Can't contact LDAP server

Discussion:

Robert Canary

2003-02-13 05:27:33 UTC

I've installed the openldap 2.0, and all I have configured thus far is
the slapd.conf per the docs. I tested the server as follows.

I start ldap with: service ldap start
In the local4 log file I get this:
Feb 12 23:06:34 mchn6 slapd[30465]: daemon: socket() failed errno=97
(Address family not supported by protocol)
Feb 12 23:06:34 mchn6 slapd[30467]: slapd starting

When I run the test command:
ldapsearch -x -b '' -s base '(objectclass=*) namingContexts version:2

I get this echoed back:
ldap_bind: can't contact LDAP server

And I get this i the Local4.log
Feb 12 23:06:50 mchn6 slapd[30472]: fd=9 host access from unknown
(127.0.0.1) denied.

The problem is obviously on slapd start up. But I have no idea what
that errno is suggestioning.

Any ideas
Thanks in advance :-)

--
robert

Ziya Suzen

2003-02-13 09:29:37 UTC

Permalink

Post by Robert Canary
I've installed the openldap 2.0, and all I have configured thus far is
the slapd.conf per the docs. I tested the server as follows.
I start ldap with: service ldap start
Feb 12 23:06:34 mchn6 slapd[30465]: daemon: socket() failed errno=97
(Address family not supported by protocol)
Feb 12 23:06:34 mchn6 slapd[30467]: slapd starting
ldapsearch -x -b '' -s base '(objectclass=*) namingContexts version:2
ldap_bind: can't contact LDAP server
And I get this i the Local4.log
Feb 12 23:06:50 mchn6 slapd[30472]: fd=9 host access from unknown
(127.0.0.1) denied.

Looks like tcpwrapper problem to me. Try adding slapd to your hosts.allow file.

Ziya.

Post by Robert Canary
The problem is obviously on slapd start up. But I have no idea what
that errno is suggestioning.
Any ideas
Thanks in advance :-)
--
robert

Ziya Suzen

2003-02-13 17:44:02 UTC

Permalink

I thought that also. However, the entry ALL:.ohiocounty.net should

but that may not include 127.0.0.1, and (although I am not a
tcpwrappers expert) the order of entries in hosts.allow might be
stopping 'slapd:ALL' to be evaluated.

Anyway, I have one more suggestion, You might want to try Unix sockets instead of tcp. Start your 'slapd' like:

slapd -h'ldapi://a_file_name/'

(Where a_file_name is the unix socket name)

then try:

ldapsearch -H'ldapi://a_file_name/'

This should return something.

Good luck

Ziya.

catch all services with in this domain. However, I did add slapd:ALL
just for definetion, but it still didn't work. slapd dies right off the
startup.

Post by Ziya Suzen

Looks like tcpwrapper problem to me. Try adding slapd to your hosts.allow file.
Ziya.

Post by Robert Canary
The problem is obviously on slapd start up. But I have no idea what
that errno is suggestioning.
Any ideas
Thanks in advance :-)
--
robert

Robert Canary

2003-02-14 01:30:19 UTC

Permalink

Of Course......127.0.0.1 (duh)
Yes TCP wrappers will block this.

Added ALL:127.0.0.1 to the host file. I still get the socket err on
start up but the ldapsearch will now connect. The soket error must be
on the unix socket (UDP).

Post by Ziya Suzen

I thought that also. However, the entry ALL:.ohiocounty.net should

but that may not include 127.0.0.1, and (although I am not a
tcpwrappers expert) the order of entries in hosts.allow might be
stopping 'slapd:ALL' to be evaluated.
slapd -h'ldapi://a_file_name/'
(Where a_file_name is the unix socket name)
ldapsearch -H'ldapi://a_file_name/'
This should return something.
Good luck
Ziya.

catch all services with in this domain. However, I did add slapd:ALL
just for definetion, but it still didn't work. slapd dies right off the
startup.

Post by Ziya Suzen

Looks like tcpwrapper problem to me. Try adding slapd to your hosts.allow file.
Ziya.

Post by Robert Canary
The problem is obviously on slapd start up. But I have no idea what
that errno is suggestioning.
Any ideas
Thanks in advance :-)
--
robert

Robert Canary

2003-02-14 01:29:34 UTC

Permalink

I thought that also. However, the entry ALL:.ohiocounty.net should
catch all services with in this domain. However, I did add slapd:ALL
just for definetion, but it still didn't work. slapd dies right off the
startup.

Post by Ziya Suzen

Looks like tcpwrapper problem to me. Try adding slapd to your hosts.allow file.
Ziya.

Post by Robert Canary
The problem is obviously on slapd start up. But I have no idea what
that errno is suggestioning.
Any ideas
Thanks in advance :-)
--
robert

Robert Canary

2003-02-14 20:19:02 UTC

Permalink

I didn't mean to send that to directly Mike. The list puts in the
senders address as a replt yo header and keep forgetting to change it
before I hit send.

Sorry.

Was OpenLDAP compiled with the --with-ipv6 option? If so, the socket
error is because OpenLDAP is configured to support IPv6, and your kernel
is not. Otherwise, your kernel is missing UNIX domain socket support!
Mike.
Of Course......127.0.0.1 (duh)
Yes TCP wrappers will block this.
Added ALL:127.0.0.1 to the host file. I still get the socket err on
start up but the ldapsearch will now connect. The soket error must be
on the unix socket (UDP).

Post by Ziya Suzen

I thought that also. However, the entry ALL:.ohiocounty.net

should

Post by Ziya Suzen
but that may not include 127.0.0.1, and (although I am not a
tcpwrappers expert) the order of entries in hosts.allow might be
stopping 'slapd:ALL' to be evaluated.
Anyway, I have one more suggestion, You might want to try Unix
slapd -h'ldapi://a_file_name/'
(Where a_file_name is the unix socket name)
ldapsearch -H'ldapi://a_file_name/'
This should return something.
Good luck
Ziya.

catch all services with in this domain. However, I did add

slapd:ALL

Post by Ziya Suzen

just for definetion, but it still didn't work. slapd dies right

off the

Post by Ziya Suzen

startup.

Post by Ziya Suzen

Post by Robert Canary
I've installed the openldap 2.0, and all I have configured thus

far is

Post by Ziya Suzen

Post by Robert Canary
the slapd.conf per the docs. I tested the server as follows.
I start ldap with: service ldap start
Feb 12 23:06:34 mchn6 slapd[30465]: daemon: socket() failed

errno=97

Post by Ziya Suzen

Post by Robert Canary
(Address family not supported by protocol)
Feb 12 23:06:34 mchn6 slapd[30467]: slapd starting
ldapsearch -x -b '' -s base '(objectclass=*) namingContexts

version:2

Post by Ziya Suzen

Post by Robert Canary
ldap_bind: can't contact LDAP server
And I get this i the Local4.log
Feb 12 23:06:50 mchn6 slapd[30472]: fd=9 host access from

unknown

Post by Ziya Suzen

Post by Robert Canary
(127.0.0.1) denied.

Looks like tcpwrapper problem to me. Try adding slapd to your

hosts.allow file.

Post by Ziya Suzen

Post by Ziya Suzen
Ziya.

Post by Robert Canary
The problem is obviously on slapd start up. But I have no idea

what

Post by Ziya Suzen

Post by Robert Canary
that errno is suggestioning.
Any ideas
Thanks in advance :-)
--
robert

Robert Canary

2003-02-14 21:19:30 UTC

Permalink

Then they should put one in there (reply-to header), so it gets replied
to the list and not the personal mailbox. I don't even want my address
appended anywhere in the headers. But it is .........

Post by Robert Canary
I didn't mean to send that to directly Mike. The list puts in the
senders address as a replt yo header

No, it doesn't. Check your own message -- no "Reply-To:" header.

Post by Robert Canary
and keep forgetting to change it before I hit send.

Your mail reader ought to have a 'reply to all' or 'followup'
function as well as a 'reply to sender' function. Use that
instead, or get a better mail reader.
If 'Reply-to:' headers confuse the 'reply to all' function,
that's a bug. 'Reply-to:' just means that the mailer should
use that address instead of the 'From:' address, it doesn't
mean that it should _not_ send to to:/cc: addresses as well.
--
Hallvard