> ldap_connect_to_host: Trying 127.0.0.1:389
> ldap_pvt_connect: fd: 3 tm: -1 async: 0
> ldap_close_socket: 3
> ldap_err2string
> ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)
>
It appears that when admin server TLS change takes effect but when the instance
TLS wasn't in effect, then admin server cannot reconnect to instance directory
server. I don't know how to fix that. Please help. Note this is 389 directory
server 1.2.2 and 389 console 1.1.7. They are recent versions running on CentOS
First problem to solve is why you can't contact the ldap server here.
Check that the dirsrv processes are starting:
sudo service status dirsrv
sudo service restart dirsrv
If they are starting, you can see them with ps:
ps aux | grep ns-slapd
If there are no processes, you have other issues.
Regardless, if the process is there, check it has listening sockets:
ss -tlnp | grep slapd
If the process is failing to start, check the error log:
tail -n 50 /var/log/dirsrv/slapd-<instance name>/errors
I think that you should check the error log anyway, as it may reveal something
else about the environment.
Once you have the server starting again, then it is time to look at why the admin
system cannot connect correctly to it.
I hope that this helps guide you to solve the problem,
--
Sincerely,
William Brown
Software Engineer
Red Hat, Brisbane
No comments:
Post a Comment