Stephen Agar wrote:
> That was my thought as well, so what configuration(s) should I
> check/change to ensure that it connects to port 636 as it's supposed to?
> my urls for referrals are both: ldaps://other.server:636/dc=blah,dc=blah
> my replication agreements both have this:
> supplier: this.server:636
> consumer: this.server:389
> in the connection tab i have these selected:
> - use tls/ssl (tls/ssl encryption with ldaps)
> - simple authentication
> the documentation states that the consumer will always show port 389
> there..but why?
Where does the documentation say that? I believe the documentation says
that the supplier will always show 389, but the consumer should show the
actual port it is connecting to.
> On Wed, Jun 2, 2010 at 3:59 PM, Rich Megginson <firstname.lastname@example.org
> <mailto:email@example.com>> wrote:
> Stephen Agar wrote:
> I have 2 389 servers that I want to configure in a Multi
> Master setup(I tried mmr.pl <http://mmr.pl> <http://mmr.pl>,
> but had to make modifications to allow it to connect via
> LDAPS, so thought that may be my issue, results below are from
> scratch following the detailed howto from 389 and redhat). I
> have port 389 totally disabled on my two servers.
> I have configured them as such:
> - server A: SSL, Multi Master Replica, agreement serverb -
> supplier=servera:636, consumer:servera:389
> - server B: SSL, Multi Master Replica, agreement servera -
> supplier=serverb:636, consumer:serverb:389
> My errors logs tell me:
> [02/Jun/2010:11:51:23 -0500] slapi_ldap_bind - Error: could
> not send bind reques
> t for id [cn=repman,cn=config] mech [SIMPLE]: error 91 (Can't
> connect to the LDA
> P server) -5961 (TCP connection reset by peer.) 115 (Operation
> now in progress)
> Doing a packet capture on the loopback interface, I see it
> trying to connect to itself on port 389. So I try enabling
> port 389 and get:
> [02/Jun/2010:13:00:42 -0500] slapi_ldap_bind - Error: could
> not send bind request for id [cn=repman,cn=config] mech
> [SIMPLE]: error 81 (Can't contact LDAP server) -5938
> (Encountered end of file.) 11 (Resource temporarily unavailable)
> Is the server trying to do starttls via port 389 instead of
> LDAPS via port 636? I'm stuck and looking for any advice.
> Looks like it is attempting to use LDAPS to port 389.
389 users mailing list