LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 11-29-2004, 11:41 AM   #1
armagdon
LQ Newbie
 
Registered: Nov 2004
Posts: 5

Rep: Reputation: 0
ldap problem


hello
I was configure ldap with samba on SuSE Enterprise 9 as a pdc and all client login not problem , today when restarted ldap service is running but not open port "389" with " " nmap " I don't know what's the problem , log files appear that "can't contact LDAP server "
 
Old 11-29-2004, 01:00 PM   #2
david_ross
Moderator
 
Registered: Mar 2003
Location: Scotland
Distribution: Slackware, RedHat, Debian
Posts: 12,047

Rep: Reputation: 79
Welcome to LQ.

Do you see the service listening? Can you post the output from:
ps -ef | grep slapd
netstat -nlp
iptables -nL
 
Old 11-29-2004, 01:36 PM   #3
armagdon
LQ Newbie
 
Registered: Nov 2004
Posts: 5

Original Poster
Rep: Reputation: 0
this ou put from this command
netstat -nl
iptables -Ln
ps -ef |grep slapd

ldap 26134 1 0 21:10 ? 00:00:00 /usr/lib/openldap/slapd -h ldap:/// -u ldap -g ldap
root 26221 1 0 21:25 ? 00:00:00 /usr/lib/openldap/slapd
root 26234 20994 0 21:27 pts/1 00:00:00 grep slapd
#################################################################################################### ##################
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:901 0.0.0.0:* LISTEN 25972/xinetd
tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN 26062/smbd
tcp 0 0 127.0.0.1:3310 0.0.0.0:* LISTEN 14519/clamd
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 13474/portmap
tcp 0 0 10.10.10.1:8080 0.0.0.0:* LISTEN 16483/(squid)
tcp 0 0 127.0.0.1:3000 0.0.0.0:* LISTEN 13427/ntop
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 25958/named
tcp 0 0 0.0.0.0:445 0.0.0.0:* LISTEN 26062/smbd
tcp 0 0 :::53 :::* LISTEN 25958/named
tcp 0 0 ::1:953 :::* LISTEN 25958/named
udp 0 0 10.10.10.1:137 0.0.0.0:* 26038/nmbd
udp 0 0 0.0.0.0:137 0.0.0.0:* 26038/nmbd
udp 0 0 10.10.10.1:138 0.0.0.0:* 26038/nmbd
udp 0 0 0.0.0.0:138 0.0.0.0:* 26038/nmbd
udp 0 0 0.0.0.0:1566 0.0.0.0:* 16483/(squid)
udp 0 0 212.122.233.6:53 0.0.0.0:* 25958/named
udp 0 0 10.10.10.1:53 0.0.0.0:* 25958/named
udp 0 0 127.0.0.1:53 0.0.0.0:* 25958/named
udp 0 0 0.0.0.0:3130 0.0.0.0:* 16483/(squid)
udp 0 0 0.0.0.0:67 0.0.0.0:* 14366/dhcpd
udp 0 0 0.0.0.0:67 0.0.0.0:* 14366/dhcpd
udp 0 0 0.0.0.0:3401 0.0.0.0:* 16483/(squid)
udp 0 0 0.0.0.0:4827 0.0.0.0:* 16483/(squid)
udp 0 0 0.0.0.0:111 0.0.0.0:* 13474/portmap
udp 0 0 0.0.0.0:2033 0.0.0.0:* 25958/named
udp 0 0 212.122.233.6:123 0.0.0.0:* 13005/ntpd
udp 0 0 10.10.10.1:123 0.0.0.0:* 13005/ntpd
udp 0 0 127.0.0.1:123 0.0.0.0:* 13005/ntpd
udp 0 0 0.0.0.0:123 0.0.0.0:* 13005/ntpd
udp 0 0 :::53 :::* 25958/named
udp 0 0 :::2034 :::* 25958/named
udp 0 0 :::123 :::* 13005/ntpd
raw 0 0 0.0.0.0:1 0.0.0.0:* 7 14366/dhcpd
Active UNIX domain sockets (only servers)
Proto RefCnt Flags Type State I-Node PID/Program name Path
unix 2 [ ACC ] STREAM LISTENING 115324 20491/kdeinit: ksms /tmp/.ICE-unix/20491
unix 2 [ ACC ] STREAM LISTENING 115117 20433/X /tmp/.X11-unix/X0
unix 2 [ ACC ] STREAM LISTENING 84143 12802/powersaved /var/run/powersave_socket
unix 2 [ ACC ] STREAM LISTENING 115161 20470/kdeinit: Runn /tmp/ksocket-server/kdeinit__0
unix 2 [ ACC ] STREAM LISTENING 115163 20470/kdeinit: Runn /tmp/ksocket-server/kdeinit-:0
unix 2 [ ACC ] STREAM LISTENING 115169 20473/kdeinit: dcop /tmp/.ICE-unix/dcop20473-1101781244
unix 2 [ ACC ] STREAM LISTENING 83311 12306/resmgrd /var/run/.resmgr_socket
unix 2 [ ACC ] STREAM LISTENING 115269 20486/artsd /tmp/mcop-server/comp-srv_valuesys_net-5006-41abd919
unix 2 [ ACC ] STREAM LISTENING 115195 20475/kdeinit: klau /tmp/ksocket-server/klauncherHSqOTa.slave-socket


#################################################################################################### ############
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
 
Old 11-29-2004, 01:57 PM   #4
david_ross
Moderator
 
Registered: Mar 2003
Location: Scotland
Distribution: Slackware, RedHat, Debian
Posts: 12,047

Rep: Reputation: 79
It seems a bit odd. Can you try stopping the server and starting in debug mode:
killall slapd
/usr/lib/openldap/slapd -h ldap:/// -u ldap -g ldap -d 10

This will stay open on the terminal (you can stop it with Ctrl+C). See if you can connect after that. While it is running you can try looking at the netstat output again to see if the server is listening:
netstat -nlp | grep 389

If it doesn't work - can you post the output from the debug command and a copy of your slapd.conf file.
 
Old 11-29-2004, 02:23 PM   #5
armagdon
LQ Newbie
 
Registered: Nov 2004
Posts: 5

Original Poster
Rep: Reputation: 0
this is the output of this command
/usr/lib/openldap/slapd -h ldap:/// -u ldap -g ldap -d 10

@(#) $OpenLDAP: slapd 2.2.6 (Jun 30 2004 21:39:35) $
abuild@boltzmann:/usr/src/packages/BUILD/openldap-2.2.6/servers/slapd
bdb_initialize: Sleepycat Software: Berkeley DB 4.2.52: (June 30, 2004)
bdb_db_init: Initializing BDB database.
###############################################################################33
slapd.conf
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
include /etc/openldap/schema/samba3.schema
include /etc/openldap/schema/dnszone.schema
include /etc/openldap/schema/yast.schema
#include /etc/openldap/schema/rfc2307bis.schema
# Define global ACLs to disable default read access.

# Do not enable referrals until AFTER you have a working directory
# service AND an understanding of referrals.
#referral ldap://root.openldap.org

pidfile /var/run/slapd/slapd.pid
argsfile /var/run/slapd/slapd.args

# Load dynamic backend modules:
modulepath /usr/lib/openldap/modules
# moduleload back_ldap.la
# moduleload back_meta.la
# moduleload back_monitor.la
# moduleload back_perl.la

# Sample security restrictions
# Require integrity protection (prevent hijacking)
# Require 112-bit (3DES or better) encryption for updates
# Require 63-bit encryption for simple bind
# security ssf=1 update_ssf=112 simple_bind=64

# Sample access control policy:
# Root DSE: allow anyone to read it
# Subschema (sub)entry DSE: allow anyone to read it
# Other DSEs:
# Allow self write access to user password
# Allow anonymous users to authenticate
# Allow read access to everything else
# Directives needed to implement policy:
## Yast2 samba hack ACL
## allow the "ldap admin dn" access, but deny everyone else
access to attrs=SambaLMPassword,SambaNTPassword
by dn="cn=administrator,dc=valuesys,dc=net" write
by * none
## Yast2 samba hack ACL done
access to dn.base=""
by * read

access to dn.base="cn=Subschema"
by * read

access to attr=userPassword,userPKCS12
by self write
by * auth

access to attr=shadowLastChange
by self write
by * read

access to *
by * read

# if no access controls are present, the default policy
# allows anyone and everyone to read anything but restricts
# updates to rootdn. (e.g., "access to * by * read")
#
# rootdn can always read and write EVERYTHING!

#######################################################################
# bdb database definitions
#######################################################################

loglevel 1022
database bdb
checkpoint 1024 5
cachesize 20000
suffix "dc=domain,dc=com"
rootdn "cn=administrator,dc=domain,dc=com"
rootpw password
directory /var/lib/ldap
index objectClass,uidNumber,gidNumber eq
index member,mail eq,pres
index cn,displayname,uid,sn,givenname sub,eq,pres
 
Old 11-29-2004, 02:32 PM   #6
david_ross
Moderator
 
Registered: Mar 2003
Location: Scotland
Distribution: Slackware, RedHat, Debian
Posts: 12,047

Rep: Reputation: 79
I seem to remember the debug output being longer - can you try increasing the verbosity with:
/usr/lib/openldap/slapd -h ldap:/// -u ldap -g ldap -d 255
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
LDAP: Can't contact master ldap server rulirahm Linux - Networking 2 07-14-2014 02:02 AM
LDAP server not starting as user LDAP klnasveschuk Fedora 1 02-15-2007 04:49 AM
problem with ldap egyptian Linux - Networking 0 10-19-2004 08:09 AM
ldap-abook unable to get street name in ldap-entry Jingle Linux - Software 1 06-06-2004 07:13 PM
ldap problem???? chintone Linux - Software 0 12-02-2002 12:19 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 05:56 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration