All, I resolved my own issue. It's amazing what you come up with when you walk away for a few. I had created a link between /etc/openldap and the /usr/local/openldap/etc/openldap. When I discovered that someone at some point before I got here had downloaded every CentOS/RedHat LDAP rpm to this machine, I cleaned it up to where only the 2.4.38 rpm remained. Well, it removed my link which I had created, which was causing the errors below.
From: [email protected] [mailto:[email protected]] On Behalf Of Borresen, John - 0442 - MITLL Sent: Friday, January 24, 2014 2:45 PM To: [email protected] Subject: Ldap Connection Issue All, Very similar issue that Warron was/is having. Server1: # ldapsearch -W -x -ZZ -b cn=config -v -D cn=admin,cn=config Server1: # ldapsearch -W -x -ZZ -H ldap://server2.example.ldap -b cn=config -v -D cn=admin,cn=config These commands work (they returns the dbase as expect & desired), both servers are clients to themselves and the other server (using self-signed wildcard certificates) Both ldap.confs are identical, the one on server1 was used on server2. The URI directive looks like: uri ldap://server1.example.ldap ldap://server1.<FQDN> ldap://server2.example.ldap ldap://server2.<FQDN> Server2: a) # ldapsearch -W -x -ZZ -b cn=config -v -D cn=admin,cn=config Fails with: ldap_initialize( <DEFAULT> ) ldap_start_tls: Connect error (-11) b) # ldapsearch -W -x -ZZ -H ldap://server2.example.ldap -b cn=config -v -D cn=admin,cn=config ldap_initialize( ldap://server2.example.ldap:389/??base ) ldap_start_tls: Connect error (-11) c) # ldapsearch -W -x -ZZ -h ldap://server1.example.ldap -b cn=config -v -D cn=admin,cn=config d) ldap_initialize( ldap://ldap:%2F%2Fserver1.example.ldap) e) Could not create LDAP session handle for URI=ldap://ldap:%2F%2Fgp42-admin4.llan.ll.mit.edu (-9): Bad parameter to an ldap routine There is one other client that like server1 can search the dbase(s) on both servers (it too is a client of both servers). Any ideas at what to look for? thanks in advance John D. Borresen (Dave) Linux/Unix Systems Administrator MIT Lincoln Laboratory Surveillance Systems Group 244 Wood St Lexington, MA 02420 Ph: (781) 981-1609 Email: [email protected]<mailto:[email protected]>
