Reputation: 4348
openldap fails to bind ldaps://127.0.0.1:636
Here is my testcase :
[[email protected] ~$]slapd -d 1 -h ldaps://127.0.0.1:636
@(#) $OpenLDAP: slapd 2.4.23 (Apr 29 2013 07:47:08) $
[email protected]:/builddir/build/BUILD/openldap-2.4.23/openldap-2.4.23/build-servers/servers/slapd
ldap_pvt_gethostbyname_a: host=centos-6.3, r=0
daemon_init: listen on ldaps://127.0.0.1:636
daemon_init: 1 listeners to open...
ldap_url_parse_ext(ldaps://127.0.0.1:636)
daemon: bind(7) failed errno=98 (Address already in use)
slap_open_listener: failed on ldaps://127.0.0.1:636
slapd stopped.
connections_destroy: nothing to destroy.
But if I change another port , such as 6361, it works.
My environment:
OS: centos 6.4 x86_64
OpenLDAP: 2.4.23 installed by yum
Any suggestion?
Upvotes: 0
Views: 8590
Answers (2)
Reputation: 546
Old post, but still ...
This error is also displayed when SELinux prevents slapd from starting. Personally I experienced this after manually copying data (/var/lib/ldap/) from another server, to this one. I had to restore the imported files to default SELinux security contexts:
restorecon -R /var/lib/ldap
And I see this doesn't apply to you, but this might also happen if you're attempting to bind slapd to a port out of the ordinary. Default on CentOS7, these are the allowed ports:
#semanage port -l | grep ldap
ldap_port_t tcp 389, 636, 3268, 7389
ldap_port_t udp 389, 636
Adding another one to the legal port range, could be done with semanage. (You might need to install the package policycoreutils-python.):
semanage port -a -t ldap_port_t -p tcp 10389
... if you wish to allow slapd to bind on TCP port 10389 in addition to the four listed above. After this, the previous result would look like:
# semanage port -l | grep ldap
ldap_port_t tcp 10389, 389, 636, 3268, 7389
ldap_port_t udp 389, 636
Upvotes: 1
Reputation: 5129
it seems that another service is already running on port 636:
daemon: bind(7) failed errno=98 (Address already in use)
you can try the following command to identify this service:
netstat -tulpn | grep ':636 ' | grep 'LISTEN'
Upvotes: 1
Related Questions
- Enter LDAP Password keeps saying ldap_bind: Invalid credentials (49)
- Failed to start OpenLDAP Server Daemon
- ldap_add: Insufficient access (50)
- Configure openldap CentOS 6.5 PHP --with-ldap failing
- Using php-ldap in Centos 6.3
- LDAP- Error opening connection : xx.xx.xx.xx:389
- ldap_bind() fails with "Can't contact LDAP server"
- ldap_bind() - Can't contact LDAP server
- ldap_bind: Invalid credentials (49) again
- OpenLdap (Centos 5.9): Invalid credentials (49)