Norman, did you try to provide a hostname in the URI?
ldapsearch -x -H 'ldap://<HOST>/dc=example,dc=net' '(cn=foo)' instead of ldapsearch -x -H 'ldap:///dc=example,dc=net' '(cn=foo)' ? Regards, Uwe Am 20.02.23 um 14:19 schrieb Norman Gray: > > Ede, hello. > > On 20 Feb 2023, at 12:49, Ede Wolf wrote: > >> Just guessing by the error message, but your DNS Server does have a valid >> service record for that Base DN? As the error message suggests otherwise, >> but I may as well be completely off here. > > A good thought -- thanks -- but yes, the SRV records are set up correctly, > and I can make the query if the ',' in the dc= list are escaped (even though > RFC 2396 doesn't require that). > >> Otherwise, but I am sure you know that, with only two "/" you can alway use >> the hostname, in case the DNS serive record is missing: >> >> ldapsearch -H ldap://server.example.net -b dc=example,dc=net" 'cn=foo' > > Indeed, and that's what I do most of the time. In fact, this is a case where > a sequence of host+port LDAP URIs is useful. > > Best wishes, > > Norman > >
