Results 1 to 4 of 4

Thread: [SOLVED] LDAP and two interfaces

  1. #1
    troublemaker's Avatar
    troublemaker is offline Senior Member
    Join Date
    Feb 2009
    Location
    RUSSIA, Far East, Birobidzhan
    Posts
    52
    Rep Power
    6

    Question [SOLVED] LDAP and two interfaces

    Hello!

    6.0.8_GA_2661.FOSS

    The first install was made about 2 yrs ago with 5.x version. Consequent upgrades led to 6.0.8. All works fine, but now the server got a second interface and LDAP refuses to listen it:

    first interface:
    Code:
    nmap 172.28.78.22
    
    Interesting ports on ubuntu-1.eao.drsk.ru (172.28.78.22):
    PORT      STATE SERVICE
    ...
    143/tcp   open  imap
    389/tcp   open  ldap
    443/tcp   open  https
    ...
    second interface (really - second NIC)
    Code:
    nmap 172.21.122.222
    
    Interesting ports on ubuntu-1.eao.drsk.ru (172.21.122.222):
    PORT      STATE SERVICE
    ...
    143/tcp   open  imap
    443/tcp   open  https
    ...
    As can be seen, no port 389 on second interface. I'm the administrator of that server and have all privileges. It is also visible that DNS have two records for that server:

    Code:
    $ host ubuntu-1.eao.drsk.ru
    ubuntu-1.eao.drsk.ru has address 172.21.122.222
    ubuntu-1.eao.drsk.ru has address 172.28.78.22
    $ host 172.21.122.222
    222.122.21.172.in-addr.arpa domain name pointer ubuntu-1.eao.drsk.ru.
    $ host 172.28.78.22
    22.78.28.172.in-addr.arpa domain name pointer ubuntu-1.eao.drsk.ru.
    How to make SLAPD to listen both interfaces or any interface? Would ~/openldap/var/run/slapd.args correction be sufficient?
    Now it states:

    /opt/zimbra/openldap/sbin/slapd -l LOCAL0 -4 -u zimbra -h ldap://ubuntu-1.eao.drsk.ru:389 ldapi:/// -F /opt/zimbra/data/ldap/config

    Is it "orthodoxal" to change the file to:

    /opt/zimbra/openldap/sbin/slapd -l LOCAL0 -4 -u zimbra -h ldap://:389 ldapi:/// -F /opt/zimbra/data/ldap/config

    or to:

    /opt/zimbra/openldap/sbin/slapd -l LOCAL0 -4 -u zimbra -h ldap://172.28.78.22:389 -h ldap://172.21.122.222:389 ldapi:/// -F /opt/zimbra/data/ldap/config

    Or I must do something else than tweak slapd.args?
    I found no way to configure slapd via admin console.
    Regards,
    Sergei from Siberia

    The word "traitor" is the antonym to the word "patriot".

  2. #2
    odeleon is offline Advanced Member
    Join Date
    Sep 2009
    Location
    Spain
    Posts
    233
    Rep Power
    5

    Default

    have you restarted Zimbra after creating that new interface? From what I've seen, ZCS services won't bind to interfaces (or rather, addresses) that weren't there when the services started and, AFAIK, the default setting does not bind them to one specific address so that should fix this for you.

  3. #3
    troublemaker's Avatar
    troublemaker is offline Senior Member
    Join Date
    Feb 2009
    Location
    RUSSIA, Far East, Birobidzhan
    Posts
    52
    Rep Power
    6

    Default

    Quote Originally Posted by odeleon View Post
    have you restarted Zimbra after creating that new interface?
    Of course!
    And the posted above contents of slapd.args was taken after restart.
    More, that second interface existed before it was added to DNS, but services weren't bound to it.

    Another suggestions?
    Regards,
    Sergei from Siberia

    The word "traitor" is the antonym to the word "patriot".

  4. #4
    troublemaker's Avatar
    troublemaker is offline Senior Member
    Join Date
    Feb 2009
    Location
    RUSSIA, Far East, Birobidzhan
    Posts
    52
    Rep Power
    6

    Default

    It looks like something was wrong with routing. Cleaned the routes, restarted ZCS again and voila!
    Solved.
    Regards,
    Sergei from Siberia

    The word "traitor" is the antonym to the word "patriot".

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •