Hi all, I'm playing with a redhat enterprise 4 that uses ldap, since a few days i've notice that the slapd daemon is not able to bind to the default port 389, i'm very new to this server so i could being doing something of very stupid!
[root@ myserver etc]# netstat -tuan | grep 389 [root@ myserver etc]# i was wondering if a run time file of the server hasn't been properly removed due to a brutal restart, and now the process isn't able to bind to any port, does that make sense? which files should i look for? [root@ myserver etc]# ls /var/run/openldap/ [root@ myserver etc]# ls /var/lock/ dmraid lvm rpm subsys [root@ myserver etc]# i've tried to reinstall/downgrade various packages but nothing: [root@ myserver etc]# rpm -q openldap openldap-2.2.13-12.el4_8.2 [root@ myserver etc]# rpm -q openldap-servers openldap-servers-2.2.13-12.el4_8.2 [root@ myserver etc]# rpm -q openldap-clients openldap-clients-2.2.13-12.el4_8.2 [root@ myserver etc]# rpm -q nss_ldap nss_ldap-253-7.el4 [root@ myserver etc]# Mar 1 08:03:24 myserver su[5988]: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server Mar 1 08:03:24 myserver su[5988]: nss_ldap: could not search LDAP server - Server is unavailable Mar 1 08:03:24 myserver su[5988]: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server Mar 1 08:03:24 myserver su[5988]: nss_ldap: could not search LDAP server - Server is unavailable Mar 1 08:03:46 myserver netstat: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server Mar 1 08:03:46 myserver netstat: nss_ldap: could not search LDAP server - Server is unavailable Mar 1 08:03:46 myserver netstat: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server Mar 1 08:03:46 myserver netstat: nss_ldap: could not search LDAP server - Server is unavailable Mar 1 08:11:32 myserver runuser: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server Mar 1 08:11:32 myserver runuser: nss_ldap: could not search LDAP server - Server is unavailable Mar 1 08:11:32 myserver runuser: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server Mar 1 08:11:32 myserver runuser: nss_ldap: could not search LDAP server - Server is unavailable Mar 1 08:11:32 myserver runuser: config file testing succeeded Mar 1 08:11:32 myserver slapd[6476]: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server Mar 1 08:11:32 myserver slapd[6476]: nss_ldap: could not search LDAP server - Server is unavailable Mar 1 08:11:32 myserver slapd[6476]: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server Mar 1 08:11:32 myserver slapd[6476]: nss_ldap: could not search LDAP server - Server is unavailable Mar 1 08:13:23 myserver saslauthd[5038]: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server Mar 1 08:13:23 myserver saslauthd[5038]: nss_ldap: could not search LDAP server - Server is unavailable Mar 1 08:13:23 myserver saslauthd[5038]: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server Mar 1 08:13:23 myserver saslauthd[5038]: nss_ldap: could not search LDAP server - Server is unavailable Mar 1 08:13:23 myserver smtp(pam_unix)[5038]: check pass; user unknown Mar 1 08:13:23 myserver smtp(pam_unix)[5038]: authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= Mar 1 08:13:23 myserver saslauthd[5038]: pam_ldap: ldap_simple_bind Can't contact LDAP server Mar 1 08:13:26 myserver saslauthd[5038]: do_auth : auth failure: [user=user] [service=smtp] [realm=] [mech=pam] [reason=PAM auth error] Mar 1 08:13:29 myserver netstat: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server Mar 1 08:13:29 myserver netstat: nss_ldap: could not search LDAP server - Server is unavailable Mar 1 08:13:29 myserver netstat: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server Mar 1 08:13:29 myserver netstat: nss_ldap: could not search LDAP server - Server is unavailable configuration files: /etc/ldap.conf # @(#)$Id: ldap.conf,v 1.34 2004/09/16 23:32:02 lukeh Exp $ # # This is the configuration file for the LDAP nameservice # switch library and the LDAP PAM module. # # host 127.0.0.1 dc=tfis,dc=domain,dc=org # The port. # Optional: default is 389. port 389 timelimit 20 bind_timelimit 20 bind_policy soft idle_timelimit 3600 ssl no tls_cacertdir /etc/openldap/cacerts pam_password md5 base dc=tfis,dc=domain,dc=org /etc/openldap/ldap.conf # # LDAP Defaults # # See ldap.conf(5) for details # This file should be world readable but not world writable. BASE dc=tfis,dc=domain,dc=org HOST 127.0.0.1 TLS_CACERTDIR /etc/openldap/cacerts #URI ldap://ldap.example.com ldap://ldap-master.example.com:666 #SIZELIMIT 12 #TIMELIMIT 15 #DEREF never /etc/openldap/slapd.conf # # See slapd.conf(5) for details on configuration options. # This file should NOT be world readable. # include /etc/openldap/schema/core.schema include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/inetorgperson.schema include /etc/openldap/schema/nis.schema pidfile /var/run/openldap/slapd.pid argsfile /var/run/openldap/slapd.args database bdb suffix "dc=tfis, dc=domain, dc=org" rootdn "cn=Manager,dc=tfis,dc=domain,dc=org" directory /var/lib/ldap # Indices to maintain for this database index objectClass eq,pres index ou,cn,mail,surname,givenname eq,pres,sub index uidNumber,gidNumber,loginShell eq,pres index uid,memberUid eq,pres,sub index nisMapName,nisMapEntry eq,pres,sub thank you very much for some help!! i don't know where too look anymore, i've installed the same package on another redhat enterprise 4 and it correctly binds the default port, i'm thinking to move temporarily the ldap database on the other server which should be: 1) cp /usr/lib/ldap 2) cp configuration files 3) configure web application to use the new slapd server am i missing something ? thanks ! kocisky p.s. i've been googling around and there is something but no results : (
