1748156 Members
4086 Online
108758 Solutions
New Discussion юеВ

Re: slapd woes

 
F P VanSteertegem
Occasional Advisor

slapd woes

I am attempting to set up my own little LDAP domain for the first time. I downloaded OpenLDAP from HP's InternetExpress and installed it. Then, using the quickstart guid from OpenLDAP.org, I configured and started slapd. When I go to test it, using ldapsearch as specified in the quickstart guide, it tells me "ldap_bind: Can't contact LDAP server (-1)" I get the same resuts when I try ldapadd.

Any help would be appreciated.
9 REPLIES 9
Steven E. Protter
Exalted Contributor

Re: slapd woes

Shalom,

Might help to see the configuration files. Take a look at the /var/adm/syslog/syslog.log files as well.

Most likely cause, inconsistent configuration or typo. Second most likely cause bad code in the release. Since its part of Internet Express, I doubt that.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
F P VanSteertegem
Occasional Advisor

Re: slapd woes

Here's the slapd.conf (comments removed)
------------------------
# cat slapd.conf|egrep -v '^#'
include /opt/iexpress/openldap/etc/openldap/schema/core.schema

pidfile /var/opt/iexpress/openldap/run/slapd.pid
argsfile /var/opt/iexpress/openldap/run/slapd.args

loglevel 68

database bdb
suffix "dc=secdevunix,dc=attachmate,dc=com"
rootdn "cn=Manager,dc=secdevunix,dc=attachmate,dc=com"
rootpw secret
directory /var/opt/iexpress/openldap/openldap-data
index objectClass eq
-----------------------------------------
And here's the log file. nothing gets logged when I get the errors -- almost as if I'm net getting to the right port. But everything's about as default as it can be.
----------------------
May 23 09:29:16 purple slapd[14835]: @(#) $OpenLDAP: slapd 2.3.32 (Mar 24 2007 1
2:41:33) $
May 23 09:29:16 purple slapd[14835]: daemon: IPv6 socket() failed errno=221 (Pro
tocol not supported)
May 23 09:29:16 purple slapd[14835]: line 57 (database^Ibdb)
May 23 09:29:16 purple slapd[14835]: line 58 (suffix^I^I"dc=secdevunix,dc=attach
mate,dc=com")
May 23 09:29:16 purple slapd[14835]: line 59 (rootdn^I^I"cn=Manager,dc=secdevuni
x,dc=attachmate,dc=com")
May 23 09:29:16 purple slapd[14835]: line 63 (rootpw ***)
May 23 09:29:16 purple slapd[14835]: line 67 (directory^I/var/opt/iexpress/openl
dap/openldap-data)
May 23 09:29:16 purple slapd[14835]: line 69 (index^IobjectClass^Ieq)
May 23 09:29:16 purple slapd[14835]: index objectClass 0x0004
May 23 09:29:16 purple slapd[14836]: bdb_db_open: dc=secdevunix,dc=attachmate,dc
=com
May 23 09:29:16 purple slapd[14836]: bdb_db_open: Warning - No DB_CONFIG file fo
und in directory /var/opt/iexpress/openldap/openldap-data: (2)
May 23 09:29:17 purple slapd[14836]: slapd starting
#


Steven E. Protter
Exalted Contributor

Re: slapd woes

Shalom again,

hostname of the server matches the hostname in the configuration file?

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
F P VanSteertegem
Occasional Advisor

Re: slapd woes

And a Pax Vobiscum back atcha:

I'm not quite sure what you mean. The hostname is "purple.attachmate.com" That's where the slapd is running. But the slapd.conf doesn't -- unless I'm wrong -- need the host name. Attachmate.com is our DNS domain. secdevunix is the new LDAP domain I'm trying to create.

For what it's worth: I got the same error when I left out the secdevunix and stuck with attachmate.com.

Thanks.
Ivan Ferreira
Honored Contributor

Re: slapd woes

Can you please post the exact ldapsearch/ldapadd command that you are using?
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
F P VanSteertegem
Occasional Advisor

Re: slapd woes

Here's the command and its results. The command is straight from the quick-start guide.

# ldapsearch -x -b '' -s base '(objectclass=*)' namingContexts
ldap_bind: Can't contact LDAP server (-1)
#
Ivan Ferreira
Honored Contributor

Re: slapd woes

Check with netstat -an that the port 389 is in listening state.

Try the following command:

# ldapsearch -x -s base -b dc=your,dc=root,dc=suffix -H ldap://hostname.domain 'objectclass=*'
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
F P VanSteertegem
Occasional Advisor

Re: slapd woes

389 seems to be listening:

# netstat -an|grep 389
tcp 0 0 *.389 *.* LISTEN


That produced something. Is it a good something? (Keep in mind I'm an LDAP idiot)

ldapsearch -x -s base -b dc=secdevunix,dc=attachmate,dc=com \
-H ldap://purple.attachmate.com 'objectclass=*'

# extended LDIF
#
# LDAPv3
# base with scope baseObject
# filter: objectclass=*
# requesting: ALL
#

# search result
search: 2
result: 32 No such object

# numResponses: 1
#
Heironimus
Honored Contributor

Re: slapd woes

You got a result back, so your connection to the server was successful. You probably get the "no such object" error because you haven't created your suffix "dc=secdevunix,dc=attachmate,dc=com". You should create that structure by importing an LDIF, probably something like this (I think there is an example in the OpenLDAP documentation):

dn: dc=secdevunix,dc=attachmate,dc=com
objectClass: dcObject
dc: secdevunix

Off the top of my head I don't remember if you can add the root object with ldapadd or if you need to shut slapd down and use slapadd.