LDAP errors

LDAP errors

Post by Jake Kru » Wed, 06 Mar 2002 11:57:54

Hello all -
I am in the process of trying to make my linux servers authenticate
off of AD, I compiled and installed openldap and pam_ldap, both appear
to be functioning.  Except they don't work.  My output from ldapsearch
reveals the following:

telepdev #.ldapsearch -w -h appserver1 -v -d 5
ldap_init( <default>, 0 )
ldap_connect_to_host: localhost:389 Connection refused
ldap_bind: Can't contact LDAP server

I even specified a host name, and even when I specify an IP address it
is always trying to contact localhost; perhaps explaining why the
queries bomb since no LDAP services are being run on the machine.  I
know this setup can work -- does anyone know what I am doing wrong?
Even though I specify another machine (via ldap.conf, command line DNS
or IP) it refuses to talk to the remote server.  If you could help me
out, I'd appreciate it.

Jake Kruse
UNIX Systems Administrator
Teleperformance USA

P.S.  Could you CC any replies to my email address?  Thanks!


LDAP errors

Post by Bernd Eckenfel » Wed, 06 Mar 2002 12:42:10

> telepdev #.ldapsearch -w -h appserver1 -v -d 5

-w means that the next parameter is the password. You need to use:

ldapsearch -h appserver1 -v -d5 -W

The default host is configured in /etc/ldap/ldap.conf or ~/.ldaprc
(or ldaprc or ~/ldaprc)



1. bash-2.05# ldaplist passwd ldaplist: Object not found (LDAP ERROR (1): Operations error.)


On a Solaris 9 LDAP client bound to a Sun ONE Directory Server 5.2 the
ldaplist command can not list all tables. Example:

# ldaplist passwd
ldaplist: Object not found (LDAP ERROR (1): Operations error.)

# ldaplist hosts
ldaplist: Object not found (LDAP ERROR (1): Operations error.)

The ldaplist command with ou=people or ou=hosts does return the proper
list, also does ldaplist without arguments. The command "getent
passwd" returns only /etc/passwd but "getent passwd user" lists the
user properly.

All users and hosts are in a flat hierarchy under the default
locations ou=people and ou=hosts. The search scope is "one", so the
client should find the entries. This works on a replica but not on the
master server.

Error log from master server:

[04/Nov/2003:17:27:01 +0100] - DEBUG  - conn=-1 op=-1 msgId=-1 -
libdb: illegal record number of 0
[04/Nov/2003:17:27:01 +0100] - ERROR<20753> - Backend Database -
conn=-1 op=-1 msgId=-1 -  vlv_build_idl: can't follow db cursor (err

Access log from master server reveals that client asks with correct
base dn and scope:

[04/Nov/2003:17:31:10 +0100] conn=32 op=-1 msgId=-1 - fd=40 slot=40
LDAP connection from to
[04/Nov/2003:17:31:10 +0100] conn=32 op=0 msgId=1 - BIND
dn="cn=proxyagent,ou=profile,dc=example,dc=com" method=128 version=3
[04/Nov/2003:17:31:10 +0100] conn=32 op=0 msgId=1 - RESULT err=0
tag=97 nentries=0 etime=0
[04/Nov/2003:17:31:10 +0100] conn=32 op=1 msgId=2 - SRCH
base="ou=people,dc=example,dc=com" scope=1
filter="(objectClass=posixaccount)" attrs="dn"
[04/Nov/2003:17:31:10 +0100] conn=32 op=1 msgId=2 - RESULT err=1
tag=101 nentries=0 etime=0
[04/Nov/2003:17:31:10 +0100] conn=32 op=2 msgId=3 - UNBIND
[04/Nov/2003:17:31:10 +0100] conn=32 op=2 msgId=-1 - closing - U1
[04/Nov/2003:17:31:11 +0100] conn=32 op=-1 msgId=-1 - closed.

Seems that the vlvindexes are broken but I deinstalled, installed,
configured the server several times, imported data from a proper LDIF
file and recreated the vlvindexes using the directoryserver command.

Any idea what goes wrong and how one can fix this? Many thanks in


2. Solaris x86 hangs when talking to NFS

3. LDAP error message? (automount schema)

4. NIS Setup questions

5. ldap error with netscape directory server

6. Bug in dynamic linker

7. SUN LDAP, Netscape LDAP (SUN), OPENLDAP, which one?????

8. Screensaver help

9. LDAP over SSL using OpenLDAP/OpenSSL/Cyrus SASL with Netscape's LDAP server

10. NIS v/s LDAP and LDAP compatible to pre-Solaris 8

11. question on ldap/postfix/ease of use for end users regarding ldap

12. Compiling Apache-2.0.35 with LDAP modules (httpd-ldap)

13. LDAP, fnaddr, X.500 to LDAP issues