LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 12-14-2015, 12:06 AM   #1
vikas027
Senior Member
 
Registered: May 2007
Location: Sydney
Distribution: RHEL, CentOS, Ubuntu, Debian, OS X
Posts: 1,305

Rep: Reputation: 107Reputation: 107
Question ldpasearch on port 636


Hello Everyone,

I can use ruby net-ldap as shown here. but I am having issues while trying to use ldapsearch on port 636.

Code:
# ldapsearch -d1 -v -x \
> -h "ad-server.test.com" -p 636 \
> -D "CN=My Name,OU=User Accounts,DC=Test,DC=Com" \
> -w 'password' \
> -b "DC=test,DC=com" \
> -s sub "(&(sAMAccountName=*)(memberOf=*))"
ldap_initialize( ldap://ad-server.test.com:636 )
ldap_create
ldap_url_parse_ext(ldap://ad-server.test.com:636)
ldap_sasl_bind
ldap_send_initial_request
ldap_new_connection 1 1 0
ldap_int_open_connection
ldap_connect_to_host: TCP ad-server.test.com:636
ldap_new_socket: 3
ldap_prepare_socket: 3
ldap_connect_to_host: Trying 10.161.88.35:636
ldap_pvt_connect: fd: 3 tm: -1 async: 0
ldap_open_defconn: successful
ldap_send_server_request
ber_scanf fmt ({it) ber:
ber_scanf fmt ({i) ber:
ber_flush2: 99 bytes to sd 3
ldap_result ld 0x1478280 msgid 1
wait4msg ld 0x1478280 msgid 1 (infinite timeout)
wait4msg continue ld 0x1478280 msgid 1 all 1
** ld 0x1478280 Connections:
* host: ad-server.test.com  port: 636  (default)
  refcnt: 2  status: Connected
  last used: Mon Dec 14 14:29:40 2015


** ld 0x1478280 Outstanding Requests:
 * msgid 1,  origid 1, status InProgress
   outstanding referrals 0, parent count 0
  ld 0x1478280 request count 1 (abandoned 0)
** ld 0x1478280 Response Queue:
   Empty
  ld 0x1478280 response count 0
ldap_chkResponseList ld 0x1478280 msgid 1 all 1
ldap_chkResponseList returns ld 0x1478280 NULL
ldap_int_select
read1msg: ld 0x1478280 msgid 1 all 1
ber_get_next
ldap_err2string
ldap_result: Can't contact LDAP server (-1)
#
This command generally works fine for searches on port 389.

Thanks in advance.
 
Old 12-15-2015, 04:45 AM   #2
fmattheus
Member
 
Registered: Nov 2015
Posts: 104

Rep: Reputation: 38
I haven't done anything with ldaps, but I would guess that if you are using port 636, you're using ldaps and not ldap, therefore you need to change your URL.

Try
Code:
-H ldaps://ad-server.test.com:636
instead of
Code:
-h "ad-server.test.com" -p 636
This is the page I grabbed that from:
https://access.redhat.com/documentat...ients-ssl.html
 
Old 12-15-2015, 06:35 AM   #3
vikas027
Senior Member
 
Registered: May 2007
Location: Sydney
Distribution: RHEL, CentOS, Ubuntu, Debian, OS X
Posts: 1,305

Original Poster
Rep: Reputation: 107Reputation: 107
Unhappy

Quote:
Originally Posted by fmattheus View Post
I haven't done anything with ldaps, but I would guess that if you are using port 636, you're using ldaps and not ldap, therefore you need to change your URL.

Try
Code:
-H ldaps://ad-server.test.com:636
instead of
Code:
-h "ad-server.test.com" -p 636
This is the page I grabbed that from:
https://access.redhat.com/documentat...ients-ssl.html
HI fmattheus, I have tried that as well in vain, it throws the same error.
 
Old 12-15-2015, 07:10 AM   #4
fmattheus
Member
 
Registered: Nov 2015
Posts: 104

Rep: Reputation: 38
Did you try using the "-Z" option yet to force StartTLS?
 
Old 12-17-2015, 08:41 PM   #5
vikas027
Senior Member
 
Registered: May 2007
Location: Sydney
Distribution: RHEL, CentOS, Ubuntu, Debian, OS X
Posts: 1,305

Original Poster
Rep: Reputation: 107Reputation: 107
Lightbulb

This worked fine for me

Code:
ldapsearch -x \
> -h "ldap://ad-server.test.com" -p 636 \
> -D "CN=My Name,OU=User Accounts,DC=Test,DC=Com" \
> -w 'password' \
> -b "DC=test,DC=com" \
> -s sub "(&(sAMAccountName=*)(memberOf=*))"
 
  


Reply

Tags
ldap, ldapsearch, ssl


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] getting openldap slapd to listen on port 636 ( ssl ) ? fwellers Linux - Newbie 4 01-06-2012 02:00 PM
ProFTP + LDAP + SSL (LDAPServer 1.2.3.4:636) one71 Linux - Server 2 06-02-2008 05:08 AM
How to Block Port 636??? ajeetraina Linux - Server 4 01-28-2008 06:47 PM
Port 636??? ajeetraina Linux - Newbie 1 12-03-2007 12:47 PM
epson perfection 636 scanner... vance Linux - Hardware 1 12-15-2002 12:15 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 08:20 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration