Re: -Y external and SUSE
Thank's Michael, that it. I was looking for ldap-utils (the name of the package on Debian system) But on a SUSE system it's "openldap2-client". I removed it and it is working. I don't like SUSE :-) Am 05.07.23 um 20:43 schrieb Michael Wandel: rpm -qf $(which ldapsearch) -- Stefan Kania Landweg 13 25693 St. Michaelisdonn Signieren jeder E-Mail hilft Spam zu reduzieren und schützt Ihre Privatsphäre. Ein kostenfreies Zertifikat erhalten Sie unter https://www.dgn.de/dgncert/index.html smime.p7s Description: S/MIME Cryptographic Signature
Re: -Y external and SUSE
Am Wed, 5 Jul 2023 20:37:34 +0200 schrieb Stefan Kania : Hi All, I'm still alive, > Hi to all, > > I just installed openSUSE 15.5 and the actual symas packages. After > installing OpenLDAP I could start slapd but "ldapsearch -Y external > -H ldapi:///" is giving me a "can't connect to ldapserver" I'm on Tumbleweed and use openldap2: rpm -qi openldap2 Name: openldap2 Version : 2.6.4 Release : 2.1 Architecture: x86_64 Install Date: Do 29 Jun 2023 19:11:20 CEST with regard to your questions: ldapwhoami -Y gssapi -H ldapi:/// SASL/GSSAPI authentication started SASL username: die...@avci.de SASL data security layer installed. [...] ldapwhoami -Y external -H ldapi:/// SASL/EXTERNAL authentication started SASL username: [...] -Dieter -- Dieter Klünter | Systemberatung http://sys4.de GPG Key ID: E9ED159B 53°37'09,95"N 10°08'02,42"E pgp6pQiXv0dds.pgp Description: Digitale Signatur von OpenPGP
Re: -Y external and SUSE
Hi Stefan, can you please post the output from rpm -qf $(which ldapsearch) best regards Michael Am Mittwoch, dem 05.07.2023 um 20:37 +0200 schrieb Stefan Kania: > Hi to all, > > I just installed openSUSE 15.5 and the actual symas packages. After > installing OpenLDAP I could start slapd but "ldapsearch -Y external - > H > ldapi:///" is giving me a "can't connect to ldapserver" > > I found out that the ldap-socket on SUSE is (the same a on Debian > systems) in /var/symas/run/ldapi and I can see: > > ss -lp | grep slapd > u_str LISTEN 0 2048 /var/symas/run/ldapi > 15214 * 0 users:(("slapd",pid=1431,fd=9)) > > but doing a ldapsearch: > provider01:~ # ldapmodify -Y EXTERNAL -H ldapi:/// -d 5 > ldap_url_parse_ext(ldapi:///) > ldap_create > ldap_url_parse_ext(ldapi:///??base) > ldap_sasl_interactive_bind: user selected: EXTERNAL > ldap_int_sasl_bind: EXTERNAL > ldap_new_connection 1 1 0 > ldap_int_open_connection > ldap_connect_to_path > ldap_new_socket: 3 > ldap_connect_to_path: Trying /run/slapd/ldapi > ldap_connect_timeout: fd: 3 tm: -1 async: 0 > ldap_ndelay_on: 3 > ldap_close_socket: 3 > ldap_msgfree > ldap_err2string > ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1) > > You can see, that ldapsearch is looking in /run/slapd/ for the > socket. > How can I change this? > > I tested with setting a link: > ln -s /var/symas/run/ldapi /run/slapd/ > > and ldapseach wit "external" is working. But this was only a test. > After > rebooting the system the link is gone. > > > So how can I either change the behavior of the ldap-commands or > changing > the path where the socket will be stored? > > Thank's for any help signature.asc Description: This is a digitally signed message part
Re: -Y external and SUSE
Are you using the (suse) system ldapsearch, or ldapsearch that came with symas openldap? I have been bitten by that one. Try the other one, if you also have two. Op 05-07-2023 om 20:37 schreef Stefan Kania: Hi to all, I just installed openSUSE 15.5 and the actual symas packages. After installing OpenLDAP I could start slapd but "ldapsearch -Y external -H ldapi:///" is giving me a "can't connect to ldapserver" I found out that the ldap-socket on SUSE is (the same a on Debian systems) in /var/symas/run/ldapi and I can see: ss -lp | grep slapd u_str LISTEN 0 2048 /var/symas/run/ldapi 15214 * 0 users:(("slapd",pid=1431,fd=9)) but doing a ldapsearch: provider01:~ # ldapmodify -Y EXTERNAL -H ldapi:/// -d 5 ldap_url_parse_ext(ldapi:///) ldap_create ldap_url_parse_ext(ldapi:///??base) ldap_sasl_interactive_bind: user selected: EXTERNAL ldap_int_sasl_bind: EXTERNAL ldap_new_connection 1 1 0 ldap_int_open_connection ldap_connect_to_path ldap_new_socket: 3 ldap_connect_to_path: Trying /run/slapd/ldapi ldap_connect_timeout: fd: 3 tm: -1 async: 0 ldap_ndelay_on: 3 ldap_close_socket: 3 ldap_msgfree ldap_err2string ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1) You can see, that ldapsearch is looking in /run/slapd/ for the socket. How can I change this? I tested with setting a link: ln -s /var/symas/run/ldapi /run/slapd/ and ldapseach wit "external" is working. But this was only a test. After rebooting the system the link is gone. So how can I either change the behavior of the ldap-commands or changing the path where the socket will be stored? Thank's for any help
Re: -Y external and SUSE
Have you tried ldap.conf or ldaprc "URI" setting? On 6/07/2023 4:37 am, Stefan Kania wrote: Hi to all, I just installed openSUSE 15.5 and the actual symas packages. After installing OpenLDAP I could start slapd but "ldapsearch -Y external -H ldapi:///" is giving me a "can't connect to ldapserver" I found out that the ldap-socket on SUSE is (the same a on Debian systems) in /var/symas/run/ldapi and I can see: ss -lp | grep slapd u_str LISTEN 0 2048 /var/symas/run/ldapi 15214 * 0 users:(("slapd",pid=1431,fd=9)) but doing a ldapsearch: provider01:~ # ldapmodify -Y EXTERNAL -H ldapi:/// -d 5 ldap_url_parse_ext(ldapi:///) ldap_create ldap_url_parse_ext(ldapi:///??base) ldap_sasl_interactive_bind: user selected: EXTERNAL ldap_int_sasl_bind: EXTERNAL ldap_new_connection 1 1 0 ldap_int_open_connection ldap_connect_to_path ldap_new_socket: 3 ldap_connect_to_path: Trying /run/slapd/ldapi ldap_connect_timeout: fd: 3 tm: -1 async: 0 ldap_ndelay_on: 3 ldap_close_socket: 3 ldap_msgfree ldap_err2string ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1) You can see, that ldapsearch is looking in /run/slapd/ for the socket. How can I change this? I tested with setting a link: ln -s /var/symas/run/ldapi /run/slapd/ and ldapseach wit "external" is working. But this was only a test. After rebooting the system the link is gone. So how can I either change the behavior of the ldap-commands or changing the path where the socket will be stored? Thank's for any help -- This email has been checked for viruses by AVG antivirus software. www.avg.com
-Y external and SUSE
Hi to all, I just installed openSUSE 15.5 and the actual symas packages. After installing OpenLDAP I could start slapd but "ldapsearch -Y external -H ldapi:///" is giving me a "can't connect to ldapserver" I found out that the ldap-socket on SUSE is (the same a on Debian systems) in /var/symas/run/ldapi and I can see: ss -lp | grep slapd u_str LISTEN 0 2048 /var/symas/run/ldapi 15214 * 0users:(("slapd",pid=1431,fd=9)) but doing a ldapsearch: provider01:~ # ldapmodify -Y EXTERNAL -H ldapi:/// -d 5 ldap_url_parse_ext(ldapi:///) ldap_create ldap_url_parse_ext(ldapi:///??base) ldap_sasl_interactive_bind: user selected: EXTERNAL ldap_int_sasl_bind: EXTERNAL ldap_new_connection 1 1 0 ldap_int_open_connection ldap_connect_to_path ldap_new_socket: 3 ldap_connect_to_path: Trying /run/slapd/ldapi ldap_connect_timeout: fd: 3 tm: -1 async: 0 ldap_ndelay_on: 3 ldap_close_socket: 3 ldap_msgfree ldap_err2string ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1) You can see, that ldapsearch is looking in /run/slapd/ for the socket. How can I change this? I tested with setting a link: ln -s /var/symas/run/ldapi /run/slapd/ and ldapseach wit "external" is working. But this was only a test. After rebooting the system the link is gone. So how can I either change the behavior of the ldap-commands or changing the path where the socket will be stored? Thank's for any help smime.p7s Description: S/MIME Cryptographic Signature