Hi, I am mailing this after a good amount of different searches on different errorlogs in this forums.
My Server environment : OS RHEL4 OpenLDAP 2.2.13-4 Java clients from Windows machine. I run the /usr/local/libexec/slapd -d 5 & (this is bcos i have compiled the software). I am able to do a ldapsearch easily and successfully on the server-host using ldapsearch. When I try to connect from a client named "ldapbrowser" I am unable to see the ldap db. When I "bind anonymously" to my server from an external machine "(windows based) I am able to list the db contents. The same ldapbrowser is listing the contents of active directory (seperate windows 2000 server machine) with a proper authentication as a normal user. I am able to login to a linux client machine using this serverconfig , ofcourse without home directory , cos I have not listed the autofs in my ldap config I am not running saslauthd, ncsd etc. Does LDAP server depend on saslauthd. If I want to run ldap without sasl what shud be my config? I am sure that this is not a problem with Operating system, cos my ldapbrowser software lists the contents of ldapserver if I connect anonymously ie "anonymous bind" slapd.conf : (I have trimmed unused and commented sections) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ # # See slapd.conf(5) for details on configuration options. # This file should NOT be world readable. # include /usr/local/etc/openldap/schema/*.schema include /usr/local/etc/openldap/slapd.access.conf # Define global ACLs to disable default read access. # Do not enable referrals until AFTER you have a working directory # service AND an understanding of referrals. #referral ldap://root.openldap.org pidfile /usr/local/var/run/slapd.pid argsfile /usr/local/var/run/slapd.args ####################################################################### # ldbm database definitions ####################################################################### defaultsearchbase "dc=sanofiinternal,dc=com" database bdb suffix "dc=sanofiinternal,dc=com" rootdn "cn=sanofildapmanager,dc=ldapserver,dc=sanofiinternal,dc=com" # Cleartext passwords, especially for the rootdn, should # be avoid. See slappasswd(8) and slapd.conf(5) for details. # Use of strong authentication encouraged. rootpw secret # The database directory MUST exist prior to running slapd AND # should only be accessible by the slapd and slap tools. # Mode 700 recommended. directory /usr/local/var/openldap-data # Indices to maintain index objectClass eq ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ error message when querrying the server from a ldapbrowser: ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ldap_pvt_gethostbyname_a: host=ldapserver.sanofiinternal.com, r=0 connection_get(10) connection_get(10): got connid=0 connection_read(10): checking for input on id=0 ber_get_next ber_get_next: tag 0x30 len 29 contents: ber_get_next ber_get_next on fd 10 failed errno=11 (Resource temporarily unavailable) do_bind ber_scanf fmt ({imt) ber: ber_scanf fmt (m}) ber: >>> dnPrettyNormal: <sanofiuser5> => ldap_bv2dn(sanofiuser5,0) <= ldap_bv2dn(sanofiuser5,0)=-4 bind: invalid dn (sanofiuser5) send_ldap_result: conn=0 op=0 p=3 send_ldap_result: err=34 matched="" text="invalid DN" send_ldap_response: msgid=1 tag=97 err=34 ber_flush: 24 bytes to sd 10 connection_get(10) connection_get(10): got connid=0 connection_read(10): checking for input on id=0 ber_get_next ber_get_next on fd 10 failed errno=0 (Success) connection_read(10): input error=-2 id=0, closing. connection_closing: readying conn=0 sd=10 for close connection_close: conn=0 sd=10 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ slapd.access.conf ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ access to dn.regex=".*,dc=sanofiinternal,dc=com$" attrs=userPassword by dn="cn=root,dc=sanofi,dc=com$" write by self write by * auth access to dn.regex=".*,dc=sanofiinternal,dc=com$" attrs=mail by dn="cn=root,dc=sanofi,dc=com$" write by self write by * read access to dn.regex=".*,ou=users,dc=sanofiinternal,dc=com$" by * read access to dn.regex=".*,dc=sanofiinternal,dc=com$" by self write by * read ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Thankyou Mahen
