When ldap_cachemgr is connected to the LDAP server without TLS/SSL, I get something very similar. It does not explain why I can't connect with TLS/SSL, hence my wish to run in DEBUG mode...
Any Illumos LDAP tools specialist out there ? On 8 Sep 2014, at 15:10, Jonathan Adams <[email protected]> wrote: > have you run ldap_cachemgr -g ? > > jadams@jadlaptop:~$ /usr/lib/ldap/ldap_cachemgr -g > > cachemgr configuration: > server debug level 0 > server log file "/var/ldap/cachemgr.log" > number of calls to ldapcachemgr 1179 > > cachemgr cache data statistics: > Configuration refresh information: > Configured to NO REFRESH. > Server information: > Previous refresh time: 2014/09/08 13:19:03 > Next refresh time: 2014/09/08 14:44:23 > server: 127.0.0.1, status: UP > Cache data information: > Maximum cache entries: 256 > Number of cache entries: 0 > > > > On 8 September 2014 13:32, Vern Bingham <[email protected]> wrote: > Indeed, the Illumos ldapsearch command is definitely not the OpenLDAP homonym > which, by the way, works in TLS/SSL with my OpenDJ server... > > I can also link in TLS/SSL to the OpenDJ server with Apache Directory Studio > (which, I believe, is quite lenient with SSL). (I have not tried with > JXplorer...) > > My REAL problem is to make the ldap_cachemgr work with the OpenDJ server in > TLS/SSL. I am only interested in ldapsearch to debug my problem... > > V. > > > On 8 Sep 2014, at 14:10, Jonathan Adams <[email protected]> wrote: > >> okay, the "ldapsearch" command is not the OpenLDAP "ldapsearch command" >> (compare the help output and you'll see that they're different) >> >> I use OpenLDAP for our server, so that works well (I couldn't stand the >> absolutely humongous LDAP servers that were available ... L is supposed to >> stand for Light-weight ...) >> >> you could try compiling the OpenLDAP ldapsearch command and testing with >> that, however that wouldn't test the entire system integration ... >> >> Can you link to the OpenDJ with JXplorer? does that allow you to view/work >> with the system? >> >> Jon >> >> On 8 September 2014 12:54, Vern Bingham <[email protected]> wrote: >> I used to run an OpenDS server which I replaced with an OpenDJ server. Since >> then, connections from LDAP client utilities in SSL/TLS stopped working. >> Connections in the clear on port 1389 work just fine. Server-side logs are >> not informative. I wish to see what is (not?) happening from the client >> side. >> >> >> On 8 Sep 2014, at 13:41, Jonathan Adams <[email protected]> wrote: >> >>> I have the same issue, but I hadn't realised because I always run the debug >>> from the server side. >>> >>> What issues are you having? What do you need to find out? >>> >>> Jon >>> >>> On 8 September 2014 12:15, Vern Bingham via illumos-discuss >>> <[email protected]> wrote: >>> In my distribution of Illumos, the LDAP utilities were not compiled with >>> the LDAP_DEBUG option: >>> >>> $ ldapsearch -d 7 [...] >>> compile with -DLDAP_DEBUG for debugging >>> >>> In order to solve this problem, I downloaded the Illumos source and built >>> it with -DLDAP_DEBUG in the LOCFLAGS in usr/src/lib/libsldap/Makefile.com. >>> >>> As a consequence, it is now possible to use the -d argument for ldapsearch >>> but... it makes no difference! >>> >>> What have I missed? >>> >>> Thanks. >>> >>> ------------------------------------------- >>> illumos-discuss >>> Archives: https://www.listbox.com/member/archive/182180/=now >>> RSS Feed: >>> https://www.listbox.com/member/archive/rss/182180/23508059-3f15f76a >>> Modify Your Subscription: https://www.listbox.com/member/?&; >>> Powered by Listbox: http://www.listbox.com >>> >> >> > > ------------------------------------------- illumos-discuss Archives: https://www.listbox.com/member/archive/182180/=now RSS Feed: https://www.listbox.com/member/archive/rss/182180/21175430-2e6923be Modify Your Subscription: https://www.listbox.com/member/?member_id=21175430&id_secret=21175430-6a77cda4 Powered by Listbox: http://www.listbox.com
