On Sun, 19 Feb 2012, Yaniv Kaul wrote:
I'd try with wireshark to capture ports 88, 53 and 389 (something like '-s 1500 -w /tmp/file.pcap port 53 or port 88 or port 389' if you are using tcpdump).
http://share.robotics.net/ldap.pcap
Then check that indeed the responses from DNS correlate well with what we are trying to connect to.
Yep, its hitting the LDAP server, just not getting what it wants back. Is it possible that it does not like the "<ROOT>" and that it should be ""? I.E. If I do: [root@ovirt-engine ~]# ldapsearch -H ldap://10.10.0.105 -x -s base -b "" + # extended LDIF # # LDAPv3 # base <> with scope baseObject # filter: (objectclass=*) # requesting: + # # dn: structuralObjectClass: OpenLDAProotDSE configContext: cn=config namingContexts: dc=blinkmind,dc=net supportedControl: 1.3.6.1.4.1.4203.1.9.1.1 supportedControl: 2.16.840.1.113730.3.4.18 supportedControl: 2.16.840.1.113730.3.4.2 supportedControl: 1.3.6.1.4.1.4203.1.10.1 supportedControl: 1.2.840.113556.1.4.319 supportedControl: 1.2.826.0.1.3344810.2.3 supportedControl: 1.3.6.1.1.13.2 supportedControl: 1.3.6.1.1.13.1 supportedControl: 1.3.6.1.1.12 supportedExtension: 1.3.6.1.4.1.4203.1.11.1 supportedExtension: 1.3.6.1.4.1.4203.1.11.3 supportedExtension: 1.3.6.1.1.8 supportedFeatures: 1.3.6.1.1.14 supportedFeatures: 1.3.6.1.4.1.4203.1.5.1 supportedFeatures: 1.3.6.1.4.1.4203.1.5.2 supportedFeatures: 1.3.6.1.4.1.4203.1.5.3 supportedFeatures: 1.3.6.1.4.1.4203.1.5.4 supportedFeatures: 1.3.6.1.4.1.4203.1.5.5 supportedLDAPVersion: 3 entryDN: subschemaSubentry: cn=Subschema # search result search: 2 result: 0 Success # numResponses: 2 # numEntries: 1 But if I do: [root@ovirt-engine ~]# ldapsearch -H ldap://10.10.0.105 -x -s base -b "<ROOT>" + # extended LDIF # # LDAPv3 # base <<ROOT>> with scope baseObject # filter: (objectclass=*) # requesting: + # # search result search: 2 result: 34 Invalid DN syntax text: invalid DN # numResponses: 1
(BTW, there was a regression in the code not so long ago in that area - are you using latest code?).
3.0.0_0001-1.6.fc16
<> Nathan Stratton CTO, BlinkMind, Inc. nathan at robotics.net nathan at blinkmind.com http://www.robotics.net http://www.blinkmind.com