Hi, your /etc/openldap/ldap.conf is not set properly. Should be looking like this: ---8<--- URI ldap://ldap-srv.your-domain.com/ BASE dc=your-domain,dc=com ... ---8<--- Localhost will now work in network environment, because it always point to loclahost. That is why you get "Can't contact LDAP server" - your client tries to get to localhost (or something else, depending on /etc/openldap/ldap.conf set up. Woul dbe nice to have it). You might need to use real names (or even fqdn ones if suitable)... Regards. Am 03.10.2013 22:03, schrieb Stephen Watt: > Hi Folks > > I have 389 installed on F19 on a server with the hostname ldap-srv but I am unable to successfully query it using ldapsearch from another F19 server with the hostname ldap-client. I am an LDAP noob so its possible that this scenario isn't even meant to work. Essentially, I've set up a 389 server and I'm trying to use ldapsearch as a quick sniff test to make sure its working properly before I embark on figuring out how to configure some other F19 servers to use the 389 LDAP service for Authentication. > > I think ldap-srv is running correctly using the default configuration as I'm able to bring up the 389-console and create a few users and groups. I am also able to successfully run the following local ldapsearch query on ldap-srv: > > ldapsearch -x -s base -b "" "objectclass=*" which prints out a long list of results but ends in: > > vendorName: 389 Project > vendorVersion: 389-Directory/1.3.1.7 B2013.240.2228 > dataversion: 020130920220244 > netscapemdsuffix: cn=ldap://dc=localhost,dc=localdomain:389 > > # search result > search: 2 > result: 0 Success > > # numResponses: 2 > # numEntries: 1 > > However, when I try and run a similar query from my ldap-client server, I get the following: > > [root@ldap-client ~]# ldapsearch -x -h ldap-srv -s base -b "" "objectclass=*" > ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1) > > iptables are off on both machines. > > Regards > Steve Watt > -- > 389 users mailing list > 389-users@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/389-users > -- Predrag Zecevic, Technical Support Analyst, 2e Systems GmbH Telephone: +49 6196 9505 815, Facsimile: +49 6196 9505 894 Mobile: +49 174 3109 288, Skype: predrag.zecevic E-mail: predrag.zecevic@xxxxxxxxxxxxxx Headquarter: 2e Systems GmbH, Königsteiner Str. 87, 65812 Bad Soden am Taunus, Germany Company registration: Amtsgericht Königstein (Germany), HRB 7303 Managing director: Phil Douglas http://www.2e-systems.com/ - Making your business fly!
Attachment:
signature.asc
Description: OpenPGP digital signature
-- 389 users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-users
