ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)
Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
tux / # top
23330 ldap 20 0 267m 5084 2128 S 0.0 0.1 0:00.02 slapd
Quote:
Here is my Slapd.conf very vanilla, I have tried with & without a slappasswd and I receive the same error. I am using the OpenLDAP that came with Gentoo portage (I updated on Friday from openldap 2-4.30 to 2.4.35). I have goggled and have came accross some articles that say SASL was not complied in OpenLDAP if that be the case do I need to find the Cryus SASL and install that. I see this error as actually two 1st it cannot authenticate and 2nd it does not see my ldap server.
Code:
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
# Define global ACLs to disable default read access.
# Do not enable referrals until AFTER you have a working directory
# service AND an understanding of referrals.
#referral ldap://root.openldap.org
pidfile /var/run/openldap/slapd.pid
argsfile /var/run/openldap/slapd.args
loglevel 480
# Load dynamic backend modules:
modulepath /usr/lib64/openldap/openldap
# moduleload back_sql.so
# moduleload back_sock.so
# moduleload back_shell.so
# moduleload back_relay.so
# moduleload back_passwd.so
# moduleload back_null.so
# moduleload back_monitor.so
# moduleload back_meta.so
# moduleload back_ldap.so
# moduleload back_dnssrv.so
# Sample security restrictions
# Require integrity protection (prevent hijacking)
# Require 112-bit (3DES or better) encryption for updates
# Require 63-bit encryption for simple bind
# security ssf=1 update_ssf=112 simple_bind=64
#added 10252013 4:29pm
access to attrs=userPassword
by dn="uid=root,ou=People,dc=pacificcabinets,dc=com" write
by dn="cn=Manager,dc=pacificcabinets,dc=com" write
by anonymous auth
by self write
by * none
# Sample access control policy:
# Root DSE: allow anyone to read it
# Subschema (sub)entry DSE: allow anyone to read it
# Other DSEs:
# Allow self write access
# Allow authenticated users read access
# Allow anonymous users to authenticate
# Directives needed to implement policy:
access to dn.base="" by * read
access to *
by dn="cn=Manager,dc=pacificcabinets,dc=com"
by * read
# access to dn.base="cn=Subschema" by * read
# access to *
# by self write
# by users read
# by anonymous auth
# if no access controls are present, the default policy
# allows anyone and everyone to read anything but restricts
# updates to rootdn. (e.g., "access to * by * read")
#
# rootdn can always read and write EVERYTHING!
#######################################################################
# BDB database definitions
#######################################################################
database hdb
suffix "dc=pacificcabinets,dc=com"
# <kbyte> <min>
checkpoint 32 30
rootdn "cn=Manager,dc=pacificcabinets,dc=com"
# Cleartext passwords, especially for the rootdn, should
# be avoid. See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
rootpw shhh secret
# The database directory MUST exist prior to running slapd AND
# should only be accessible by the slapd and slap tools.
# Mode 700 recommended.
directory /var/lib/openldap-data
# Indices to maintain
index objectClass eq
I have goggled and have came accross some articles that say SASL was not complied in OpenLDAP if that be the case do I need to find the Cryus SASL and install that
I'm not familiar with gentoo package system, but you can try to debug the output using
I still get result: 32 No Such object -- Which would be correct I have not created any .ldif database yet so searching for Manager would not work. Hum, Why would the documentation have you to test a search on something that you haven't even created. Is there any more accurate documentation for OpenLDAP besides the ADMIN guide and Gentoo Wiki which seems to not be current/correct. This is very frustrating to a new person who is trying to grasp & understand Linux.
I still get result: 32 No Such object -- Which would be correct I have not created any .ldif database yet so searching for Manager would not work. Hum, Why would the documentation have you to test a search on something that you haven't even created. Is there any more accurate documentation for OpenLDAP besides the ADMIN guide and Gentoo Wiki which seems to not be current/correct. This is very frustrating to a new person who is trying to grasp & understand Linux.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.