[K12OSN] still banging my head against Ubuntu 8 authenticating against LDAP
John Lucas
mrjohnlucas at gmail.com
Wed Sep 24 03:06:34 UTC 2008
Micha Silver wrote:
> Carl Keil wrote:
>> So,
>>
>> When I run "ldapsearch 10.0.1.252 domain.com -x" on the LDAP server, I
>> get a list of all the people in the LDAP database. When I run the
>> same search from the client I get a message saying that it can't
>> contact the LDAP server. I've dropped the firewall on the server and
>> I can ping the server.
>> Anyone have any idea what the problem could be? How do you tell LDAP
>> to listen to outside ports?
>>
> As far as I know, two things will block access to an ldap server.
> 1- Either the firewall is not allowing traffic in on port 389 . This you
> can check with iptables -nvL. You should see a line ACCEPTing packets
> from whoever should be able to query the ldap server. (I'm not sure what
> you mean by "dropped the firewall..." ?)
> or
> 2- Access limited by "access" rules in your slapd.conf file
> (/etc/openldap/slapd.conf). The default, if there are no access rules,
> is to allow everyone read access, and only the root user to write.
>
You might also make sure that there is an "ldap" stanza allowing access in
/etc/hosts.allow.
--
"History doesn't repeat itself; at best it rhymes."
- Mark Twain
| John Lucas MrJohnLucas at gmail.com |
| St. Thomas, VI 00802 http://mrjohnlucas.googlepages.com/ |
| 18.3°N, 65°W AST (UTC-4) |
More information about the K12OSN
mailing list