>>>>>ou=Users,ou=OxObjects,dc=ocf,dc=co,dc=uk -D dc=ocf,dc=co,dc=uk uid=*
> >>>>>>>>uidNumber
> >>>>>>>>ldapsearch -H ldap://127.0.0.1/ -w secret -x -b
> >>>>>>>>ou=Users,ou=OxObjects,dc=ocf,dc=co,dc=uk -D dc=ocf,dc=co,dc=uk uid=*
> >>>>>>>>uidNumber
> >>>>>>>>ldapsearch -H ldap://mailserver-linux/ -w secret -x -b
> >>>>>>>>ou=Users,ou=OxObjects,dc=ocf,dc=co,dc=uk -D dc=ocf,dc=co,dc=uk uid=*
> >>>>>>>>uidNumber
> >>>>>>>>ldapsearch -H ldap://195.62.2.26/ -w secret -x -b
> >>>>>>>>ou=Users,ou=OxObjects,dc=ocf,dc=co,dc=uk -D dc=ocf,dc=co,dc=uk uid=*
> >>>>>>>>uidNumber
> >>>>>>>>
> >>>>>>>>if I do the following
> >>>>>>>>
> >>>>>>>>ldapsearch -H localhost -w secret -x -b
> >>>>>>>>ou=Users,ou=OxObjects,dc=ocf,dc=co,dc=uk -D dc=ocf,dc=co,dc=uk uid=*
> >>>>>>>>uidNumber
> >>>>>>>>
> >>>>>>>>I get
> >>>>>>>>
> >>>>>>>>Could not create LDAP session handle (3): Time limit exceeded
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>thanks again
> >>>>>>>>Arif
> >>>>>>>>
> >>>>>>>>vadim wrote:
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>>and what message do you get from ldapsearch when trying localhost?
> >>>>>>>>>
> >>>>>>>>>On Tue, 2005-08-09 at 14:12 +0100, Arif Ali wrote:
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>>>Hi all,
> >>>>>>>>>>
> >>>>>>>>>>I have been trying to install ldap on one of our servers to do various
> >>>>>>>>>>things, but with any install I am never able to to get a ldapsearch
> >>>>>>>>>>workin on localhost, but when I do a ldapsearch from a machione on the
> >>>>>>>>>>network pointing to the ip address of the server, I get a result.
> >>>>>>>>>>iptables is turned off, nothing in hosts.deny or hosts.allow, would
> >>>>>>>>>>there be anything else on FC3 which will not allow localhost ldap
> >>>>>>>>>>searches. I am able to view/edit the ldap tree structure using luma from
> >>>>>>>>>>localhost.
> >>>>>>>>>>
> >>>>>>>>>>any help would be appreciated,
> >>>>>>>>>>
> >>>>>>>>>>thanks
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>--
> >>>>Arif Ali
> >>>>Software Engineer
> >>>>OCF plc
> >>>>Mob: +44 (0)7970 148122
> >>>>Office: +44 (0)114 2572200
> >>>>Fax: +44 (0)114 2570022
> >>>>Web: http://www.ocf.co.uk
> >>>>
> >>>>This email including any attachments to it is confidential and intended solely for the use of the individual to whom it is addressed. Its contents may be protected by copyright. If you are not the intended recipient, please be advised that you have received this email in error and that you should delete it from your system and not copy its contents or disclose them to any other person. If you have received this email in error please notify OCF plc by telephone on 0845 702 3829
> >>>>
> >>>>We do not accept responsibility for viruses; you must scan for these.
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>
> >>
> >>
>
>
--
vadim <vadim.tarassov@swissonline.ch>