Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
hello
I was configure ldap with samba on SuSE Enterprise 9 as a pdc and all client login not problem , today when restarted ldap service is running but not open port "389" with " " nmap " I don't know what's the problem , log files appear that "can't contact LDAP server "
It seems a bit odd. Can you try stopping the server and starting in debug mode:
killall slapd
/usr/lib/openldap/slapd -h ldap:/// -u ldap -g ldap -d 10
This will stay open on the terminal (you can stop it with Ctrl+C). See if you can connect after that. While it is running you can try looking at the netstat output again to see if the server is listening:
netstat -nlp | grep 389
If it doesn't work - can you post the output from the debug command and a copy of your slapd.conf file.
this is the output of this command
/usr/lib/openldap/slapd -h ldap:/// -u ldap -g ldap -d 10
@(#) $OpenLDAP: slapd 2.2.6 (Jun 30 2004 21:39:35) $
abuild@boltzmann:/usr/src/packages/BUILD/openldap-2.2.6/servers/slapd
bdb_initialize: Sleepycat Software: Berkeley DB 4.2.52: (June 30, 2004)
bdb_db_init: Initializing BDB database.
###############################################################################33
slapd.conf
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
include /etc/openldap/schema/samba3.schema
include /etc/openldap/schema/dnszone.schema
include /etc/openldap/schema/yast.schema
#include /etc/openldap/schema/rfc2307bis.schema
# Define global ACLs to disable default read access.
# Do not enable referrals until AFTER you have a working directory
# service AND an understanding of referrals.
#referral ldap://root.openldap.org
# Sample access control policy:
# Root DSE: allow anyone to read it
# Subschema (sub)entry DSE: allow anyone to read it
# Other DSEs:
# Allow self write access to user password
# Allow anonymous users to authenticate
# Allow read access to everything else
# Directives needed to implement policy:
## Yast2 samba hack ACL
## allow the "ldap admin dn" access, but deny everyone else
access to attrs=SambaLMPassword,SambaNTPassword
by dn="cn=administrator,dc=valuesys,dc=net" write
by * none
## Yast2 samba hack ACL done
access to dn.base=""
by * read
access to dn.base="cn=Subschema"
by * read
access to attr=userPassword,userPKCS12
by self write
by * auth
access to attr=shadowLastChange
by self write
by * read
access to *
by * read
# if no access controls are present, the default policy
# allows anyone and everyone to read anything but restricts
# updates to rootdn. (e.g., "access to * by * read")
#
# rootdn can always read and write EVERYTHING!
I seem to remember the debug output being longer - can you try increasing the verbosity with:
/usr/lib/openldap/slapd -h ldap:/// -u ldap -g ldap -d 255
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.