Re: -Y external and SUSE
Thank's Michael, that it. I was looking for ldap-utils (the name of the package on Debian system) But on a SUSE system it's "openldap2-client". I removed it and it is working. I don't like SUSE :-) Am 05.07.23 um 20:43 schrieb Michael Wandel: rpm -qf $(which ldapsearch) -- Stefan Kania Landweg 13 25693 St. Michaelisdonn Signieren jeder E-Mail hilft Spam zu reduzieren und schützt Ihre Privatsphäre. Ein kostenfreies Zertifikat erhalten Sie unter https://www.dgn.de/dgncert/index.html smime.p7s Description: S/MIME Cryptographic Signature
Re: -Y external and SUSE
Am Wed, 5 Jul 2023 20:37:34 +0200 schrieb Stefan Kania : Hi All, I'm still alive, > Hi to all, > > I just installed openSUSE 15.5 and the actual symas packages. After > installing OpenLDAP I could start slapd but "ldapsearch -Y external > -H ldapi:///" is giving me a "can't connect to ldapserver" I'm on Tumbleweed and use openldap2: rpm -qi openldap2 Name: openldap2 Version : 2.6.4 Release : 2.1 Architecture: x86_64 Install Date: Do 29 Jun 2023 19:11:20 CEST with regard to your questions: ldapwhoami -Y gssapi -H ldapi:/// SASL/GSSAPI authentication started SASL username: die...@avci.de SASL data security layer installed. [...] ldapwhoami -Y external -H ldapi:/// SASL/EXTERNAL authentication started SASL username: [...] -Dieter -- Dieter Klünter | Systemberatung http://sys4.de GPG Key ID: E9ED159B 53°37'09,95"N 10°08'02,42"E pgp6pQiXv0dds.pgp Description: Digitale Signatur von OpenPGP
Re: -Y external and SUSE
Hi Stefan,
can you please post the output from
rpm -qf $(which ldapsearch)
best regards
Michael
Am Mittwoch, dem 05.07.2023 um 20:37 +0200 schrieb Stefan Kania:
> Hi to all,
>
> I just installed openSUSE 15.5 and the actual symas packages. After
> installing OpenLDAP I could start slapd but "ldapsearch -Y external -
> H
> ldapi:///" is giving me a "can't connect to ldapserver"
>
> I found out that the ldap-socket on SUSE is (the same a on Debian
> systems) in /var/symas/run/ldapi and I can see:
>
> ss -lp | grep slapd
> u_str LISTEN 0 2048 /var/symas/run/ldapi
> 15214 * 0 users:(("slapd",pid=1431,fd=9))
>
> but doing a ldapsearch:
> provider01:~ # ldapmodify -Y EXTERNAL -H ldapi:/// -d 5
> ldap_url_parse_ext(ldapi:///)
> ldap_create
> ldap_url_parse_ext(ldapi:///??base)
> ldap_sasl_interactive_bind: user selected: EXTERNAL
> ldap_int_sasl_bind: EXTERNAL
> ldap_new_connection 1 1 0
> ldap_int_open_connection
> ldap_connect_to_path
> ldap_new_socket: 3
> ldap_connect_to_path: Trying /run/slapd/ldapi
> ldap_connect_timeout: fd: 3 tm: -1 async: 0
> ldap_ndelay_on: 3
> ldap_close_socket: 3
> ldap_msgfree
> ldap_err2string
> ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1)
>
> You can see, that ldapsearch is looking in /run/slapd/ for the
> socket.
> How can I change this?
>
> I tested with setting a link:
> ln -s /var/symas/run/ldapi /run/slapd/
>
> and ldapseach wit "external" is working. But this was only a test.
> After
> rebooting the system the link is gone.
>
>
> So how can I either change the behavior of the ldap-commands or
> changing
> the path where the socket will be stored?
>
> Thank's for any help
signature.asc
Description: This is a digitally signed message part
Re: -Y external and SUSE
Are you using the (suse) system ldapsearch, or ldapsearch that came with
symas openldap?
I have been bitten by that one. Try the other one, if you also have two.
Op 05-07-2023 om 20:37 schreef Stefan Kania:
Hi to all,
I just installed openSUSE 15.5 and the actual symas packages. After
installing OpenLDAP I could start slapd but "ldapsearch -Y external -H
ldapi:///" is giving me a "can't connect to ldapserver"
I found out that the ldap-socket on SUSE is (the same a on Debian
systems) in /var/symas/run/ldapi and I can see:
ss -lp | grep slapd
u_str LISTEN 0 2048 /var/symas/run/ldapi
15214 * 0 users:(("slapd",pid=1431,fd=9))
but doing a ldapsearch:
provider01:~ # ldapmodify -Y EXTERNAL -H ldapi:/// -d 5
ldap_url_parse_ext(ldapi:///)
ldap_create
ldap_url_parse_ext(ldapi:///??base)
ldap_sasl_interactive_bind: user selected: EXTERNAL
ldap_int_sasl_bind: EXTERNAL
ldap_new_connection 1 1 0
ldap_int_open_connection
ldap_connect_to_path
ldap_new_socket: 3
ldap_connect_to_path: Trying /run/slapd/ldapi
ldap_connect_timeout: fd: 3 tm: -1 async: 0
ldap_ndelay_on: 3
ldap_close_socket: 3
ldap_msgfree
ldap_err2string
ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1)
You can see, that ldapsearch is looking in /run/slapd/ for the socket.
How can I change this?
I tested with setting a link:
ln -s /var/symas/run/ldapi /run/slapd/
and ldapseach wit "external" is working. But this was only a test. After
rebooting the system the link is gone.
So how can I either change the behavior of the ldap-commands or changing
the path where the socket will be stored?
Thank's for any help
Re: -Y external and SUSE
Have you tried ldap.conf or ldaprc "URI" setting?
On 6/07/2023 4:37 am, Stefan Kania wrote:
Hi to all,
I just installed openSUSE 15.5 and the actual symas packages. After
installing OpenLDAP I could start slapd but "ldapsearch -Y external -H
ldapi:///" is giving me a "can't connect to ldapserver"
I found out that the ldap-socket on SUSE is (the same a on Debian
systems) in /var/symas/run/ldapi and I can see:
ss -lp | grep slapd
u_str LISTEN 0 2048 /var/symas/run/ldapi
15214 * 0 users:(("slapd",pid=1431,fd=9))
but doing a ldapsearch:
provider01:~ # ldapmodify -Y EXTERNAL -H ldapi:/// -d 5
ldap_url_parse_ext(ldapi:///)
ldap_create
ldap_url_parse_ext(ldapi:///??base)
ldap_sasl_interactive_bind: user selected: EXTERNAL
ldap_int_sasl_bind: EXTERNAL
ldap_new_connection 1 1 0
ldap_int_open_connection
ldap_connect_to_path
ldap_new_socket: 3
ldap_connect_to_path: Trying /run/slapd/ldapi
ldap_connect_timeout: fd: 3 tm: -1 async: 0
ldap_ndelay_on: 3
ldap_close_socket: 3
ldap_msgfree
ldap_err2string
ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1)
You can see, that ldapsearch is looking in /run/slapd/ for the socket.
How can I change this?
I tested with setting a link:
ln -s /var/symas/run/ldapi /run/slapd/
and ldapseach wit "external" is working. But this was only a test.
After rebooting the system the link is gone.
So how can I either change the behavior of the ldap-commands or
changing the path where the socket will be stored?
Thank's for any help
--
This email has been checked for viruses by AVG antivirus software.
www.avg.com
-Y external and SUSE
Hi to all,
I just installed openSUSE 15.5 and the actual symas packages. After
installing OpenLDAP I could start slapd but "ldapsearch -Y external -H
ldapi:///" is giving me a "can't connect to ldapserver"
I found out that the ldap-socket on SUSE is (the same a on Debian
systems) in /var/symas/run/ldapi and I can see:
ss -lp | grep slapd
u_str LISTEN 0 2048 /var/symas/run/ldapi
15214 * 0users:(("slapd",pid=1431,fd=9))
but doing a ldapsearch:
provider01:~ # ldapmodify -Y EXTERNAL -H ldapi:/// -d 5
ldap_url_parse_ext(ldapi:///)
ldap_create
ldap_url_parse_ext(ldapi:///??base)
ldap_sasl_interactive_bind: user selected: EXTERNAL
ldap_int_sasl_bind: EXTERNAL
ldap_new_connection 1 1 0
ldap_int_open_connection
ldap_connect_to_path
ldap_new_socket: 3
ldap_connect_to_path: Trying /run/slapd/ldapi
ldap_connect_timeout: fd: 3 tm: -1 async: 0
ldap_ndelay_on: 3
ldap_close_socket: 3
ldap_msgfree
ldap_err2string
ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1)
You can see, that ldapsearch is looking in /run/slapd/ for the socket.
How can I change this?
I tested with setting a link:
ln -s /var/symas/run/ldapi /run/slapd/
and ldapseach wit "external" is working. But this was only a test. After
rebooting the system the link is gone.
So how can I either change the behavior of the ldap-commands or changing
the path where the socket will be stored?
Thank's for any help
smime.p7s
Description: S/MIME Cryptographic Signature
