[Date Prev][Date Next] [Chronological] [Thread] [Top]

Antw: OpenLDAP slapd problems - ldap_result: Can't contact LDAP server (-1) --- Low Sensitivity/Aerospace Internal Use Only



>>> Warron S French <Warron.S.French@aero.org> schrieb am 24.01.2014 um 17:28 in
Nachricht
<OFE6BBFCB7.3C423E61-ON85257C6A.005A0B4C-85257C6A.005A6E20@notes.aero.org>:
> Low Sensitivity/Aerospace Internal Use Only
> 
> Working on a CentOS-6.5 server, running LTB Project's  slapd-2.4.38. 
> 
> Someone suggested I implement a cn=admin,cn=config for a cn=config setup. 
> (I don't know how to technically word that). 
> 
> 
> Anyway, I need to make TLS-related changes and was told to do the 
> following command: 
> 
> ldapmodify  -x -D "cn=admin,cn=config"   -W  -d 256

Try "ldapmodify -ZZ -x -W -D cn=_your_admin_-v -f _your_ldif_file"

> 
> ...then at the blank line type the following, each on a single line: 
> 
> Dn:                                     cn=config 
> Changetype:                     modify 
> Add:                                    olcTLSCipherSuite 
> OlcTLSCipherSuite:        HIGH:MEDIUM+TLSv1+SSLv3 
> <CTRL-D> 
> 
> 
> I have been getting an error reponse of: 
> ldap_result:  Can't contact LDAP server (-1) 
> 
> This __ONLY__ occurs after I hit <CTRL-D>, not before.  Yes, the daemon, 
> slapd, is actually running, but after this failure it abruptly stops.  I 
> know this because in a separate terminal on the same system, I am running 
> a while-loop with a ps -e | grep slapd in it. 
> 
> 
> Please note the "-x" option according to the man page for ldapmodify is 
> supposed to Use simple authentication instead of SASL. 
> 
> 
> Thank you all for your help, hopefully you can: 
> 
> 1) tell me what this error means, and 
> 2) how to fix my problem so that I can complete the olcTLSxxxx changes I 
> need to implement. 
> 
> 
> 
> 
> 
> Warron French, MBA, SCSA
> The Aerospace Corporation
> Sr. UNIX SA & Storage Admin
> Mailstop:  CH1-230
> Desk: 571-307-5311
> Cell: 703-967-8936
> 
> 
> Low Sensitivity/Aerospace Internal Use Only