> And what's more, when I run snoop > on the master, this is how things start up: > > tear -> manetheren LDAP C port=56534 > manetheren -> tear LDAP R port=56534 > tear -> manetheren LDAP C port=56534 > tear -> manetheren LDAP C port=56534 Search Request > neverDerefAliases > manetheren -> tear LDAP R port=56534 > manetheren -> tear LDAP R port=56534 Search ResEntry > manetheren -> tear LDAP R port=56534 Search ResDone Success > tear -> manetheren LDAP C port=56534 > tear -> manetheren LDAP C port=56534 > tear -> manetheren LDAP C port=56534 Unbind Request > tear -> manetheren LDAP C port=56534 > manetheren -> tear LDAP R port=56534 > manetheren -> tear LDAP R port=56534 > manetheren -> tear LDAP R port=56534 > tear -> manetheren LDAP C port=56534 > tear -> manetheren TCP D=636 S=56535 Syn Seq=840837329 Len=0 > Win=49640 Options=<mss 1460,nop,nop,sackOK> > [..] > > Interesting to me is that at no point is port 383 contacted.
Why 383? LDAP is 389. Solaris snoop is being stupid. A TCP connection has *two* port numbers - one for each end. e.g. [1.2.3.4:3456] <=> [5.6.7.8:389] is a TCP connection between IP address 1.2.3.4 port 3456 and IP address 5.6.7.8 port 389. It is only showing you one of those. > So why do I need to have ldap:/// going ??? Because your LDAP client only supports standard LDAP, or because you haven't told it to use TLS. Sorry, I don't know this actual software you're using. All I can give you is clues to work it out. e.g. read the docs and find a setting which says "use TLS for LDAP connections" (if it supports it at all) Brian. --- You are currently subscribed to ldap@umich.edu as: [EMAIL PROTECTED] To unsubscribe send email to [EMAIL PROTECTED] with the word UNSUBSCRIBE as the SUBJECT of the message.
