Unable to access the back-end LDAP server

By: Stephen LAI user 02 Mar 2017 at 4:08 a.m. CST

7 Responses
Stephen LAI gravatar
According to the documentation web page (https://gluu.org/docs/ce/authn-guide/google/), I should be able to access the back-end LDAP server with the following command. /opt/symas/bin/ldapsearch -h localhost -p 1636 -D "cn=directory manager,o=gluu" -w "my_password" -b "ou=appliances,o=gluu" -s one "objectclass=*" inum **I have corrected two typos in the web page. The host has been changed from "locahost" to "localhost". And, the port has been changed from "1389" to "1636". Moreover, I have double confirmed that the password is correct. Furthermore, if I test the LDAP connection in the Gluu server, it returns a successful response.** However, I just get the error message "Can't contact LDAP server (-1)" from the above mentioned "ldapsearch" command. Please advise.
U1404
closed

Answers

By Mohib Zico Account Admin 02 Mar 2017 at 4:28 a.m. CST

Copy
Mohib Zico gravatar
>> According to the documentation web page (https://gluu.org/docs/ce/authn-guide/google/), This is External Authentication doc. >> I should be able to access the back-end LDAP server with the following command. This is different issue than Google+ AuthN you mentioned.

By Mohib Zico Account Admin 02 Mar 2017 at 4:30 a.m. CST

Copy
Mohib Zico gravatar
>> /opt/symas/bin/ldapsearch -h localhost -p 1636 -D "cn=directory manager,o=gluu" -w "my_password" -b "ou=appliances,o=gluu" -s one "objectclass=*" inum Please add -Z -X parameters as 1636 is SSL port. Let's see how it goes.

By Mohib Zico Account Admin 02 Mar 2017 at 10:27 p.m. CST

Copy
Mohib Zico gravatar
Sorry... I missed something. You were using ldapsearch binary of symas. We can't use -h -p for openldap ldapsearch. Instead we can use this (/tmp/.dspw has my password in below command): ``` ldap@ce-dev2:~$ /opt/opendj/bin/ldapsearch -h localhost -p 1636 -Z -X -D "cn=directory manager,o=gluu" -j /tmp/.dspw -b 'ou=appliances,o=gluu' -s one 'objectclass=*' inum dn: inum=@!82A2.89A8.FE0E.90DE!0002!63A5.8790,ou=appliances,o=gluu inum: @!82A2.89A8.FE0E.90DE!0002!63A5.8790 ldap@ce-dev2:~$ ```

By Stephen LAI user 08 Mar 2017 at 7:31 p.m. CST

Copy
Stephen LAI gravatar
Thanks for the reply by Mohib. I am currently on leave. I shall have a try when I am back to the office.

By Stephen LAI user 13 Mar 2017 at 10:39 p.m. CDT

Copy
Stephen LAI gravatar
Thanks for reply from Mohib at 12:27pm on 3 Mar 2017. You mentioned that -h and -p cannot be used. However, they do exist in your reply (/opt/opendj/bin/ldapsearch **-h** localhost **-p** 1636 -Z -X -D "cn=directory manager,o=gluu" -j /tmp/.dspw -b 'ou=appliances,o=gluu' -s one 'objectclass=*' inum). Please comment.

By Mohib Zico Account Admin 13 Mar 2017 at 11:45 p.m. CDT

Copy
Mohib Zico gravatar
For openldap, -z -x are not allowed. In second command I took the benefit of using opendj commands.

By Stephen LAI user 14 Mar 2017 at 12:57 a.m. CDT

Copy
Stephen LAI gravatar
Noted with thanks

Post an answer